Overview

URL kroha.kh.ua/system/logs/xt.exe
IP5.39.10.93
ASNAS16276 OVH SAS
Location France
Report completed2019-06-02 11:44:22 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2019-06-02 11:43:49 CEST 2 Client IP  5.39.10.93 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-06-02 2 kroha.kh.ua/system/logs/xt.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 5.39.10.93

Date UQ / IDS / BL URL IP
2019-06-09 07:02:16 +0200
0 - 0 - 1 tmx-learning.ru/wp-includes 5.39.10.93
2019-06-02 19:04:59 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 13:42:01 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-25 17:25:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-24 14:22:16 +0200
0 - 0 - 1 showbiz.ua/tmp-cg/tikita/yahoo/ee27fe710cee5f (...) 5.39.10.93
2019-05-06 15:17:22 +0200
0 - 1 - 0 agent-parfumer.com.ua/ 5.39.10.93
2019-05-06 02:04:36 +0200
0 - 0 - 1 showbiz.ua/tutu01/index.php 5.39.10.93
2019-05-03 20:08:06 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-01 22:31:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-22 18:43:34 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93

Last 10 reports on ASN: AS16276 OVH SAS

Date UQ / IDS / BL URL IP
2019-07-01 07:47:12 +0200
0 - 0 - 0 https://www.munplanet.com/articles/arlo-camer (...) 158.69.39.233
2019-07-01 04:15:44 +0200
0 - 3 - 0 www.asind.ae/wp-content/uploads/2019/seconder (...) 5.39.72.197
2019-07-01 03:56:20 +0200
0 - 0 - 0 webcamsteen.com/16y4[CUSTOM_AFF 192.99.67.89
2019-07-01 02:43:31 +0200
0 - 0 - 0 167.114.144.169/Android/ 167.114.144.169
2019-06-30 21:34:01 +0200
0 - 0 - 0 streams.tvxweb.org 158.69.54.221
2019-06-30 21:30:47 +0200
0 - 0 - 0 source.magikserv.com 37.187.171.206
2019-06-30 20:09:51 +0200
0 - 0 - 0 www.kweeper.com/popcorn2kg/sentence/6382508 91.121.242.21
2019-06-30 18:49:10 +0200
0 - 0 - 0 www.ovh.com 198.27.92.1
2019-06-30 18:18:47 +0200
0 - 0 - 0 liczniki.org/hit.php?l=alltube&o=1 94.23.92.123
2019-06-30 18:11:40 +0200
0 - 0 - 0 hardrock.blogdns.org/ 91.121.69.126

Last 10 reports on domain: kroha.kh.ua

Date UQ / IDS / BL URL IP
2019-06-02 19:04:59 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-06-02 13:42:01 +0200
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-25 17:25:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-03 20:08:06 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-05-01 22:31:26 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-22 18:43:34 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-17 15:52:08 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-12 18:43:19 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-04-02 19:01:45 +0200
0 - 0 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93
2019-03-22 19:23:04 +0100
0 - 1 - 1 kroha.kh.ua/system/logs/xt.exe 5.39.10.93


JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (42)


Request Response
                                        
                                            GET /system/logs/xt.exe HTTP/1.1 
Host: kroha.kh.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         5.39.10.93
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx/1.12.2
Date: Sun, 02 Jun 2019 09:43:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://babykroha.ua/system/logs/xt.exe


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "88116C6428592972E38BCE8263DC73486907250C3BDDE96A339BF6E56E5FDD53"
Last-Modified: Fri, 31 May 2019 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43148
Expires: Sun, 02 Jun 2019 21:42:58 GMT
Date: Sun, 02 Jun 2019 09:43:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    16f3065613f9cc8bace444361510fa41
Sha1:   d16dafbbe0c3f6ad0d6dd3883bbd415cef7e7fe3
Sha256: 88116c6428592972e38bce8263dc73486907250c3bdde96a339bf6e56e5fdd53
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.26
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Content-Transfer-Encoding: Binary
Last-Modified: Wed, 29 May 2019 20:49:01 GMT
Etag: "c64a67ac76905c31af6fa63aaaf346aeef13f23e"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=17139
Expires: Sun, 02 Jun 2019 14:29:29 GMT
Date: Sun, 02 Jun 2019 09:43:50 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    3fcc439f01c53387841bc9d18ef0f5b1
Sha1:   c64a67ac76905c31af6fa63aaaf346aeef13f23e
Sha256: 8c5e3ae1730d99882678586c726dddb8209e716fc6a33993f9b95f9b40ba91ba
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    f440f71f10517867df2ee4344047a2ee
Sha1:   251e6386113cb01d64b6171384a383df6ce81b85
Sha256: 2ddcc4ad9b037a58ecaeda473859effb22493a09361f8c170a903ef0c19205c3
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    5be872b3fe0bb6f31385f91f811e9586
Sha1:   1192231bcb9ee73e9f619d433cdb66dddd9ae7f7
Sha256: db0ad6191770bff9043482b68acf62a4e25d4390a03274cfbe413675dd8c9cf5
                                        
                                            GET /gtag/js?id=UA-128206001-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         216.58.207.200
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Access-Control-Allow-Origin: http://www.googletagmanager.com
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 02 Jun 2019 09:43:51 GMT
Expires: Sun, 02 Jun 2019 09:43:51 GMT
Cache-Control: private, max-age=900
Last-Modified: Thu, 30 May 2019 16:41:01 GMT
Server: Google Tag Manager (scaffolding)
X-XSS-Protection: 0
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26075
Md5:    df132151dab3cbed67236c2d16197193
Sha1:   a4771232049e3cfebe88a1cfc5e3b701d31179b0
Sha256: 93d931bedebcc35ead702b2c191746cd9736a919ed6bec4afbdb256a3673da6e
                                        
                                            GET /Media/assets/css/editor.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "c8f-57868f7e3371e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 1017
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1017
Md5:    3d78d96d2b060445ebe1b76f1cd86828
Sha1:   6ead70f82aae74e6b8946ca8e6d6294390d560e5
Sha256: 812808de27037852cda6b078db577e74f1b7af6de27e16f73408fdeece152c50
                                        
                                            GET /Media/assets/favicons/favicon-16x16.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Dec 2018 13:02:14 GMT
Etag: "4b6-57cd2ce9b1c5b"
Accept-Ranges: bytes
Content-Length: 1206
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   1206
Md5:    5ef32b417050bead34de1ec3552e69c3
Sha1:   74ffb6fc48190f88011d8e0e7418bbaebe7a188a
Sha256: 82b28825e1aef7c9bd0fa16d2bd56f68d553e3113e28ed739e244967d2c6d469
                                        
                                            GET /Media/assets/css/helpers.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "1180d-57868f7e3371e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 8570
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8570
Md5:    fc8885590c0b639807801d857e3b9128
Sha1:   2ec12f9d7119108e57e55d2059e7f380bfcdb17e
Sha256: 6183d5db89a099e2da6b2c35d500802110b105af43bdf63a3619ad80326a3926
                                        
                                            GET /Media/assets/css/vendors.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "24287-57868f7e3a47d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 17749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17749
Md5:    15288777a646fada78b68a7f39cf28f6
Sha1:   1074c8f5a3ceed073daf003948b3a90e4a363dd9
Sha256: f57784fd825af302d206fc978dacdc44805e147b4f2f8d414f6e67239790d766
                                        
                                            GET /Media/assets/css/style.css HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 21 Dec 2018 12:54:20 GMT
Etag: "1ef29-57d87beebf554-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 18806
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18806
Md5:    2f6c0704012632b62e80ac961a5be8f0
Sha1:   81c84c4bcc8e0cb77dd8ea7db05d4c1fd9c5b79a
Sha256: 8dfe9decf09179067b9a8475c62c0bad044044d5fda14b4f372c3f0e86ae9a07
                                        
                                            GET /Media/assets/js/static/wezom-old.min.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "270f-57868f7e634bd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 3753
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3753
Md5:    c103288ebb23846348ed303868f61ea8
Sha1:   42708dbd14c0fda14853595c79f2eb1a9f65835a
Sha256: 57c49a6204e979d08d0fb9c5eb0c698a56bb0d629907dbd4189ddf99f8b1a63c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sun, 02 Jun 2019 09:40:50 GMT
Expires: Sun, 02 Jun 2019 11:40:50 GMT
Last-Modified: Tue, 21 May 2019 23:53:44 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17595
Cache-Control: public, max-age=7200
Age: 181
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17595
Md5:    585dd98ad9bada516652979df577ade8
Sha1:   b81e0ee5e2648994c7c92e4becb6a8420113e462
Sha256: e88dfebceadff72fc5bb3ab4a4dfa71d835acbb4d183091d66e72e762fb306d5
                                        
                                            GET /Media/assets/css/static/pic/wezom-info-red.gif HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "11d-57868f7e394de"
Accept-Ranges: bytes
Content-Length: 285
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 87a, 50 x 18
Size:   285
Md5:    2dfb0e4ee208270ad5521719b18c5f36
Sha1:   794f67a3ecf343b7004ca75baaeccfa721c45f91
Sha256: 9769656f5e3eaca90c1c6958562a639dff2e440fad2ae43449c64afb13c14840
                                        
                                            GET /Media/js/translations/ru.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:06:41 GMT
Etag: "14a9-57868fd0de695-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 1564
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1564
Md5:    74b6492bc45e1e5ac860334f389f9555
Sha1:   4570d859349762bcffbb7dbc48ad2a627226c60c
Sha256: 8c9e1f6851a68333dc94cfba6a293d2771bdeee6fea2d72d565742b82c02ae52
                                        
                                            GET /r/collect?v=1&_v=j76&a=1768506456&t=pageview&_s=1&dl=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe&ul=en-us&de=UTF-8&dt=%D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20404!%20%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=IEBAAUQ~&jid=2013641595&gjid=1010190641&cid=1221407985.1559468632&tid=UA-128206001-1&_gid=1670677146.1559468632&_r=1&gtm=2ou5m0&z=167181583 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sun, 02 Jun 2019 09:43:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:52 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7f23823d39cf115f4509ad4c1cb43257
Sha1:   6f5defdb431d72c6a2e7c904260d9b5a2263b7ae
Sha256: 4cc39a77d1f5b39d9125e4fc7cd9b7b17348651723776ed0e8251f89678e6075
                                        
                                            GET /Media/assets/js/modernizr.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072; _ga=GA1.2.1221407985.1559468632; _gid=GA1.2.1670677146.1559468632; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 09:43:52 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "1798-57868f7e6251d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 2600
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2600
Md5:    8da2167b3cbc4bc748d5290857f89c54
Sha1:   080d2576c9d431dc6c096a2e7fa87016abb6f604
Sha256: 10377a56a197f4dea29022339657d1ad0ae588b19930192d664f113bdb26c092
                                        
                                            GET /maps/api/js?key=AIzaSyDL6xIhFeOJeE9nXsObhPKfD1wRV4xFknE HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Sun, 02 Jun 2019 09:43:52 GMT
Expires: Sun, 02 Jun 2019 10:13:52 GMT
Cache-Control: public, max-age=1800
Vary: Accept-Language
Content-Encoding: gzip
Server: mafe
Content-Length: 33421
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=16
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   33421
Md5:    dfaf22668dc5e03abe679c1675ea0e95
Sha1:   6d8b07d56b3a1dda067fde0e998e4ee2d97ad29a
Sha256: 4624a15fc19d500c6d413a01535eaadd07669d8dde1d1f0b514e3d79d0975ff6
                                        
                                            GET /Media/assets/css/static/fonts/b64-woff.css?v=1523945764591 HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Jun 2019 09:43:51 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:05:14 GMT
Etag: "eb88d-57868f7e365fe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   727398
Md5:    51ce94d8d0b4695014032fe4990555a6
Sha1:   f9951448a6edf388275e4a498b27dfa3ef17d3b6
Sha256: c6b163f46f68d83a24e286272c26df273e6a590ab2881125db300060cf0146db
                                        
                                            GET /Media/assets/js/vendors.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072; _ga=GA1.2.1221407985.1559468632; _gid=GA1.2.1670677146.1559468632; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 09:43:52 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 03 Dec 2018 11:24:22 GMT
Etag: "606d3-57c1c64074b82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   114633
Md5:    9d350763c168a7874d25147ed3d295e4
Sha1:   f7ec6c0d386d1b21b49118153b5325f1c1fff74a
Sha256: 50d6c93310a7045c6f926903f0ad3350b5fde89f5c1437833cc04a80a95ae8e8
                                        
                                            GET /Media/js/programmer/ulogin.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072; _ga=GA1.2.1221407985.1559468632; _gid=GA1.2.1670677146.1559468632; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 09:43:53 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Oct 2018 09:06:41 GMT
Etag: "ab19-57868fd0de695-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 13845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13845
Md5:    851a71202755f04b83b5f8dd1bed6fb4
Sha1:   62bb56397826a3e8aa60f179f7e319742074f774
Sha256: 351b444524542e90ff65e17af5a1d9964964f6e1d3a918f8b198c774f0535107
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "F0C54530CC050213B92732677EFE637FEFC0500C7D3C7CACF8E35AA712EE863C"
Last-Modified: Sat, 01 Jun 2019 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Sun, 02 Jun 2019 21:43:53 GMT
Date: Sun, 02 Jun 2019 09:43:53 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    3a43c040e897f162c50df21226566441
Sha1:   699f078ec021aa8cf82291dc143def72d380856d
Sha256: f0c54530cc050213b92732677efe637fefc0500c7d3c7cacf8e35aa712ee863c
                                        
                                            GET /Media/assets/js/initialize.js HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072; _ga=GA1.2.1221407985.1559468632; _gid=GA1.2.1670677146.1559468632; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Jun 2019 09:43:53 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 21 Dec 2018 11:55:11 GMT
Etag: "e61c-57d86eb576263-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800
Content-Length: 15845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15845
Md5:    e4016f7385b6c86dc07fdf11c7e8a668
Sha1:   9e2635c901ba89688ff84f58e9caa51161477ac0
Sha256: 30ea09c1da2cb52e11146ae90a4cf37d19c20e0e02ca8900da41fa819ad2063d
                                        
                                            GET /match?rand=49069&u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe&r= HTTP/1.1 
Host: ulogin.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         95.163.118.168
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Jun 2019 09:43:54 GMT
Content-Length: 161
Connection: keep-alive
Location: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe


--- Additional Info ---
Magic:  HTML document text
Size:   161
Md5:    3161da3959fb6c146a46cd60054ef55e
Sha1:   341f6879a767b3e5453f2d060d75e11b918838f4
Sha256: 47b641956fcdb7e3361feca67da6511e3d5a7ac0d0f4ac2afec43e650de15b84
                                        
                                            GET /uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe HTTP/1.1 
Host: ulogin.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://babykroha.ua/system/logs/xt.exe

                                         
                                         95.163.118.168
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Jun 2019 09:43:54 GMT
Content-Length: 199
Connection: keep-alive
Expires: Sun, 02 Jun 2019 09:43:53 GMT
Cache-Control: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Last-Modified: Sun, 02 Jun 2019 09:43:53 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   199
Md5:    57d20d8b8f3f11660cd95a83aeb8f483
Sha1:   9878a41ecfb55138f893eb9501af045d77316151
Sha256: 88c0bb39fe16adfe147431b6d6d2915696571afe588f5250c6800df58b41a73c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:53 GMT
Accept-Ranges: bytes
Last-Modified: Fri, 31 May 2019 18:32:05 GMT
Server: Apache
Etag: 53E1E939763FA4B5CBD531CD4C7DE8EB5926C1BF
Cache-Control: max-age=331199,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp6
X-HW: 1559468633.cds033.sk1.h2,1559468633.cds047.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0e5a5d6653853d23741ff72299b76a3c
Sha1:   53e1e939763fa4b5cbd531cd4c7de8eb5926c1bf
Sha256: 8053d53ea8c43f6dfd0a2d4073f663ca433aa03d0f2d5f2390f9a36c4bbee366
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:54 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 27 May 2019 00:14:19 GMT
Server: Apache
Etag: BAE9340389DE40AC4CF22A44984587E4E8D874D8
Cache-Control: max-age=302399,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp16
X-HW: 1559468634.cds009.sk1.h2,1559468634.cds047.sk1.c
Connection: keep-alive
Content-Length: 727


--- Additional Info ---
Magic:  data
Size:   727
Md5:    368085adeab3a7ed41f21d89b9a87241
Sha1:   bae9340389de40ac4cf22a44984587e4e8d874d8
Sha256: bed93cb6a254438fc9908965241cd13a75ef508c9162f4e6db5bfce4198b50ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:54 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 27 May 2019 00:14:19 GMT
Server: Apache
Etag: 46C8E53EC2DBBE63DF30F1C07EA33091E903516F
Cache-Control: max-age=302399,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp10
X-HW: 1559468634.cds009.sk1.h2,1559468634.cds046.sk1.c
Connection: keep-alive
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    76f692ad94d981d0bdf9fd9421a46c53
Sha1:   46c8e53ec2dbbe63df30f1c07ea33091e903516f
Sha256: 2757bf6c954cfa17aaf8f2cf81babe224a17f101ede4ad10abbbd80245658b42
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=95458
Date: Sun, 02 Jun 2019 09:43:54 GMT
Etag: "5cf268df-1d7"
Expires: Mon, 03 Jun 2019 12:14:52 GMT
Last-Modified: Sat, 01 Jun 2019 12:00:31 GMT
Server: ECS (ams/D1E9)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    bec67254c2a60907f11866fa13a691bb
Sha1:   3d921f088c10c7e68f6ba7ca1c47e1323da11319
Sha256: 6bfa1494c9a5b36eecf722d3078c0c080d59c4d9f001b97a2c6e4e703ca8b376
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=118746
Date: Sun, 02 Jun 2019 09:43:54 GMT
Etag: "5cf2c1eb-1d7"
Expires: Mon, 03 Jun 2019 18:43:00 GMT
Last-Modified: Sat, 01 Jun 2019 18:20:27 GMT
Server: ECS (lcy/1D1F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c68f568e69816f5bbddff67c2a5b67a1
Sha1:   f629226b6d34093da0427f7e8adb3ae92e6b672b
Sha256: 23d7c575229c4b11ae76b6ace4ea65fe0489c03a93589a5890b375a5390ab8e9
                                        
                                            GET /0.gif?pid=5667740 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 02 Jun 2019 09:43:54 GMT
Content-Length: 0
Connection: keep-alive
Location: https://x01.aidata.io/0.gif?pid=5667740&bounce=1
Expires: Sun, 02 Jun 2019 09:43:53 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 02 Jun 2019 09:43:53 GMT
Set-Cookie: __upin=Gi1eaktBeOoKvFCRecId7g;domain=.aidata.io;path=/;max-age=63072000 __upints=1559468634;domain=.aidata.io;path=/;max-age=63072000
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /Media/assets/favicons/favicon-32x32.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072; _ga=GA1.2.1221407985.1559468632; _gid=GA1.2.1670677146.1559468632; _gat_gtag_UA_128206001_1=1

                                         
                                         109.87.24.5
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 02 Jun 2019 09:43:54 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Dec 2018 13:02:14 GMT
Etag: "963-57cd2ce9b1c5b"
Accept-Ranges: bytes
Content-Length: 2403
Cache-Control: max-age=2592000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   2403
Md5:    ecdc0ffcb4388c6d1ca2bc1b9194ed28
Sha1:   6a9bec53e7a52c37a8893cee8d4493c6f5fcd536
Sha256: d9a5354006717ff41c3fb3476bf5b07408060aecae192e329e458a599a51c9b2
                                        
                                            GET /0.gif?pid=5667740&bounce=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=Gi1eaktBeOoKvFCRecId7g; __upints=1559468634

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 02 Jun 2019 09:43:54 GMT
Content-Length: 0
Connection: keep-alive
Location: https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm
Set-Cookie: gl=1;path=/;expires=Sun, 9 Jun 2019 09:43:54 GMT;max-age=604800 __upin=Gi1eaktBeOoKvFCRecId7g;domain=.aidata.io;path=/;max-age=63072000 __upints=1559468634;domain=.aidata.io;path=/;max-age=63072000
Expires: Sun, 02 Jun 2019 09:43:53 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 02 Jun 2019 09:43:53 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /widgets/v1/zp-sync?pid=1254153&uid=&url=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe HTTP/1.1 
Host: w.uptolike.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         95.163.114.204
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sun, 02 Jun 2019 09:43:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: utl_id2=10552354360; Expires=Tue, 01 Jun 2021 09:43:54 GMT; Path=/; Domain=.w.uptolike.com utl_dat="CLHhy7yxLRAAILGylsWxLSixspbFsS0wAPuAF41UQ+viw86P+34zR74="; Expires=Tue, 01 Jun 2021 09:43:54 GMT; Path=/; Domain=.w.uptolike.com
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Jun 2019 09:43:54 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e489ee79476be4f4c6cd164f81f3def2
Sha1:   db554987f38abcd82a46094d7f9c2b505fd49aa8
Sha256: 691625fd11c8acbec16ec787c3a5055fa474ba7453b1382feb51a91895aad5c9
                                        
                                            GET /pixel?google_nid=aidata_ddp&back=SYNC&google_cm HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         216.58.207.226
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC&google_cm=&google_tc=
Date: Sun, 02 Jun 2019 09:43:54 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 297
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 02-Jun-2019 09:58:54 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   297
Md5:    baa6755b2a67e6d215dad8d3709d3453
Sha1:   19017d41841dfaaf8b2cc1916a831979ce03a902
Sha256: 23cc31c9da26db4771b467ff266e7b24becf25ffbbfebf8f21849291ee0b0e2e
                                        
                                            GET /pixel?google_nid=aidata_ddp&back=SYNC&google_cm=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.207.226
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESENWfNnQWs-ook3JZpZgUsKU&google_cver=1
Date: Sun, 02 Jun 2019 09:43:54 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 310
X-XSS-Protection: 0
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUlCh2yFXvmnygmiYpBSUbuBXMqWVSFnRsC9-Um2MaE--q29vuaorjQeCB3Z; expires=Tue, 01-Jun-2021 09:43:54 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   310
Md5:    cd0c6ce862b3971b7fb9e0266277e289
Sha1:   8c3be882f7339e082cb8ecd35d73b1c21907a647
Sha256: eb79e17e578579638ad5046728360f624efaa71d7780a53ab9c6e6430840a250
                                        
                                            GET /0.gif?pid=GOOGLE&back=SYNC&google_gid=CAESENWfNnQWs-ook3JZpZgUsKU&google_cver=1 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe
Cookie: __upin=Gi1eaktBeOoKvFCRecId7g; __upints=1559468634; gl=1

                                         
                                         136.243.15.62
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 02 Jun 2019 09:43:54 GMT
Content-Length: 0
Connection: keep-alive
Location: https://ib.adnxs.com/getuid?//x01.aidata.io/0.gif%3Fpid%3DAPPNEXUS%26id%3D%24UID%26back=SYNC
Set-Cookie: anx=1;path=/;expires=Wed, 5 Jun 2019 09:43:54 GMT;max-age=259200 __upin=Gi1eaktBeOoKvFCRecId7g;domain=.aidata.io;path=/;max-age=63072000 __upints=1559468634;domain=.aidata.io;path=/;max-age=63072000
Expires: Sun, 02 Jun 2019 09:43:53 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Sun, 02 Jun 2019 09:43:53 GMT
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'


--- Additional Info ---
                                        
                                            GET /Media/assets/favicons/favicon-32x32.png HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; currency=UAH; cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /system/logs/xt.exe HTTP/1.1 
Host: babykroha.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         109.87.24.5
HTTP/1.0 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 02 Jun 2019 09:43:50 GMT
Server: Apache/2.4.7 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4dagad3lb697kn9k7h37dass05; path=/ currency=UAH; path=/ cart=5ebde7b9934d7b136554ec9ae21641e7b336b443%7Eb460532e0da5ce5fc4abf1a14cc398e83f05f072; expires=Mon, 01-Jun-2020 09:43:50 GMT; Max-Age=31536000; path=/
Pragma: no-cache
Status: 404 Not Found
Connection: close


--- Additional Info ---
                                        
                                            GET /getuid?//x01.aidata.io/0.gif%3Fpid%3DAPPNEXUS%26id%3D%24UID%26back=SYNC HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://ulogin.ru/uptolike/?u=https%3A%2F%2Fbabykroha.ua%2Fsystem%2Flogs%2Fxt.exe

                                         
                                         0.0.0.0
                                        


--- Additional Info ---