Overview

URL kroha.kh.ua/system/logs/xt.exe
IP5.39.10.93
ASNAS16276 OVH SAS
Location France
Report completed2019-06-02 19:04:59 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-06-02 2 kroha.kh.ua/system/logs/xt.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 5.39.10.93

Date UQ / IDS / BL URL IP
2019-06-09 07:02:16 +0200
0 - 0 - 1 tmx-learning.ru/wp-includes 5.39.10.93
2019-06-02 13:42:01 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 11:44:22 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-25 17:25:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-24 14:22:16 +0200
0 - 0 - 1 showbiz.ua/tmp-cg/tikita/yahoo/ee27fe710cee5f (...) 5.39.10.93
2019-05-06 15:17:22 +0200
0 - 1 - 0 agent-parfumer.com.ua/ 5.39.10.93
2019-05-06 02:04:36 +0200
0 - 0 - 1 showbiz.ua/tutu01/index.php 5.39.10.93
2019-05-03 20:08:06 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-01 22:31:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-22 18:43:34 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93

Last 10 reports on ASN: AS16276 OVH SAS

Date UQ / IDS / BL URL IP
2019-07-01 07:47:12 +0200
0 - 0 - 0 https://www.munplanet.com/articles/arlo-camer (...) 158.69.39.233
2019-07-01 04:15:44 +0200
0 - 3 - 0 www.asind.ae/wp-content/uploads/2019/seconder (...) 5.39.72.197
2019-07-01 03:56:20 +0200
0 - 0 - 0 webcamsteen.com/16y4[CUSTOM_AFF 192.99.67.89
2019-07-01 02:43:31 +0200
0 - 0 - 0 167.114.144.169/Android/ 167.114.144.169
2019-06-30 21:34:01 +0200
0 - 0 - 0 streams.tvxweb.org 158.69.54.221
2019-06-30 21:30:47 +0200
0 - 0 - 0 source.magikserv.com 37.187.171.206
2019-06-30 20:09:51 +0200
0 - 0 - 0 www.kweeper.com/popcorn2kg/sentence/6382508 91.121.242.21
2019-06-30 18:49:10 +0200
0 - 0 - 0 www.ovh.com 198.27.92.1
2019-06-30 18:18:47 +0200
0 - 0 - 0 liczniki.org/hit.php?l=alltube&o=1 94.23.92.123
2019-06-30 18:11:40 +0200
0 - 0 - 0 hardrock.blogdns.org/ 91.121.69.126

Last 10 reports on domain: kroha.kh.ua

Date UQ / IDS / BL URL IP
2019-06-02 13:42:01 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 11:44:22 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-25 17:25:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-03 20:08:06 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-01 22:31:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-22 18:43:34 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-17 15:52:08 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-12 18:43:19 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-02 19:01:45 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-03-22 19:23:04 +0100
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93


JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            GET /system/logs/xt.exe HTTP/1.1 
Host: kroha.kh.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.39.10.93
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx/1.12.2
Date: Sun, 02 Jun 2019 17:04:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://babykroha.ua/system/logs/xt.exe


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "88116C6428592972E38BCE8263DC73486907250C3BDDE96A339BF6E56E5FDD53"
Last-Modified: Fri, 31 May 2019 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43170
Expires: Mon, 03 Jun 2019 05:03:57 GMT
Date: Sun, 02 Jun 2019 17:04:27 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    16f3065613f9cc8bace444361510fa41
Sha1:   d16dafbbe0c3f6ad0d6dd3883bbd415cef7e7fe3
Sha256: 88116c6428592972e38bce8263dc73486907250c3bdde96a339bf6e56e5fdd53
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.26
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Content-Transfer-Encoding: Binary
Last-Modified: Sun, 02 Jun 2019 08:48:01 GMT
Etag: "826f335c093ebe8dee4f1efac0be84c473509e78"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=29534
Expires: Mon, 03 Jun 2019 01:16:41 GMT
Date: Sun, 02 Jun 2019 17:04:27 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    649b78ab3d473e58ac1c7650029e43e6
Sha1:   826f335c093ebe8dee4f1efac0be84c473509e78
Sha256: a12b7088cb28d424e4d7e5272873cee1dd8f03f16a18eebd83eaf629cf596c5e
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   122006
Md5:    e476af4fcab372fcfc54c44636d9302c
Sha1:   75a2d8c27f94708984a4db362e12bf794ea3fa9a
Sha256: 8f1d06ce372848ee9b9098a0f94afeaa0e5d2fd985fd165358bd537636704dbf
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    5be872b3fe0bb6f31385f91f811e9586
Sha1:   1192231bcb9ee73e9f619d433cdb66dddd9ae7f7
Sha256: db0ad6191770bff9043482b68acf62a4e25d4390a03274cfbe413675dd8c9cf5
                                        
                                            GET /gtag/js?id=UA-128206001-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         216.58.207.200
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Access-Control-Allow-Origin: http://www.googletagmanager.com
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 02 Jun 2019 17:04:28 GMT
Expires: Sun, 02 Jun 2019 17:04:28 GMT
Cache-Control: private, max-age=900
Last-Modified: Thu, 30 May 2019 16:41:01 GMT
Server: Google Tag Manager (scaffolding)
X-XSS-Protection: 0
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26075
Md5:    df132151dab3cbed67236c2d16197193
Sha1:   a4771232049e3cfebe88a1cfc5e3b701d31179b0
Sha256: 93d931bedebcc35ead702b2c191746cd9736a919ed6bec4afbdb256a3673da6e
                                        
                                            GET /Media/assets/favicons/favicon-16x16.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Dec 2018 13:02:14 GMT
Etag: "4b6-57cd2ce9b1c5b"
Accept-Ranges: bytes
Content-Length: 1206
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   1206
Md5:    5ef32b417050bead34de1ec3552e69c3
Sha1:   74ffb6fc48190f88011d8e0e7418bbaebe7a188a
Sha256: 82b28825e1aef7c9bd0fa16d2bd56f68d553e3113e28ed739e244967d2c6d469
                                        
                                            GET /Media/assets/css/editor.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "c8f-57868f7e3371e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 1017
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1017
Md5:    3d78d96d2b060445ebe1b76f1cd86828
Sha1:   6ead70f82aae74e6b8946ca8e6d6294390d560e5
Sha256: 812808de27037852cda6b078db577e74f1b7af6de27e16f73408fdeece152c50
                                        
                                            GET /Media/assets/css/helpers.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "1180d-57868f7e3371e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 8570
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8570
Md5:    fc8885590c0b639807801d857e3b9128
Sha1:   2ec12f9d7119108e57e55d2059e7f380bfcdb17e
Sha256: 6183d5db89a099e2da6b2c35d500802110b105af43bdf63a3619ad80326a3926
                                        
                                            GET /Media/assets/css/style.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 21 Dec 2018 12:54:20 GMT
Etag: "1ef29-57d87beebf554-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 18806
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18806
Md5:    2f6c0704012632b62e80ac961a5be8f0
Sha1:   81c84c4bcc8e0cb77dd8ea7db05d4c1fd9c5b79a
Sha256: 8dfe9decf09179067b9a8475c62c0bad044044d5fda14b4f372c3f0e86ae9a07
                                        
                                            GET /Media/assets/css/vendors.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "24287-57868f7e3a47d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 17749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17749
Md5:    15288777a646fada78b68a7f39cf28f6
Sha1:   1074c8f5a3ceed073daf003948b3a90e4a363dd9
Sha256: f57784fd825af302d206fc978dacdc44805e147b4f2f8d414f6e67239790d766
                                        
                                            GET /Media/assets/js/static/wezom-old.min.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "270f-57868f7e634bd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 3753
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3753
Md5:    c103288ebb23846348ed303868f61ea8
Sha1:   42708dbd14c0fda14853595c79f2eb1a9f65835a
Sha256: 57c49a6204e979d08d0fb9c5eb0c698a56bb0d629907dbd4189ddf99f8b1a63c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sun, 02 Jun 2019 15:40:50 GMT
Expires: Sun, 02 Jun 2019 17:40:50 GMT
Last-Modified: Tue, 21 May 2019 23:53:44 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17595
Cache-Control: public, max-age=7200
Age: 5018
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17595
Md5:    585dd98ad9bada516652979df577ade8
Sha1:   b81e0ee5e2648994c7c92e4becb6a8420113e462
Sha256: e88dfebceadff72fc5bb3ab4a4dfa71d835acbb4d183091d66e72e762fb306d5
                                        
                                            GET /Media/assets/css/static/pic/wezom-info-red.gif HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "11d-57868f7e394de"
Accept-Ranges: bytes
Content-Length: 285
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 87a, 50 x 18
Size:   285
Md5:    2dfb0e4ee208270ad5521719b18c5f36
Sha1:   794f67a3ecf343b7004ca75baaeccfa721c45f91
Sha256: 9769656f5e3eaca90c1c6958562a639dff2e440fad2ae43449c64afb13c14840
                                        
                                            GET /Media/js/translations/ru.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:06:41 GMT
Etag: "14a9-57868fd0de695-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 1564
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1564
Md5:    74b6492bc45e1e5ac860334f389f9555
Sha1:   4570d859349762bcffbb7dbc48ad2a627226c60c
Sha256: 8c9e1f6851a68333dc94cfba6a293d2771bdeee6fea2d72d565742b82c02ae52
                                        
                                            GET /r/collect?v=1&_v=j76&a=889929488&t=pageview&_s=1&dl=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe&ul=en-us&de=UTF-8&dt=%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404!%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAUQ~&jid=1142859919&gjid=908208538&cid=1409825382.1559495069&tid=UA-128206001-1&_gid=1546662090.1559495069&_r=1&gtm=2ou5m0&z=331238294 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sun, 02 Jun 2019 17:04:29 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:29 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    cb2ed2c2e34117c458a80e1d89a0c56b
Sha1:   409f55326780f3501e844d5c910f0e15ee356a7f
Sha256: eae59276ae16fb45305b08fbea6880905924cffbfdcf19263831d8a76f2e6cf6
                                        
                                            GET /Media/assets/js/modernizr.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6; _ga=GA1.2.1409825382.1559495069; _gid=GA1.2.1546662090.1559495069; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 17:04:29 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "1798-57868f7e6251d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 2600
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2600
Md5:    8da2167b3cbc4bc748d5290857f89c54
Sha1:   080d2576c9d431dc6c096a2e7fa87016abb6f604
Sha256: 10377a56a197f4dea29022339657d1ad0ae588b19930192d664f113bdb26c092
                                        
                                            GET /maps/api/js?key=AIzaSyDL6xIhFeOJeE9nXsObhPKfD1wRV4xFknE HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Sun, 02 Jun 2019 17:04:29 GMT
Expires: Sun, 02 Jun 2019 17:34:29 GMT
Cache-Control: public, max-age=1800
Vary: Accept-Language
Content-Encoding: gzip
Server: mafe
Content-Length: 33421
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=16
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   33421
Md5:    dfaf22668dc5e03abe679c1675ea0e95
Sha1:   6d8b07d56b3a1dda067fde0e998e4ee2d97ad29a
Sha256: 4624a15fc19d500c6d413a01535eaadd07669d8dde1d1f0b514e3d79d0975ff6
                                        
                                            GET /Media/assets/css/static/fonts/b64-woff.css?v=1523945764591 HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 17:04:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "eb88d-57868f7e365fe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   727398
Md5:    51ce94d8d0b4695014032fe4990555a6
Sha1:   f9951448a6edf388275e4a498b27dfa3ef17d3b6
Sha256: c6b163f46f68d83a24e286272c26df273e6a590ab2881125db300060cf0146db
                                        
                                            GET /Media/assets/js/vendors.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6; _ga=GA1.2.1409825382.1559495069; _gid=GA1.2.1546662090.1559495069; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 17:04:29 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 03 Dec 2018 11:24:22 GMT
Etag: "606d3-57c1c64074b82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   114633
Md5:    9d350763c168a7874d25147ed3d295e4
Sha1:   f7ec6c0d386d1b21b49118153b5325f1c1fff74a
Sha256: 50d6c93310a7045c6f926903f0ad3350b5fde89f5c1437833cc04a80a95ae8e8
                                        
                                            GET /Media/js/programmer/ulogin.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6; _ga=GA1.2.1409825382.1559495069; _gid=GA1.2.1546662090.1559495069; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:06:41 GMT
Etag: "ab19-57868fd0de695-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 13845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13845
Md5:    851a71202755f04b83b5f8dd1bed6fb4
Sha1:   62bb56397826a3e8aa60f179f7e319742074f774
Sha256: 351b444524542e90ff65e17af5a1d9964964f6e1d3a918f8b198c774f0535107
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "F0C54530CC050213B92732677EFE637FEFC0500C7D3C7CACF8E35AA712EE863C"
Last-Modified: Sat, 01 Jun 2019 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Sun, 02 Jun 2019 17:54:49 GMT
Date: Sun, 02 Jun 2019 17:04:30 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    3a43c040e897f162c50df21226566441
Sha1:   699f078ec021aa8cf82291dc143def72d380856d
Sha256: f0c54530cc050213b92732677efe637fefc0500c7d3c7cacf8e35aa712ee863c
                                        
                                            GET /Media/assets/js/initialize.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6; _ga=GA1.2.1409825382.1559495069; _gid=GA1.2.1546662090.1559495069; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 21 Dec 2018 11:55:11 GMT
Etag: "e61c-57d86eb576263-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 15845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15845
Md5:    e4016f7385b6c86dc07fdf11c7e8a668
Sha1:   9e2635c901ba89688ff84f58e9caa51161477ac0
Sha256: 30ea09c1da2cb52e11146ae90a4cf37d19c20e0e02ca8900da41fa819ad2063d
                                        
                                            GET /match?rand=59340&u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe&r= HTTP/1.1 
Host: ulogin.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         95.163.118.168
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Jun 2019 17:04:31 GMT
Content-Length: 161
Connection: keep-alive
Location: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe


--- Additional Info ---
Magic:  HTML document text
Size:   161
Md5:    3161da3959fb6c146a46cd60054ef55e
Sha1:   341f6879a767b3e5453f2d060d75e11b918838f4
Sha256: 47b641956fcdb7e3361feca67da6511e3d5a7ac0d0f4ac2afec43e650de15b84
                                        
                                            GET /uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe HTTP/1.1 
Host: ulogin.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         95.163.118.168
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Jun 2019 17:04:31 GMT
Content-Length: 199
Connection: keep-alive
Expires: Sun, 02 Jun 2019 17:04:30 GMT
Cache-Control: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Last-Modified: Sun, 02 Jun 2019 17:04:30 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   199
Md5:    57d20d8b8f3f11660cd95a83aeb8f483
Sha1:   9878a41ecfb55138f893eb9501af045d77316151
Sha256: 88c0bb39fe16adfe147431b6d6d2915696571afe588f5250c6800df58b41a73c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Accept-Ranges: bytes
Last-Modified: Fri, 31 May 2019 18:32:05 GMT
Server: Apache
Etag: 53E1E939763FA4B5CBD531CD4C7DE8EB5926C1BF
Cache-Control: max-age=331199,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp6
X-HW: 1559495070.cds046.sk1.h2,1559495070.cds047.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0e5a5d6653853d23741ff72299b76a3c
Sha1:   53e1e939763fa4b5cbd531cd4c7de8eb5926c1bf
Sha256: 8053d53ea8c43f6dfd0a2d4073f663ca433aa03d0f2d5f2390f9a36c4bbee366
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 27 May 2019 00:14:19 GMT
Server: Apache
Etag: BAE9340389DE40AC4CF22A44984587E4E8D874D8
Cache-Control: max-age=302399,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp16
X-HW: 1559495070.cds055.sk1.h2,1559495070.cds047.sk1.c
Connection: keep-alive
Content-Length: 727


--- Additional Info ---
Magic:  data
Size:   727
Md5:    368085adeab3a7ed41f21d89b9a87241
Sha1:   bae9340389de40ac4cf22a44984587e4e8d874d8
Sha256: bed93cb6a254438fc9908965241cd13a75ef508c9162f4e6db5bfce4198b50ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 27 May 2019 00:14:19 GMT
Server: Apache
Etag: 46C8E53EC2DBBE63DF30F1C07EA33091E903516F
Cache-Control: max-age=302399,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp10
X-HW: 1559495070.cds055.sk1.h2,1559495070.cds046.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    76f692ad94d981d0bdf9fd9421a46c53
Sha1:   46c8e53ec2dbbe63df30f1c07ea33091e903516f
Sha256: 2757bf6c954cfa17aaf8f2cf81babe224a17f101ede4ad10abbbd80245658b42
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155143
Date: Sun, 02 Jun 2019 17:04:30 GMT
Etag: "5cf3ba5e-1d7"
Expires: Tue, 04 Jun 2019 12:10:13 GMT
Last-Modified: Sun, 02 Jun 2019 12:00:30 GMT
Server: ECS (ams/D04F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    40e2c6aa45e60d52ce5f5c7872e5f808
Sha1:   7dcba45e403d488fc78f5f5b2f3846ae4a9a41f4
Sha256: be398d67161d2f4b21149b0739d0e1de917c6f23b87fa7c8e476b485ff933bd0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=91884
Date: Sun, 02 Jun 2019 17:04:30 GMT
Etag: "5cf2c1eb-1d7"
Expires: Mon, 03 Jun 2019 18:35:54 GMT
Last-Modified: Sat, 01 Jun 2019 18:20:27 GMT
Server: ECS (lcy/1D1F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c68f568e69816f5bbddff67c2a5b67a1
Sha1:   f629226b6d34093da0427f7e8adb3ae92e6b672b
Sha256: 23d7c575229c4b11ae76b6ace4ea65fe0489c03a93589a5890b375a5390ab8e9
                                        
                                            GET /0.gif?pid=5667740 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         94.130.112.156
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 02 Jun 2019 17:04:30 GMT
Content-Length: 0
Connection: keep-alive
Location: https://x01.aidata.io/0.gif?pid=5667740&bounce=1
Expires: Sun, 02 Jun 2019 17:04:29 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 02 Jun 2019 17:04:29 GMT
Set-Cookie: __upin=INch5ENCHDmt2cyGk6Kq3A;domain=.aidata.io;path=/;max-age=63072000 __upints=1559495070;domain=.aidata.io;path=/;max-age=63072000
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /0.gif?pid=5667740&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=INch5ENCHDmt2cyGk6Kq3A; __upints=1559495070

                                         
                                         94.130.112.156
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 02 Jun 2019 17:04:30 GMT
Content-Length: 0
Connection: keep-alive
Location: https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm
Set-Cookie: gl=1;path=/;expires=Sun, 9 Jun 2019 17:04:30 GMT;max-age=604800 __upin=INch5ENCHDmt2cyGk6Kq3A;domain=.aidata.io;path=/;max-age=63072000 __upints=1559495070;domain=.aidata.io;path=/;max-age=63072000
Expires: Sun, 02 Jun 2019 17:04:29 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 02 Jun 2019 17:04:29 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6ddaf547d497da9ee0ef208315fa0c85
Sha1:   b16ad15f8eaa65021df1694018a8d607358699fe
Sha256: b12bdf77a45b09571d3c6c967f829a7ff2065e942766497fc1f07819a88f4f00
                                        
                                            GET /widgets/v1/zp-sync?pid=1254153&uid=&url=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         95.163.114.204
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sun, 02 Jun 2019 17:04:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: utl_id2=10557092702; Expires=Tue, 01 Jun 2021 17:04:30 GMT; Path=/; Domain=.w.uptolike.com utl_dat="CIWpmcmxLRAAIIX649GxLSiF+uPRsS0wACzIfg3Zx8DJjlLAAZsP+o0="; Expires=Tue, 01 Jun 2021 17:04:30 GMT; Path=/; Domain=.w.uptolike.com
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            GET /pixel?google_nid=aidata_ddp&back=SYNC&google_cm HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         172.217.22.162
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm=&google_tc=
Date: Sun, 02 Jun 2019 17:04:30 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 297
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 02-Jun-2019 17:19:30 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   297
Md5:    baa6755b2a67e6d215dad8d3709d3453
Sha1:   19017d41841dfaaf8b2cc1916a831979ce03a902
Sha256: 23cc31c9da26db4771b467ff266e7b24becf25ffbbfebf8f21849291ee0b0e2e
                                        
                                            GET /pixel?google_nid=aidata_ddp&back=SYNC&google_cm=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: test_cookie=CheckForPermission

                                         
                                         172.217.22.162
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEIStbMV7gKAMdd6XYuriEos&google_cver=1
Date: Sun, 02 Jun 2019 17:04:30 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 310
X-XSS-Protection: 0
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUm7cc432vvrjxGpt55Zjn3RsMPj9j_DVJzd8nZajqP5vhd6jcVR4VRV2Ig0; expires=Tue, 01-Jun-2021 17:04:30 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   310
Md5:    dbb35b76a152ea8fcfe8dddfba70462a
Sha1:   ceb92049ae9cf16e54d11e20987364c2883c0da0
Sha256: b8aea69cebad13b2c77194f3d169fd526491889fd77c1583126f43759b39a812
                                        
                                            GET /0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEIStbMV7gKAMdd6XYuriEos&google_cver=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=INch5ENCHDmt2cyGk6Kq3A; __upints=1559495070; gl=1

                                         
                                         94.130.112.156
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 02 Jun 2019 17:04:30 GMT
Content-Length: 0
Connection: keep-alive
Location: https://ib.adnxs.com/getuid?//x01.aidata.io/0.gif%3Fpid%3DAPPNEXUS%26id%3D%24UID%26back=SYNC
Set-Cookie: anx=1;path=/;expires=Wed, 5 Jun 2019 17:04:30 GMT;max-age=259200 __upin=INch5ENCHDmt2cyGk6Kq3A;domain=.aidata.io;path=/;max-age=63072000 __upints=1559495070;domain=.aidata.io;path=/;max-age=63072000
Expires: Sun, 02 Jun 2019 17:04:29 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 02 Jun 2019 17:04:29 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /Media/assets/favicons/favicon-32x32.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6; _ga=GA1.2.1409825382.1559495069; _gid=GA1.2.1546662090.1559495069; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Jun 2019 17:04:30 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Dec 2018 13:02:14 GMT
Etag: "963-57cd2ce9b1c5b"
Accept-Ranges: bytes
Content-Length: 2403
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   2403
Md5:    ecdc0ffcb4388c6d1ca2bc1b9194ed28
Sha1:   6a9bec53e7a52c37a8893cee8d4493c6f5fcd536
Sha256: d9a5354006717ff41c3fb3476bf5b07408060aecae192e329e458a599a51c9b2
                                        
                                            GET /Media/assets/favicons/favicon-32x32.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=17tlr8acrbu10hho6n90a9oc41; currency=UAH; cart=90b844857f14d7651a32b11bf6020647c5b74623%7E8f9c0980efb7f9a0d05c894b3c10265f2be137a6

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /getuid?//x01.aidata.io/0.gif%3Fpid%3DAPPNEXUS%26id%3D%24UID%26back=SYNC HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         0.0.0.0
                                        


--- Additional Info ---