Overview

URL kroha.kh.ua/system/logs/xt.exe
IP5.39.10.93
ASNAS16276 OVH SAS
Location France
Report completed2019-02-22 19:34:43 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2019-02-22 19:21:12 CET 1 Client IP  5.39.10.93 ET CURRENT_EVENTS Possible Malicious Macro DL BIN May 2016 (No UA)


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-22 2 kroha.kh.ua/system/logs/xt.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 5.39.10.93

Date UQ / IDS / BL URL IP
2019-06-09 07:02:16 +0200
0 - 0 - 1 tmx-learning.ru/wp-includes 5.39.10.93
2019-06-02 19:04:59 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 13:42:01 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 11:44:22 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-25 17:25:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-24 14:22:16 +0200
0 - 0 - 1 showbiz.ua/tmp-cg/tikita/yahoo/ee27fe710cee5f (...) 5.39.10.93
2019-05-06 15:17:22 +0200
0 - 1 - 0 agent-parfumer.com.ua/ 5.39.10.93
2019-05-06 02:04:36 +0200
0 - 0 - 1 showbiz.ua/tutu01/index.php 5.39.10.93
2019-05-03 20:08:06 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-01 22:31:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93

Last 10 reports on ASN: AS16276 OVH SAS

Date UQ / IDS / BL URL IP
2019-07-01 07:47:12 +0200
0 - 0 - 0 https://www.munplanet.com/articles/arlo-camer (...) 158.69.39.233
2019-07-01 04:15:44 +0200
0 - 3 - 0 www.asind.ae/wp-content/uploads/2019/seconder (...) 5.39.72.197
2019-07-01 03:56:20 +0200
0 - 0 - 0 webcamsteen.com/16y4[CUSTOM_AFF 192.99.67.89
2019-07-01 02:43:31 +0200
0 - 0 - 0 167.114.144.169/Android/ 167.114.144.169
2019-06-30 21:34:01 +0200
0 - 0 - 0 streams.tvxweb.org 158.69.54.221
2019-06-30 21:30:47 +0200
0 - 0 - 0 source.magikserv.com 37.187.171.206
2019-06-30 20:09:51 +0200
0 - 0 - 0 www.kweeper.com/popcorn2kg/sentence/6382508 91.121.242.21
2019-06-30 18:49:10 +0200
0 - 0 - 0 www.ovh.com 198.27.92.1
2019-06-30 18:18:47 +0200
0 - 0 - 0 liczniki.org/hit.php?l=alltube&o=1 94.23.92.123
2019-06-30 18:11:40 +0200
0 - 0 - 0 hardrock.blogdns.org/ 91.121.69.126

Last 10 reports on domain: kroha.kh.ua

Date UQ / IDS / BL URL IP
2019-06-02 19:04:59 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 13:42:01 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 11:44:22 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-25 17:25:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-03 20:08:06 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-01 22:31:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-22 18:43:34 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-17 15:52:08 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-12 18:43:19 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-02 19:01:45 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93


JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (45)


Request Response
                                        
                                            GET /system/logs/xt.exe HTTP/1.1 
Host: kroha.kh.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.39.10.93
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx/1.12.2
Date: Fri, 22 Feb 2019 18:21:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://babykroha.ua/system/logs/xt.exe


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS Possible Malicious Macro DL BIN May 2016 (No UA)
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "F565BAFF9C22FF9626B04482FAB952A3251CEAA392829BBF3C74F7730AE1FE81"
Last-Modified: Fri, 22 Feb 2019 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43188
Expires: Sat, 23 Feb 2019 06:21:01 GMT
Date: Fri, 22 Feb 2019 18:21:13 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    e9a4b00d691297665c181666c2a01f39
Sha1:   2052beff42331be59a75cd670593e622f99561e2
Sha256: f565baff9c22ff9626b04482fab952a3251ceaa392829bbf3c74f7730ae1fe81
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.26
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 21 Feb 2019 22:48:19 GMT
Etag: "b567a7a527fa3df03e047be559e7857db5984b32"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=28854
Expires: Sat, 23 Feb 2019 02:22:07 GMT
Date: Fri, 22 Feb 2019 18:21:13 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    0d1d8bb8fe6c79fbff0c888c68d4ffd0
Sha1:   b567a7a527fa3df03e047be559e7857db5984b32
Sha256: 67615a61fa8eaddc8eef1dc4a01ca92e9f58a5c6a547f30792458d28bbe5f5b3
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Feb 2019 18:21:14 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c387e5673fd74ed481988f292fea1578
Sha1:   e33109cbaee9df4e8790417415c9b0fd77206da0
Sha256: 40b41773221dee9ac96638bb24cfd423484732d6f770714adb3031f861e12d9d
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Feb 2019 18:21:14 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /gtag/js?id=UA-128206001-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.168
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Access-Control-Allow-Origin: http://www.googletagmanager.com
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 22 Feb 2019 18:21:14 GMT
Expires: Fri, 22 Feb 2019 18:21:14 GMT
Cache-Control: private, max-age=900
Server: Google Tag Manager (scaffolding)
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   24360
Md5:    6313138c79bed7c47c20d4a575a738cb
Sha1:   537afc921e907cc6278581114c5f95493fd7ce1f
Sha256: 467960822575aeaa573025a4424e16f6f4245fc84676a9f8b7a91da196013660
                                        
                                            GET /Media/assets/css/helpers.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 22 Feb 2019 18:21:15 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "1180d-57868f7e3371e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 8570
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8570
Md5:    fc8885590c0b639807801d857e3b9128
Sha1:   2ec12f9d7119108e57e55d2059e7f380bfcdb17e
Sha256: 6183d5db89a099e2da6b2c35d500802110b105af43bdf63a3619ad80326a3926
                                        
                                            GET /Media/assets/css/vendors.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 22 Feb 2019 18:21:15 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "24287-57868f7e3a47d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 17749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17749
Md5:    15288777a646fada78b68a7f39cf28f6
Sha1:   1074c8f5a3ceed073daf003948b3a90e4a363dd9
Sha256: f57784fd825af302d206fc978dacdc44805e147b4f2f8d414f6e67239790d766
                                        
                                            GET /Media/assets/css/style.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 22 Feb 2019 18:21:15 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 21 Dec 2018 12:54:20 GMT
Etag: "1ef29-57d87beebf554-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 18806
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18806
Md5:    2f6c0704012632b62e80ac961a5be8f0
Sha1:   81c84c4bcc8e0cb77dd8ea7db05d4c1fd9c5b79a
Sha256: 8dfe9decf09179067b9a8475c62c0bad044044d5fda14b4f372c3f0e86ae9a07
                                        
                                            GET /Media/assets/css/static/fonts/b64-woff.css?v=1523945764591 HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 22 Feb 2019 18:21:15 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "eb88d-57868f7e365fe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   727398
Md5:    51ce94d8d0b4695014032fe4990555a6
Sha1:   f9951448a6edf388275e4a498b27dfa3ef17d3b6
Sha256: c6b163f46f68d83a24e286272c26df273e6a590ab2881125db300060cf0146db
                                        
                                            GET /Media/assets/css/editor.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 22 Feb 2019 18:21:16 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "c8f-57868f7e3371e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 1017
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1017
Md5:    3d78d96d2b060445ebe1b76f1cd86828
Sha1:   6ead70f82aae74e6b8946ca8e6d6294390d560e5
Sha256: 812808de27037852cda6b078db577e74f1b7af6de27e16f73408fdeece152c50
                                        
                                            GET /Media/assets/favicons/favicon-16x16.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 22 Feb 2019 18:21:16 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Dec 2018 13:02:14 GMT
Etag: "4b6-57cd2ce9b1c5b"
Accept-Ranges: bytes
Content-Length: 1206
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   1206
Md5:    5ef32b417050bead34de1ec3552e69c3
Sha1:   74ffb6fc48190f88011d8e0e7418bbaebe7a188a
Sha256: 82b28825e1aef7c9bd0fa16d2bd56f68d553e3113e28ed739e244967d2c6d469
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Fri, 22 Feb 2019 17:48:17 GMT
Expires: Fri, 22 Feb 2019 19:48:17 GMT
Last-Modified: Wed, 16 Jan 2019 20:01:45 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17543
Cache-Control: public, max-age=7200
Age: 1979
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17543
Md5:    a6ce90b9145f18e7a721eb3819daaaab
Sha1:   1c422016bd20a08535d2cc37448c498cf4a0f829
Sha256: 94fe45c14a2ce4fd5f1401c835e5d63111ebf89ff58e03d6b780592f02abf778
                                        
                                            GET /Media/assets/js/static/wezom-old.min.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 22 Feb 2019 18:21:16 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "270f-57868f7e634bd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 3753
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3753
Md5:    c103288ebb23846348ed303868f61ea8
Sha1:   42708dbd14c0fda14853595c79f2eb1a9f65835a
Sha256: 57c49a6204e979d08d0fb9c5eb0c698a56bb0d629907dbd4189ddf99f8b1a63c
                                        
                                            GET /r/collect?v=1&_v=j73&a=362346531&t=pageview&_s=1&dl=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe&ul=en-us&de=UTF-8&dt=%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404!%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAUQ~&jid=757226970&gjid=891033048&cid=908827880.1550859678&tid=UA-128206001-1&_gid=295850799.1550859678&_r=1&gtm=2ou241&z=719051517 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Fri, 22 Feb 2019 18:21:17 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /Media/assets/css/static/pic/wezom-info-red.gif HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 22 Feb 2019 18:21:17 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "11d-57868f7e394de"
Accept-Ranges: bytes
Content-Length: 285
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 87a, 50 x 18
Size:   285
Md5:    2dfb0e4ee208270ad5521719b18c5f36
Sha1:   794f67a3ecf343b7004ca75baaeccfa721c45f91
Sha256: 9769656f5e3eaca90c1c6958562a639dff2e440fad2ae43449c64afb13c14840
                                        
                                            GET /Media/assets/favicons/favicon-32x32.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 22 Feb 2019 18:21:17 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Dec 2018 13:02:14 GMT
Etag: "963-57cd2ce9b1c5b"
Accept-Ranges: bytes
Content-Length: 2403
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   2403
Md5:    ecdc0ffcb4388c6d1ca2bc1b9194ed28
Sha1:   6a9bec53e7a52c37a8893cee8d4493c6f5fcd536
Sha256: d9a5354006717ff41c3fb3476bf5b07408060aecae192e329e458a599a51c9b2
                                        
                                            GET /Media/js/translations/ru.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 22 Feb 2019 18:21:17 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:06:41 GMT
Etag: "14a9-57868fd0de695-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 1564
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1564
Md5:    74b6492bc45e1e5ac860334f389f9555
Sha1:   4570d859349762bcffbb7dbc48ad2a627226c60c
Sha256: 8c9e1f6851a68333dc94cfba6a293d2771bdeee6fea2d72d565742b82c02ae52
                                        
                                            GET /Media/assets/js/modernizr.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 22 Feb 2019 18:21:17 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "1798-57868f7e6251d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 2600
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2600
Md5:    8da2167b3cbc4bc748d5290857f89c54
Sha1:   080d2576c9d431dc6c096a2e7fa87016abb6f604
Sha256: 10377a56a197f4dea29022339657d1ad0ae588b19930192d664f113bdb26c092
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Feb 2019 18:21:18 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    6d9e68fb2ce06372598d3d60467a18fb
Sha1:   565a21d3d80dad5fc9fa078223c5a9784276a6a3
Sha256: a78853cdb2f130271bb07c2427417a7410eb1b9f0bc186af07dfb09d26b798b5
                                        
                                            GET /maps/api/js?key=AIzaSyDL6xIhFeOJeE9nXsObhPKfD1wRV4xFknE HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Fri, 22 Feb 2019 18:21:18 GMT
Expires: Fri, 22 Feb 2019 18:51:18 GMT
Cache-Control: public, max-age=1800
Vary: Accept-Language
Content-Encoding: gzip
Server: mafe
Content-Length: 33266
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=18
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   33266
Md5:    703d9e76391b8a4aa7624e3b1f129687
Sha1:   1e61ef57d8e520fde23fd05ad6ad44ba1b52a777
Sha256: ad0392d5de12529307cb35abd554dd75719323fd5665872594c116279c5f8e19
                                        
                                            GET /Media/assets/js/vendors.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 22 Feb 2019 18:21:18 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 03 Dec 2018 11:24:22 GMT
Etag: "606d3-57c1c64074b82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   114633
Md5:    9d350763c168a7874d25147ed3d295e4
Sha1:   f7ec6c0d386d1b21b49118153b5325f1c1fff74a
Sha256: 50d6c93310a7045c6f926903f0ad3350b5fde89f5c1437833cc04a80a95ae8e8
                                        
                                            GET /Media/js/programmer/ulogin.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 22 Feb 2019 18:21:18 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:06:41 GMT
Etag: "ab19-57868fd0de695-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 13845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13845
Md5:    851a71202755f04b83b5f8dd1bed6fb4
Sha1:   62bb56397826a3e8aa60f179f7e319742074f774
Sha256: 351b444524542e90ff65e17af5a1d9964964f6e1d3a918f8b198c774f0535107
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "6F072413BCE86671B6561200F506C5947EE8602FAEA6370F3646B71691AABB56"
Last-Modified: Thu, 21 Feb 2019 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=33234
Expires: Sat, 23 Feb 2019 03:35:12 GMT
Date: Fri, 22 Feb 2019 18:21:18 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    f16a3aa208fecf23d988a7f23dfb536c
Sha1:   f175c2103091415604327c27938bb610ea9dd611
Sha256: 6f072413bce86671b6561200f506c5947ee8602faea6370f3646b71691aabb56
                                        
                                            GET /Media/assets/js/initialize.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; currency=UAH; cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; _ga=GA1.2.908827880.1550859678; _gid=GA1.2.295850799.1550859678; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 22 Feb 2019 18:21:18 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 21 Dec 2018 11:55:11 GMT
Etag: "e61c-57d86eb576263-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 15845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15845
Md5:    e4016f7385b6c86dc07fdf11c7e8a668
Sha1:   9e2635c901ba89688ff84f58e9caa51161477ac0
Sha256: 30ea09c1da2cb52e11146ae90a4cf37d19c20e0e02ca8900da41fa819ad2063d
                                        
                                            GET /match?rand=13279&u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe&r= HTTP/1.1 
Host: ulogin.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         95.163.118.168
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:20 GMT
Content-Length: 161
Connection: keep-alive
Location: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe


--- Additional Info ---
Magic:  HTML document text
Size:   161
Md5:    3161da3959fb6c146a46cd60054ef55e
Sha1:   341f6879a767b3e5453f2d060d75e11b918838f4
Sha256: 47b641956fcdb7e3361feca67da6511e3d5a7ac0d0f4ac2afec43e650de15b84
                                        
                                            GET /uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe HTTP/1.1 
Host: ulogin.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         95.163.118.168
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:20 GMT
Content-Length: 199
Connection: keep-alive
Expires: Fri, 22 Feb 2019 18:21:19 GMT
Cache-Control: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Last-Modified: Fri, 22 Feb 2019 18:21:19 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   199
Md5:    57d20d8b8f3f11660cd95a83aeb8f483
Sha1:   9878a41ecfb55138f893eb9501af045d77316151
Sha256: 88c0bb39fe16adfe147431b6d6d2915696571afe588f5250c6800df58b41a73c
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=165800
Date: Fri, 22 Feb 2019 18:21:19 GMT
Etag: "5c6ff264-1d7"
Expires: Sun, 24 Feb 2019 16:24:39 GMT
Last-Modified: Fri, 22 Feb 2019 13:00:20 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e336c3a8b78c63808a38445c90581bf3
Sha1:   d0678a1677473c4e3fcddefc22d6edab4915243c
Sha256: 41c0aadb7f76dfb5bd864567567403622a25e5f20ad9a38451048f7bcb857c87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=100793
Date: Fri, 22 Feb 2019 18:21:19 GMT
Etag: "5c6ef9f2-1d7"
Expires: Sat, 23 Feb 2019 22:21:12 GMT
Last-Modified: Thu, 21 Feb 2019 19:20:18 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    04ee8b3a573e5dc8e597e54144b24fa5
Sha1:   929be23fb900f2994072ab6987ba2063f2f3530e
Sha256: 3208fb0d49e936ead4174346ff51ca8575136eaee2d32e951e2a32487b2e6ff4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 20 Feb 2019 03:41:10 GMT
Etag: B5B616360DEB9F4DA88F56AD3809881DF518670A
X-OCSP-Responder-ID: mcdpcaocsp13
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=378590
Expires: Wed, 27 Feb 2019 03:31:09 GMT
Date: Fri, 22 Feb 2019 18:21:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    98921c3f710e7b280e17c7dee69e9ace
Sha1:   b5b616360deb9f4da88f56ad3809881df518670a
Sha256: b359308922e103a7e6017f011ade25d3b939be8aca60e38fe832aad36a39a198
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Feb 2019 02:40:12 GMT
Etag: 031E60CD42611A93ADDA1716E0397BD341925218
X-OCSP-Responder-ID: mcdpcaocsp6
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=115744
Expires: Sun, 24 Feb 2019 02:30:23 GMT
Date: Fri, 22 Feb 2019 18:21:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    23eeade78b333f73b0042d6ae26c5be9
Sha1:   031e60cd42611a93adda1716e0397bd341925218
Sha256: 87f4064ef7eef2956ff1715741636f990e05eab92c218e62c507203af0ed89ac
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Feb 2019 02:40:12 GMT
Etag: 7945AAB37866CC6A8C1827B5A33E0D97CF0AD82B
X-OCSP-Responder-ID: mcdpcaocsp15
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=115717
Expires: Sun, 24 Feb 2019 02:29:56 GMT
Date: Fri, 22 Feb 2019 18:21:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    899d241d38d34071a61f14bcace0a952
Sha1:   7945aab37866cc6a8c1827b5a33e0d97cf0ad82b
Sha256: da84335a6fcffd04edfb14bc2604ba9c877a50d635c256a1823e0e5fdb575235
                                        
                                            GET /widgets/v1/zp-sync?pid=1254153&uid=&url=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         95.163.114.204
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:19 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: utl_id2=9124560393; Expires=Sun, 21 Feb 2021 18:21:19 GMT; Path=/; Domain=.w.uptolike.com utl_dat="COztwrORLRAAIOy+jbyRLSjsvo28kS0wAGRDyIcQANVV1eou5TiLGNc="; Expires=Sun, 21 Feb 2021 18:21:19 GMT; Path=/; Domain=.w.uptolike.com
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            GET /0.gif?pid=5667740 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://x01.aidata.io/0.gif?pid=5667740&bounce=1
Expires: Fri, 22 Feb 2019 18:21:18 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 22 Feb 2019 18:21:18 GMT
Set-Cookie: __upin=f9RzO0dBHqC1w7iVC5CiKA;domain=.aidata.io;path=/;max-age=63072000 __upints=1550859679;domain=.aidata.io;path=/;max-age=63072000
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /0.gif?pid=5667740&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=f9RzO0dBHqC1w7iVC5CiKA; __upints=1550859679

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm
Set-Cookie: gl=1;path=/;expires=Fri, 1 Mar 2019 18:21:19 GMT;max-age=604800 __upin=f9RzO0dBHqC1w7iVC5CiKA;domain=.aidata.io;path=/;max-age=63072000 __upints=1550859679;domain=.aidata.io;path=/;max-age=63072000
Expires: Fri, 22 Feb 2019 18:21:18 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 22 Feb 2019 18:21:18 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 22 Feb 2019 18:21:19 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    9334e3fd2acdc78acea5cbbd30c2d4cd
Sha1:   bb1bc4ade192dfbd5ba840b0fc8ab71a5ef04e82
Sha256: be025490e1c6272b63be61bd339b2106b16bee157ab7dee7f4743a26bfb112a0
                                        
                                            GET /pixel?google_nid=aidata_ddp&back=SYNC&google_cm HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         216.58.211.2
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm=&google_tc=
Date: Fri, 22 Feb 2019 18:21:19 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 297
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 22-Feb-2019 18:36:19 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   297
Md5:    baa6755b2a67e6d215dad8d3709d3453
Sha1:   19017d41841dfaaf8b2cc1916a831979ce03a902
Sha256: 23cc31c9da26db4771b467ff266e7b24becf25ffbbfebf8f21849291ee0b0e2e
                                        
                                            GET /pixel?google_nid=aidata_ddp&back=SYNC&google_cm=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.211.2
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEIvAQoMaSMW7YN9dszU3SgI&google_cver=1
Date: Fri, 22 Feb 2019 18:21:19 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 310
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUn2gQ8bOB-tpCBIZLiQ6yV-xht_AtRDeHbULrTu8od0odZuAwHF_lWkR6B-; expires=Sun, 21-Feb-2021 18:21:19 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   310
Md5:    c9189786f9bb2bc4b6d8a3eb254f3263
Sha1:   e98bb997dc7a7810d50d09626d038d60d253d1e6
Sha256: f3d722e13f37bba0998e763045e46e53019785df0c1f9d46758f51d55da340e0
                                        
                                            GET /0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESEIvAQoMaSMW7YN9dszU3SgI&google_cver=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=f9RzO0dBHqC1w7iVC5CiKA; __upints=1550859679; gl=1

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:19 GMT
Content-Length: 0
Connection: keep-alive
Location: https://tags.bluekai.com/site/29099?limit=0&id=f9RzO0dBHqC1w7iVC5CiKA&redir=https://x01.aidata.io/0.gif?pid=ORACLE%26id=$_BK_UUID%26back=SYNC
Set-Cookie: oracle=1;path=/;expires=Fri, 1 Mar 2019 18:21:19 GMT;max-age=604800 __upin=f9RzO0dBHqC1w7iVC5CiKA;domain=.aidata.io;path=/;max-age=63072000 __upints=1550859679;domain=.aidata.io;path=/;max-age=63072000
Expires: Fri, 22 Feb 2019 18:21:18 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 22 Feb 2019 18:21:18 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=103744
Date: Fri, 22 Feb 2019 18:21:19 GMT
Etag: "5c6f0341-1d7"
Expires: Sat, 23 Feb 2019 23:10:23 GMT
Last-Modified: Thu, 21 Feb 2019 20:00:01 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    936af480586b1db32df03b1f4b17ab6b
Sha1:   bd99d832351f4600f34467304e31d052ff9ceb08
Sha256: fd0124e494a476a359de294ae98170630c6b153703e34d99cc2de0bfce38bb3d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=150644
Date: Fri, 22 Feb 2019 18:21:19 GMT
Etag: "5c6fb571-1d7"
Expires: Sun, 24 Feb 2019 12:12:03 GMT
Last-Modified: Fri, 22 Feb 2019 08:40:17 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    93df622c3eada08db62895395d2292f2
Sha1:   3b0c29dc90bcb6f8a01a7db8a0105e328070d2be
Sha256: 5d401f2282950d73eaa5f07b52097df45931285c6d5f37881728bd4896beabc9
                                        
                                            GET /site/29099?limit=0&id=f9RzO0dBHqC1w7iVC5CiKA&redir=https://x01.aidata.io/0.gif?pid=ORACLE%26id=$_BK_UUID%26back=SYNC HTTP/1.1 
Host: tags.bluekai.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         104.123.118.80
HTTP/1.1 302 Moved Temporarily
                                        
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Location: https://x01.aidata.io/0.gif?pid=ORACLE&id=$_BK_UUID&back=SYNC
BK-Server: d89c
Date: Fri, 22 Feb 2019 18:21:20 GMT
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /0.gif?pid=ORACLE&id=$_BK_UUID&back=SYNC HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=f9RzO0dBHqC1w7iVC5CiKA; __upints=1550859679; gl=1; oracle=1

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 22 Feb 2019 18:21:20 GMT
Content-Length: 0
Connection: keep-alive
Location: https://ib.adnxs.com/getuid?//x01.aidata.io/0.gif%3Fpid%3DAPPNEXUS%26id%3D%24UID%26back=SYNC
Set-Cookie: anx=1;path=/;expires=Mon, 25 Feb 2019 18:21:20 GMT;max-age=259200 __upin=f9RzO0dBHqC1w7iVC5CiKA;domain=.aidata.io;path=/;max-age=63072000 __upints=1550859679;domain=.aidata.io;path=/;max-age=63072000
Expires: Fri, 22 Feb 2019 18:21:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Fri, 22 Feb 2019 18:21:19 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /system/logs/xt.exe HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         109.87.24.5
HTTP/1.0 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 22 Feb 2019 18:21:13 GMT
Server: Apache/2.4.7 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=60kf1ftlkevgtl824kfa0ni8v5; path=/ currency=UAH; path=/ cart=fd79c910666444f549bf81b852295425c7a13ab5%7E82258d2c73a65fef6ffec5d218fc875c793942f4; expires=Sat, 22-Feb-2020 18:21:14 GMT; Max-Age=31536000; path=/
Pragma: no-cache
Status: 404 Not Found
Connection: close


--- Additional Info ---
                                        
                                            GET /getuid?//x01.aidata.io/0.gif%3Fpid%3DAPPNEXUS%26id%3D%24UID%26back=SYNC HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         0.0.0.0
                                        


--- Additional Info ---