Overview

URL palochusvet.szm.com/43t3f/45y4g.exe
IP85.248.228.58
ASNSWAN, a.s.
Location Slovakia
Report completed2022-07-01 16:09:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-01 2 palochusvet.szm.com/43t3f/45y4g.exe Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] ssl.google-analytics.com (1) 275 2017-01-30 05:00:07 UTC 2022-07-01 12:40:17 UTC 172.217.21.168
[Mnemonic Passive DNS] sk.search.etargetnet.com (3) 167949 2017-02-27 16:42:41 UTC 2022-04-17 17:40:26 UTC 195.168.10.172
[Mnemonic Passive DNS] cdn.mookie1.com (1) 13056 2018-05-03 17:37:14 UTC 2022-07-01 15:09:02 UTC 23.13.39.40
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-01 14:37:30 UTC 52.40.216.187
[Mnemonic Passive DNS] www.youtube.com (3) 90 2017-01-30 05:00:06 UTC 2022-07-01 04:59:39 UTC 142.250.74.142
[Mnemonic Passive DNS] sk-gmtdmp.mookie1.com (1) 225766 2015-12-15 14:26:44 UTC 2022-06-30 17:48:20 UTC 35.186.238.175
[Mnemonic Passive DNS] stats.g.doubleclick.net (1) 96 2017-01-30 04:59:59 UTC 2022-07-01 05:01:53 UTC 173.194.73.154
[Mnemonic Passive DNS] etargetcdn.com (4) 126528 No data No data 172.67.73.79
[Mnemonic Passive DNS] palochusvet.szm.com (2) 0 No data No data 85.248.228.58 Unknown ranking
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-07-01 12:43:16 UTC 104.18.20.226
[Mnemonic Passive DNS] szm.com (6) 0 No data No data 85.248.228.115 Unknown ranking
[Mnemonic Passive DNS] ocsp.digicert.com (4) 86 2012-11-29 12:49:49 UTC 2022-07-01 15:56:06 UTC 93.184.220.29
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-07-01 14:37:30 UTC 142.250.74.3
[Mnemonic Passive DNS] tpx.tesseradigital.com (5) 238888 No data No data 35.157.179.180
[Mnemonic Passive DNS] fd.tesseradigital.com (4) 0 No data No data 18.196.91.239 Domain (tesseradigital.com) ranked at: 238882
[Mnemonic Passive DNS] ad.novara.sk (3) 0 No data No data 85.248.228.68 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (16) 344 2020-12-02 08:52:13 UTC 2022-07-01 12:51:19 UTC 23.36.76.226
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-01 05:33:42 UTC 54.230.111.64
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] img.szm.sk (5) 0 No data No data 85.248.228.60 Unknown ranking
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-07-01 14:37:32 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 85.248.228.58

Date UQ / IDS / BL URL IP
2022-07-02 17:00:41 +0000
0 - 0 - 1 palochusvet.szm.com/43t3f/45y4g.exe 85.248.228.58
2022-06-30 17:48:28 +0000
0 - 0 - 1 palochusvet.szm.com/43t3f/45y4g.exe 85.248.228.58

Last 10 reports on ASN: SWAN, a.s.

Date UQ / IDS / BL URL IP
2022-08-10 11:16:12 +0000
0 - 0 - 4 dogsk.sk/juniorhandling/gallery/2008/bystrica (...) 213.215.124.60
2022-08-06 01:47:14 +0000
0 - 0 - 4 dogsk.sk/juniorhandling/gallery/2008/bystrica (...) 213.215.124.60
2022-08-02 21:32:46 +0000
0 - 0 - 2 f27szerviz.hu/upload/files/56488954650.pdf 85.248.130.113
2022-08-02 19:01:04 +0000
0 - 0 - 1 zamokugrofa.sk/admin/fckeditor/file/487337975 (...) 85.248.226.5
2022-08-02 16:42:32 +0000
0 - 0 - 1 topenglish.sk/app/webroot/gallery/files/81707 (...) 85.248.128.216
2022-08-02 16:23:44 +0000
0 - 0 - 1 slovbau.sk/test/userfiles/file/2555128274.pdf 213.215.124.60
2022-08-01 09:42:58 +0000
0 - 0 - 4 dogsk.sk/juniorhandling/gallery/2008/wieselbu (...) 213.215.124.60
2022-07-28 15:10:04 +0000
0 - 0 - 1 majstrissmt.eu/www-data/file/retaj.pdf 85.248.116.7
2022-07-26 10:01:12 +0000
0 - 0 - 21 www.beautysecret.sk/ 85.248.129.35
2022-07-23 22:25:09 +0000
0 - 0 - 4 dogsk.sk/juniorhandling/gallery/2008/padova08 (...) 213.215.124.60

No other reports on domain: szm.com



JavaScript

Executed Scripts (21)


Executed Evals (0)


Executed Writes (6)

#1 JavaScript::Write (size: 125, repeated: 1) - SHA256: d87262ba50b590e8f2bfbb7ceca23b472d0fc4851aa2adc2d8bc506f5c50d333

                                        < script src = "https://szm.com/reklamafr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe"
type = "text/javascript" > < /script>
                                    

#2 JavaScript::Write (size: 85, repeated: 1) - SHA256: 2f07f68c604449e8d89471efc2fea27e93365b3806d2494f6432b2e33d2fdf94

                                        < script src = 'https://ssl.google-analytics.com/ga.js'
type = 'text/javascript' > < /script>
                                    

#3 JavaScript::Write (size: 23748, repeated: 1) - SHA256: 62d53a1e2af2ca5375b83c291ebd1087625f673eb0a39a6cb40562bb67c9a451

                                        < !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" > < html > < head > < meta http - equiv = "content-type"
content = "text/html; charset=utf-8" > < title > ETARGET 4.2 < /title><style type="text/css
">html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,font,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td{margin:0;padding:0;border:0;outline:0;font-size:100%;/*vertical-align:baseline;*/background:transparent;}body{line-height:1;}ol,ul{list-style:none;}blockquote,q{quotes:none;}blockquote:before,blockquote:after,q:before,q:after{content:'';content: none;}:focus{outline:0;}ins{text-decoration:none;}del{text-decoration:line-through;}table{border-collapse:collapse;border-spacing:0;}body{border-width:0px;margin:0px;padding:0px;font-family:'trebuchetMS',arial,sans-serif;font-size:11px;line-height:13px;background-color:transparent;}div.header{text-align:left;}div.footer{width:0px !important;right:0px !important;left: auto !important;line-height:120%;text-align:right;overflow:visible;position:fixed !important; z-index:2; bottom:0px !important;display:block !important; visibility: visible !important;}div.url{}div.like{text-align:right;}div#hide{background-color:white;position:absolute;top:0px;left:0px;border-width:0px;}div.box div.inbox td.img{background-color:white;border-width:1px;border-color:#909090;border-style:solid;}div.shop{overflow:hidden;text-align:left;border-width:0px 0px 0px 0px;border-style:solid;border-color:#c00000;}div.top {border-radius:5px 5px 0px 0px;text-shadow: #7f7f7f 0.1em 0.1em 0.1em;box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.5);}div.bot {border-radius:0px 0px 5px 5px;text-shadow: #7f7f7f 0.1em 0.1em 0.1em;box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.5);}div.intop {border-radius:5px 5px 0px 0px;}div.inshop {border-radius:5px 5px 0px 0px;/*box-shadow: 0px 0px 6px rgba(0, 0, 0, 0.5);*/}div.inshop td img {box-shadow: 0px 0px 6px rgba(0, 0, 0, 0.5);}div.shop div.title{color:#c00000;text-decoration:underline;}div.shop div.inshop div.obr table.shoptab td.imgbox div.inbox div.title a{color:#c00000;text-decoration:none;}div.shop div.inshop div.obr table.shoptab td.imgbox div.inbox div.desc a{color:#000000;}div.shop div.inshop div.inbox div.title a{font-size:12px;line-height:13px;color:#c00000;text-decoration:none;}div.shop div.inshop div.inbox div.desc a{font-size:11px;line-height:12px;color:#000000;text-decoration:none;}div.shop div.inshop div.inbox div.btn a{font-size:12px;color:#000000;text-decoration:none;}div.shop div.inshop div.inbox div.btn3 a{font-size:12px;line-height:15px;color:#c00000;font-weight:bold;text-decoration:none;}div.shop div.inshop div.inbox div.btn4 a{font-size:10px;line-height:15px;color:#c00000;font-weight:bold;text-decoration:none;}div.shop div.inshop div.inbox div.title a:hover{color:#c00000;}div.shop div.inshop div.inbox div.desc a:hover{color:#000000;text-decoration:none;}div.shop div.inshop div.inbox div.btn3 a:hover{color:#c00000;}div.shop div.inshop div.inbox div.btn4 a:hover{color:#c00000;}div.shop div.top{font-size:13px;font-weight:bold;font-style:italic;color:white;background-color:#c00000;line-height:20px;height:20px;text-align:left;}div.shop div.intop{margin:0px 2px;text-align:left;}div.shop div.inshop{margin:0px 5px;background-color:#ffffff;}/*background-color:#f0f0f1;*/div.shop div.inbox{margin:0px 2px;}div.shop div.inshop table.shoptab{height:100px;}div.shop div.inshop td.btn{cursor:pointer;width:14px;}div.shop div.inshop td.img{background-color:white;border-width:1px;border-color:#909090;border-style:solid;}div.shop div.inshop div.btn{width:80px;height:40px;text-align:center;line-height:36px;background-image:url(//sk.search.etargetnet.com/images/detail_gray.gif);background-repeat:no-repeat;background-position:0%;float:left;overflow:hidden;position:relative;top:-5px;}div.shop div.inshop div.btn2{width:80px;height:26px;text-align:center;line-height:20px;background-image:url(//sk.search.etargetnet.com/images/detail_gray.gif);background-repeat:no-repeat;background-position:0%;float:left;overflow:hidden;position:relative;top:3px;}div.shop div.inshop div.btn3{font-size:12px;text-align:left;float:left;}div.shop div.inshop div.btn4{font-size:10px;text-align:left;float:left;}div.shop div.inshop div.btna{display:block;margin:0px;width:80px;height:40px;text-align:center;line-height:36px;cursor:pointer;color:black;text-decoration:none;font-size:11px;font-weight:bold;}div.shop div.inshop div.price{margin-top:7px;text-align:center;font-family:tahoma;}div.shop div.inshop div.prices{margin-top:3px;text-align:right;font-family:tahoma;}div.shop div.inshop div.pricez{text-align:right;font-family:tahoma;}div.shop div.inshop div.pricezz{text-align:right;font-family:tahoma;}div.shop div.inshop div.prices div.price1{color:#c00000;font-weight:bold;font-size:14px;}div.shop div.inshop div.pricez div.price1{color:#c00000;font-weight:bold;font-size:12px;}div.shop div.inshop div.pricezz div.price1{color:#c00000;font-weight:bold;font-size:10px;}div.shop div.inshop div.price div.price1{color:#c00000;font-weight:bold;font-size:14px;line-height:15px;}div.shop div.inshop div.price div.price2{font-size:12px;line-height:15px;}div.shop div.inshop div.pricez div.price1{font-size:13px;line-height:15px;}div.shop div.inshop div.pricez div.price2{font-size:12px;line-height:15px;}div.shop div.inshop .biz{line-height:10px;}div.shop div.inshop .pricing1 a{color:#000000;text-decoration:none;font-weight:normal;font-size:9px;line-height:10px;}div.shop div.inshop .pricing2{color:#000000;font-weight:normal;font-size:9px;line-height:10px;text-decoration:line-through;}div.shop div.inshop .pricing3 a{color:#c00000;text-decoration:none;font-weight:bold;font-size:10px;line-height:10px;}div.shop div.inshop .pricing4{color:#c00000;text-decoration:none;font-weight:bold;font-size:10px;line-height:10px;}div.shop div.inshop a .buynow{display:block;width:72px;height:20px;background-image:url(//sk.search.etargetnet.com/images/buynow_sk_btn.png);background-position:top;background-repeat:no-repeat;cursor:pointer;}div.shop div.inshop a:hover .buynow{background-position:bottom;}div.main{border-width:0px;border-style:solid;border-color:#d0d0d0;overflow:hidden;position:relative;width:468px;height:60px;line-height:14px;background-color:#ffffff;}div.inmain{line-height:12px;font-family:verdana, sans-serif;font-size:11px;line-height:14px;text-align:center;}div.inmain iframe{display:inline-block !important;}div.box {text-align:left;border-width:0px;border-style:solid;border-color:#d0d0d0;}div.inbox {margin:0px 10px;text-align:left;border-width:0px;border-style:solid;border-color:#d0d0d0;margin: 3px 5px;}div.box div.title a{font-weight:bold;color: #cc0000;font-size:105%;text-decoration:none;}div.box div.desc a{color: #000000;font-size:100%;text-decoration:none;}span.countlikes{font-family:'Lucida Grande',verdana,arial,sans-serif;font-size:9px;line-height:9px;color:#000000;opacity:0.66;letter-spacing:-0.05em;}div.box div.fblike div.countlikes{float:left;height:11px;text-align:left;margin:0px 0px 0px 0px;font-family:'Lucida Grande',verdana,arial,sans-serif;font-size:9px;line-height:9px;color:#000000;opacity:0.66;letter-spacing:-0.05em;border-width:0px;padding:0px;}div.box div.url a{color: #0067d6; font-size:90%;text-decoration:none;}div.box div.title a:hover{color: #cc0000;text-decoration:underline;}div.box div.desc a:hover{color: #000000;text-decoration:none;}div.box div.url a:hover{color: #0067d6;text-decoration:underline;}div.infooter{margin:0px 5px;text-align:right;height: 28px;overflow:hidden;line-height: 36px;}div.inheader{margin:0px 5px;height: 16px;line-height: 16px;}div.inheader a{color: #0067d6;text-decoration:none;position:relative;z-index:1;font-size: 90%;}div.inheader a:hover{color: #0067d6;text-decoration:underline;}div.infooter a{transition: width 0.2s;background-position: left center;background-repeat:no-repeat;background-size:auto 17px;bottom: 1;display: block;height: 20px;width: 14px;position: absolute;z-index: 1;right: 4;background-image:url(https://etargetcdn.com/img/logo/etarget_logo_dark_uni_small.png);}div.infooter a:hover{background-color:rgba(255,255,255,0.8);border-radius:5px 0px 0px;background-position: center center !important;right:1px;width: 108px;}a.etarget_sipka{display:block;border-width:0px;width:40px;height:40px;background-position:top;margin:auto;background-repeat:no-repeat;background-image:url(//sk.search.etargetnet.com/img/sipka/sipka_C00.png);}a.etarget_sipka.sme{background-image:url(//sk.search.etargetnet.com/img/sipka/sipka_sme.png);z-index:1;}a.etarget_sipka:hover{background-position:bottom;}table.imgtable {max-height:60px;}.imgwrapper table.imgtable{overflow:hidden;}.imgwrapper .imgtable img{max-width:254px;max-height:60px;}.box.version-1.pulse-1 > .inbox > .imgwrapper table.imgtable img{animation: logo-pulse-def 2s 0s infinite linear !important; left:-50% !important;}@keyframes logo-pulse-def{0%{transform:scale(1);}25%{transform:scale(1.1);}50%{transform:scale(1);}75%{transform:scale(1.1);}100%{transform:scale(1);}}</style><script type="
text / javascript " charset="
utf - 8 " >var rotimages=[];var forcedWidth=468;var forcedHeight=60;var columns=1;var borderstyle='none';var radius=0;var opacity=100;var minspace=5;var ref=991;var c=1;var vert=0;var logo_type=9;var goUrl='https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&cid=1&';var boCol='#ffffff';var bgCol='#ffffff';var tbw=455;var lbw=254;var opac = 100;var transition = false;var icanthide=false;;function makeBorders(a,b,c,d,e,f){};var iebug=true;var aShopItems = new Array();var bw = 0;var bh = 0;var wh = 0;var ww = 0;var sxtotal = 0;var sytotal = 0;var ymax = 0;var header = null;var footer = null;var mytime;var j = new Array();var s = new Array();var hide = null;var cnt = 0;var shop = 0;var smer = '';var shopItemNo = 1;var dtime=new Date();var btime=dtime.getTime();var captchax = false;var cdata = false;function setCaptcha(){if(typeof(Captcha)=='function'){if(captchax==false){captchax = new Captcha(); captchax.init();};};};function getCaptcha(){if(typeof(captchax)=='object'){if(typeof(captchax.serialize)=='function'){cdata = captchax.serialize(); cdata = window.btoa(cdata); return cdata};};};setCaptcha();function clicktime(o,event){var dtime=new Date();o.href=o.href+'&cti='+Math.round((dtime.getTime()-btime)/1000);if(typeof(event)=='object' && typeof(event.clientX)=='number'){var ctype = ''; var shownflag = 0; var parents = findParents('inbox',o); if(typeof(parents)=='object'){if(parents.getElementsByClassName('etarget_img').length){shownflag+=1;};if(parents.getElementsByClassName('etarget_title').length){shownflag+=2;};if(parents.getElementsByClassName('etarget_desc').length){shownflag+=4;};if(parents.getElementsByClassName('etarget_url').length){shownflag+=8;};}; if(typeof(o.className)=='string'){try{var otype = o.className;var atype = otype.split('etarget_');var ctype = atype[1]; ctype = ctype.split(' '); ctype = ctype[0];}catch(e){console.log(e);}}; var where=ctype+'x'+(parseInt(event.clientX)*(991))+'x'+(parseInt(event.pageY)*(991))+'x'+shownflag;var cdata = getCaptcha();if(typeof(cdata)=='string' && typeof(where)=='string'){where = where+'|'+cdata};if(where){o.href=o.href+'&psi='+where;};};};function TRJS(src){var s=document.createElement('script');document.body.appendChild(s);s.src=src+'&js=1';};function findParents(cname,o){var p = o; if(typeof(p)=='object'){var px = ''; var pi = 0;while(true){if(pi>10){break;};if(typeof(p.className)=='string'){if(p.className==cname){return p;break;}};pi++;p = p.parentNode;};};return false;}function jednotka(o){this.o=o;this.width=this.o.offsetWidth;this.height=this.o.offsetHeight;this.c=o.className;this.left=0;this.top=0;this.isShop=false;this.hasImage=false;this.img=null;this.tab=null;this.title=null;this.text=null;this.url=null;this.price1=null;this.price2=null;this.badge=null;this.btn=null;this.moveRate=50;this.moveStepX=0;this.moveStepY=0;this.moveStartX=0;this.moveEndX=0;this.moveStartY=0;this.moveEndY=0;this.moveFrames=0;this.moveFrame=0;this.init=function(){var e=this.o.getElementsByTagName('DIV');for(var i=0;i<e.length;i++){if(e[i].className=='title')this.title=e[i];else if(e[i].className=='desc')this.text=e[i];else if(e[i].className=='url')this.url=e[i];else if(e[i].className=='price1')this.price1=e[i];else if(e[i].className=='price2')this.price2=e[i];if(e[i].className=='btn')this.btn=e[i];};var e=this.o.getElementsByTagName('TD');for(var i=0;i<e.length;i++){if(e[i].className=='imgbox')this.tab=e[i];if(e[i].className=='img')this.hasImage=true;};var e=this.o.getElementsByTagName('IMG');for(var i=0;i<e.length;i++){if(e[i].className=='shopImage')this.img=e[i];else if(e[i].className=='badge')this.badge=e[i];};},this.measure=function(){this.o.style.display='block';this.width=this.o.offsetWidth;this.height=this.o.offsetHeight;},this.hide=function(){this.o.style.display='none';},this.place=function(){this.o.style.position='absolute';this.o.style.left=(this.left)+'px';this.o.style.top=(this.top)+'px';if(this.badge){this.badge.style.position='absolute';var alt=this.badge.alt;if(alt=='hot'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth)+'px';this.badge.style.top=(this.o.offsetHeight-this.badge.offsetHeight)+'px';}else if(alt=='new'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth)+'px';this.badge.style.top=(0)+'px';}else if(alt=='percent'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth-10)+'px';this.badge.style.top=(Math.floor((this.o.offsetHeight-this.badge.offsetHeight)/2))+'px';}else if(alt=='sale'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth)+'px';this.badge.style.top=(Math.floor((this.o.offsetHeight-this.badge.offsetHeight)/2))+'px';}};},this.nextX=function(x,xspace){this.left=x;return Math.floor(x+this.width+xspace);},this.nextY=function(y,yspace){this.top=y;return Math.floor(y+this.height+yspace);},this.sameX=function(x,xspace){this.left=x;return x;},this.sameY=function(y,yspace){this.top=y;return y;},this.nextXY=function(x,xspace,y,yspace,want,have){this.top=y;this.left=x;have++;if(have>=want){have=0;return Math.floor(y+this.height+yspace);}else{return Math.floor(x+this.width+xspace);}},this.setMove=function(moveStartX,moveStartY,moveEndX,moveEndY,moveFrames){var moveLengthX=Math.floor(moveEndX-moveStartX);var moveLengthY=Math.floor(moveEndY-moveStartY);this.moveStepX=moveLengthX/moveFrames;this.moveStepY=moveLengthY/moveFrames;this.moveFrames=moveFrames;this.moveEndX=moveEndX;this.moveEndY=moveEndY;this.moveStartX=moveStartX;this.moveStartY=moveStartY;},this.setMoveTo=function(moveEndX,moveEndY,moveFrames){this.setMove(this.left,this.top,moveEndX,moveEndY,moveFrames);},this.setMoveFrom=function(moveStartX,moveStartY,moveFrames){this.setMove(moveStartX,moveStartY,this.left,this.top,moveFrames);this.left=moveStartX;this.top=moveStartY;this.place();},this.move=function(){if(this.moveFrame==this.moveFrames){this.moveFrame=0;this.left=this.moveEndX;this.top=this.moveEndY;this.place();return false;}else if(this.moveFrame==0){this.moveFrame++;this.left=this.moveStartX;this.top=this.moveStartY;this.place();return true;}else if(this.moveFrame<this.moveFrames){this.moveFrame++;this.left=this.left+Math.floor(this.moveStepX);this.top=this.top+Math.floor(this.moveStepY);this.place();return true;};};};function moves(){if(j[0].move())setTimeout(moves,j[0].moveRate);};function maxix(ww,xtotal){cnt=j.length;ymax=0;for(var i=(j.length-1);i>0;i--){xtotal=xtotal-j[i].width;if(ymax<j[i].height)ymax=j[i].height;cnt--;if(xtotal<(ww-((cnt-1)*minspace)))return xtotal;};return xtotal;};function maxi(wh,ytotal){cnt=j.length;ymax=0;for(var i=(j.length-1);i>0;i--){ytotal=ytotal-j[i].height;if(ymax<j[i].height)ymax=j[i].height;cnt--;if(ytotal<(wh-((cnt-1)*minspace)))return ytotal;};return ytotal;};function ymaxi(){ymax=0;for(var i=0;i<cnt;i++){if(ymax<j[i].height)ymax=j[i].height;};};function refresh2(){var xtotal=0;var ytotal=0;var extrasH=0;var y=0;var x=0;if(header){header.o.style.width=ww+'px';header.measure();header.left=x;header.top=0;header.place();y=header.height;};if(footer){footer.o.style.width=ww+'px';footer.measure();footer.left=x;footer.top=wh-footer.height;footer.place();};if(header)wh=wh-header.height;else wh=wh-5;if(footer)wh=wh-footer.height;else wh=wh-5;var cnt=0;for(var i=0;i<j.length;i++){j[i].o.style.width=Math.floor((ww/2)-3)+'px';j[i].init();j[i].measure();if(j[i].height>0)iebug=false;var nytotal1=0;var nytotal2=0;if(ytotal<(wh-(cnt*minspace))){if((i%2)==0){nytotal1=j[i].nextY(ytotal,0);}else{nytotal2=j[i].nextY(ytotal,0);}if(Math.max(nytotal1,nytotal2)<=(wh-((cnt+1)*minspace))){if(((i%2)!=0)||((j.length-1)==i)){cnt++;ytotal=Math.max(nytotal1,nytotal2);}}}if(j[i].c=='shop'){shop=i;j[i].isShop=true;};};var yspace=Math.floor((wh-ytotal-1)/(cnt-1));for(var i=0;i<j.length;i++){if((i%2)==0){x=0;x=j[i].nextX(x,0);}else{x=j[i].sameX(x,0);}if((i%2)==0){y=j[i].sameY(y,yspace);}else{y=j[i].nextY(y,yspace);}};for(var i=0;i<j.length;i++){if(icanthide){j[i].place();}else{if(cnt<=0)j[i].hide();else j[i].place();if((i%2)!=0)cnt--;if((i%2)!=0)j[i].o.className='box2';}};};function refresh(){wh=bh;ww=bw;if(radius>0){if(borderstyle=='3d'){wh=wh-Math.floor(radius/2);ww=ww-Math.floor(radius/2);};};if(columns==2)return refresh2();var xtotal=0;var ytotal=0;var y=0;var x=0;if((vert==0)){ww=ww-10;x=5;if(header){header.o.style.display='none';};if(borderstyle=='3d'){if(footer){footer.o.style.width='120px';footer.measure();footer.left=bw-120-Math.floor(radius/2);footer.top=bh-footer.height-Math.floor(radius/2);footer.place();};}else{if(footer){footer.o.style.width='120px';footer.measure();footer.left=bw-120;footer.top=bh-footer.height;footer.place();};};}else{if(header){header.o.style.width=ww+'px';header.measure();header.left=x;header.top=0;header.place();y=header.height;};if(footer){footer.o.style.width=ww+'px';footer.measure();footer.left=x;footer.top=wh-footer.height;footer.place();};if(header)wh=wh-header.height;else wh=wh-5;if(footer)wh=wh-footer.height;else wh=wh-5;};for(var i=0;i<j.length;i++){j[i].o.style.width=ww+'px';j[i].init();if(vert==1){if(j[i].tab!=null)j[i].tab.style.width=Math.floor(j[i].width-14-14-10)+'px';}else{if(j[i].o!=null){if((j[i].hasImage)){j[i].o.style.width=Math.min(Number(Number(tbw)+Number(lbw)),Number(ww)-6)+'px';}else{j[i].o.style.width=tbw+'px';};};};j[i].measure();if(j[i].height>0)iebug=false;if(vert==0){if(j[i].height>(wh-2)){j[i].height=wh-2;j[i].o.style.height=wh-2;};};if(ymax<j[i].height)ymax=j[i].height;xtotal=j[i].nextX(xtotal,0);ytotal=j[i].nextY(ytotal,0);if(j[i].c=='shop'){shop=i;j[i].isShop=true;};};if(vert==1){var o_ytotal=ytotal;cnt=j.length;if(ytotal>=(wh-((cnt-1)*minspace))){ytotal=maxi(wh,ytotal);};if(ytotal>=(wh-((cnt-1)*minspace))){if(footer){footer.o.style.display='none';wh=wh+footer.height;};};if(ytotal>=(wh-((cnt-1)*minspace))){if(header){header.o.style.display='none';wh=wh+header.height;y=0;};};var yspace=0;if(cnt>2)yspace=Math.floor((wh-ytotal)/(cnt-1));else if(cnt==2){y=Number(y)+Math.floor((wh-ytotal)/3);yspace=y;}else if(ytotal>wh){x=0;}else y=Number(y)+Math.floor((wh-ytotal)/2);for(var i=0;i<j.length;i++){j[i].nextX(0,0);y=j[i].nextY(y,yspace);};}else{var o_xtotal=xtotal;cnt=j.length;if(xtotal>=(ww-((cnt-1)*minspace))){xtotal=maxix(ww,xtotal);};ymaxi();if(ymax>(wh-10)){if(footer){footer.o.style.display='none';wh=wh+footer.height;};ymax=wh;y=0;}else{y=Math.round((Number(wh)-(Number(ymax)+12))/2);};var xspace=0;if(cnt>2)xspace=Math.floor((ww-xtotal)/(cnt-1));else if(cnt==2){x=Number(x)+Math.floor((ww-xtotal)/3);xspace=x;}else x=Number(x)+Math.floor((ww-xtotal)/2);for(var i=0;i<j.length;i++){j[i].nextY(y,0);x=j[i].nextX(x,xspace);};};for(var i=0;i<j.length;i++){if(icanthide){j[i].place();}else{if(i>=cnt)j[i].hide();else j[i].place();}};};function go(){bh=document.getElementById('main').offsetHeight;bw=document.getElementById('main').offsetWidth;if(typeof(forcedWidth)!='undefined')bw=forcedWidth;if(typeof(forcedHeight)!='undefined')bh=forcedHeight;makeBorders('main',borderstyle,radius,opacity,boCol,bgCol);hide=document.getElementById('hide');var d=document.getElementsByTagName('DIV');var changed=0;if(shop!=0)changeShop();for(var i=0;i<d.length;i++){var ccn = d[i].className;if(typeof(ccn)=='string'){ccn = ccn.split(' ');ccn = ccn[0];}if(ccn=='box'){j.push(new jednotka(d[i]));}if(ccn=='shop'){j.push(new jednotka(d[i]));};if(ccn=='header')header=new jednotka(d[i]);if(ccn=='footer')footer=new jednotka(d[i]);};refresh();if(transition)setTimeout(transition,300);else document.getElementById('hide').style.display='none';if(typeof(forcedWidth)!='undefined')window.onresize=refresh;if(iebug){iebug=false;setTimeout(refresh,1500);};!function(n,t,a,i){n.mpfContainr||(n.mpfContainr=function(){a.push(arguments)},mpfContainr.q=a,(i=t.createElement('script')).type='application/javascript',i.async=!0,i.src='//cdn.mookie1.com/containr.js',t.head.appendChild(i))}(window,document,[]);mpfContainr('V2_291021',{'host': 'sk-gmtdmp.mookie1.com', 'tagType': 'learn','src.rand': '1656691744'});var adv_tracking = parseInt('1');if(adv_tracking){/*tracking-pixel2*/var go3 = 'https://tpx.tesseradigital.com/dist/bundle.js';var img3 = document.createElement('script');img3.src = go3;document.getElementById('main').appendChild(img3);}!function(n,t,a,i){n.mpfContainr||(n.mpfContainr=function(){a.push(arguments)},mpfContainr.q=a,(i=t.createElement('script')).type='application/javascript',i.async=!0,i.src='//cdn.mookie1.com/containr.js',t.head.appendChild(i))}(window,document,[]);mpfContainr('V2_291021',{'host': 'sk-gmtdmp.mookie1.com', 'tagType': 'learn','src.rand': '1656691744'});var go3 = 'https://tpx.tesseradigital.com/dist/bundle.js';var img3 = document.createElement('script');img3.src = go3;document.getElementById('main').appendChild(img3);};function highlight(o){if(typeof(hover_back)=='undefined')return false;o.parentNode.style.backgroundColor=hover_back;};function lowlight(o){o.parentNode.style.backgroundColor='transparent';};var canRefresh = true;function timedReload(){var p=window.location.href;var n=11;var o=false;var a=p.split('?');var adr='';var b=a[1].split('&');for (x in b){var c=b[x].split('=');if (c[0]=='refresher') {n = Number(c[1]); n=Number(n)+1; if(n>10)return false;if(o==false)o=true;}else if(c[0]=='q'){adr=adr+'';}else{if(adr!='')adr=adr+'&';adr = adr+''+b[x]+'';};};if(canRefresh){if(o==false){ n=1;adr = 'refresher=1&'+adr;o=true;}else{adr = 'refresher='+n+'&'+adr};if(n>10)return false;if(adr!='')adr=adr+'&';adr=adr+'q='+escape('https://szm.com/reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe');adr=a[0]+'?'+adr;window.location.replace(adr);}};function imgRotator(n,s){this.n=n;this.srcs=s.split('|');this.w=1;this.split=function(s){this.aln=s.split(';');},this.assign=function(){this.ob=document.getElementById('etargetAdImg'+this.n);},this.next=function(){if(this.srcs.length<2)return false;if(typeof(this.ob=='undefined'))this.assign();if(!this.ob)return false;this.w++;if(this.w>=this.srcs.length)this.w=0;if(typeof(this.srcs[this.w])=='string'){var u=this.srcs[this.w];this.srcs[this.w]=new Image();this.srcs[this.w].src=u;}this.ob.src=this.srcs[this.w].src;},this.assign();}if(typeof(rotimages)=='undefined') var rotimages=[];function imgrot(){for(var i=0;i<rotimages.length;i++){rotimages[i].next();}};imgrottime=setInterval(imgrot,2000);rotimages[rotimages.length]=new imgRotator(0,'https://etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000|https://etargetcdn.com/frontend/logos/sk/35160/35160_9-11.jpg#3000|https://etargetcdn.com/frontend/logos/sk/35160/35160_9-6.jpg#3000');</script></head>
                                    

#4 JavaScript::Write (size: 9389, repeated: 1) - SHA256: 9b987cc5b117288c47886b91a6b5c92b76d7532fe94508d8a67090e9e090cf5d

                                        < body style = "overflow:hidden;"
onload = "if(typeof(go)=='function'){go();};if(typeof(gox)=='function'){gox();}" > < div class = "main"
id = "main" > < div class = "inmain"
id = "inmain"
ref = "991"
rel = "w_64850" > < div class = "ad-close"
style = "display:none;"
onclick = "try{var pd = parent.document; var adclose = pd.getElementById(''); adclose.parentNode.removeChild(adclose);}catch(e){console.log(e);}" > < /div><!--[jednotka1]--><div class="box version-1 pulse-0" id="b0"><div class="inbox"  onmouseover="if(typeof(highlight)=='function'){highlight(this);}" onmouseout="if(typeof(highlight)=='function'){lowlight(this);}"><div class="imgwrapper" style="float:left;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="max-width:254;max-height:131px" class="imgtable"><tr><td align="center" valign="middle" class="img"><a href="https:/ / sk.search.etargetnet.com / generic / broad / go.php ? action = ppc & amp;
cid = 1 & amp;
hh = gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y & amp;
pattern = AJNWU0MZt2c & amp;
at = 1656691744 & amp; & sfx = AM " style=";
background - image: url(https: //etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000); background-size: 0px;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_img" title=""><img id="etargetAdImg0" src="https://etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000"></a></td></tr></table></div><div class="imgwrapper sipkawrapper" style="float:right;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="width:40px;height:40px;border-width:0px;margin-right:5px;" ><tr><td align="center" valign="middle" class="sipka" style="border-width:0px;" ><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_sipka " ></a></td></tr></table></div><div class="adbox" style="margin-left:123px;" ><div class="title"><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM" style="" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_title" title="">Top kvalita CBD zo `vaj
        iarska < /a></div > < div class = "desc" > < a href = "https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM"
        style = ""
        target = "_blank"
        onclick = "if(typeof(clicktime)=='function'){clicktime(this,event);}"
        class = "etarget_desc"
        title = "" > Akcia - ve > koobchodn� ceny a~-60 % Uv� dzacie ceny v jedine nom dizajne < /a></div > < /div><div style="clear:both;max-height:0px;">&nbsp;</div > < /div></div > < /div></div > < div class = "main"
        id = "hide" > < /div><script language='JavaScript'  charset="utf-8"  >var chrome = /Chrome / .test(navigator.userAgent) && /Google Inc/.test(navigator.vendor);
        var isPixel = parseInt('0');
        var eident = 'EPLAYA';
        var skanJSForYT = false;
        var nextVideoAfterEnd = parseInt('0');
        var etargetAfterClose = parseInt('0');
        var skiptext = 'reklama ETARGET';
        var ceuvn = 'YTowOnt9';
        var xeuvn = '';
        var ourips = '';
        var videoReferer = parseInt('');
        var newStyle = '';
        var parentRelated = '1';
        var noPrerolls = false;
        var globalMidroll = '35,120';
        if ('' == 'true') {
            noPrerolls = true;
        }
        try {
            if (typeof(isEplayaRunSet) == 'undefined') {
                var isEplayaRunSet = false;
            }
            if (!isEplayaRunSet) {
                if (typeof(apiREADY) == 'undefined') {
                    var apiREADY = false;
                }
                if (typeof(eplayaAutoplay) == 'undefined' || isPixel == 1) {
                    var eplayaAutoplay = parseInt('0');
                }
                if ((typeof(tryEtarget) == 'undefined' || isPixel == 1) && '1' == 'none') {
                    var tryEtarget = 0;
                }
                if ((typeof(defaultVPAIDURL) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var defaultVPAIDURL = '';
                }
                if ((typeof(debugMode) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var debugMode = '';
                }
                if (typeof(eplayaResponsive) == 'undefined' || isPixel == 1) {
                    var eplayaResponsive = parseInt('0');
                }
                if (typeof(etargetAfterClose) == 'undefined' || isPixel == 1) {
                    var etargetAfterClose = parseInt('0');
                }
                if (typeof(eplayaXko) == 'undefined' || isPixel == 1) {
                    var eplayaXko = 'width:30px;height:30px;';
                }
                if (typeof(blockedJSON) == 'undefined' || isPixel == 1) {
                    var blockedJSON = 'eyJibG9ja2VkX3NvdXJjZSI6WyJhZG9jZWFuIiwiem96bmFtLnNrIiwid2Vibm92aW55LnNrIiwidG9wa3kuc2siLCJldGFyZ2V0IiwidmlkZW9zZXJpZXMiXSwiYmxvY2tlZF92aWRlb19pZCI6WyJaY3J3QkVDV05PRSIsIlFsSm5oYjYwVDFjIl0sImJsb2NrZWRfaWQiOlsiYnJhbmRpbmdfdmlkZW8iXSwiYmxvY2tlZF9jbGFzcyI6WyJwbGF5ZXI1LXZpZGVvIiwiZnAtZW5naW5lIiwiYnJhbmRpbmdfdmlkZW9fY29udGVudCJdLCJibG9ja2VkX2F0dHIiOlsiZGF0YS1wbGF5ZXI9em96bmFtIiwiZGF0YS1wbGF5ZXI9bm8tYWRzIl19';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var forcedJSON = 'W10=';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var showinfo = parseInt('');
                }
                if (typeof(adsTimeDelay) == 'undefined' || isPixel == 1) {
                    var adsTimeDelay = parseInt('') * -1;
                }
                if (typeof(onReadyFilled) == 'undefined') {
                    var onReadyFilled = false;
                }
                if (typeof(dont_touch) == 'undefined' || dont_touch.length == 0) {
                    var dont_touch = '';
                }
                if (typeof(blockedPlayers) == 'undefined') {
                    var blockedPlayers = '';
                } else {
                    blockedPlayers = blockedPlayers + ',';
                }
                if (typeof(allowedPlayers) == 'undefined') {
                    var allowedPlayers = '';
                } else {
                    allowedPlayers = allowedPlayers + ',';
                }
                if (typeof(onLoadFilled) == 'undefined') {
                    var onLoadFilled = false;
                }
                if (typeof(alreadyChecked) == 'undefined') {
                    var alreadyChecked = false;
                }
                if (typeof(etargetVideoType) == 'undefined') {
                    var etargetVideoType = '0';
                }
                if (typeof(maxAdsCount) == 'undefined' || isPixel == 1) {
                    var maxAdsCount = parseInt('0');
                    var niecoX = 1;
                }
                if (typeof(etargetVideoReferrer) == 'undefined') {
                    var etargetVideoReferrer = 0;
                }
                if (typeof(etargetVideoDomain) == 'undefined') {
                    var etargetVideoDomain = '';
                }
                if (typeof(eplayaDeviceType) == 'undefined') {
                    var eplayaDeviceType = parseInt('0');
                }
                if (document.readyState == 'complete' || document.readyState == 'interactive') {
                    if (typeof(checkYURun) == 'function' && !alreadyChecked) {
                        checkYURun('start');
                    }
                }
                if (!alreadyChecked) {
                    var docold = '';
                    if (!alreadyChecked && !onReadyFilled) {
                        if (typeof(document.onreadystatechange) == 'function') {
                            docold = document.onreadystatechange;
                        }
                        document.onreadystatechange = function() {
                            if (!alreadyChecked) {
                                checkYURun('ready');
                            }
                            if (typeof(docold) == 'function') {
                                docold();
                            }
                            onReadyFilled = true;
                        }
                    }
                    var winold = '';
                    if (!alreadyChecked && !onLoadFilled) {
                        if (typeof(window.onload) == 'function') {
                            winold = window.onload;
                        }
                        window.onload = function() {
                            if (!alreadyChecked) {
                                checkYURun('loaded');
                            }
                            if (typeof(winold) == 'function') {
                                winold();
                            }
                            onLoadFilled = true;
                        }
                    }
                }
                if (typeof(onYouTubeIframeAPIReady) == 'function') {
                    skanJSForYT = true;
                }

                function checkYURun(where) {
                    var state = document.readyState;
                    if (state == 'complete' || state == 'interactive') {
                        if (typeof(checkYUExist) == 'function' && !alreadyChecked) {
                            if (typeof(eplayaInit) == 'function') {
                                eplayaInit();
                            } else {
                                checkYUExist();
                            }
                        }
                    }
                }

                function checkYUExist() {
                    var exist = false;
                    var estyle = document.getElementsByTagName('link');
                    for (key in estyle) {
                        if (estyle[key]) {
                            var esrc = estyle[key].href;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                        }
                    }
                    var exist = false;
                    var exist2 = false;
                    var escripts = document.getElementsByTagName('script');
                    for (key in escripts) {
                        if (escripts[key]) {
                            var esrc = escripts[key].src;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                            if (esrc && esrc.indexOf('iframe_api') >= 0) {
                                var exist2 = true;
                            }
                        }
                    }
                    if (!exist2) {
                        var yuscript = document.createElement('script');
                        yuscript.type = 'text/javascript';
                        yuscript.src = 'https://www.youtube.com/iframe_api';
                        document.head.appendChild(yuscript);
                        apiREADY = true;
                    } else {
                        apiREADY = true;
                    }
                    if (!exist) {
                        window.etargetVideoReferrer = parseInt('991');
                        window.etargetVideoDomain = 'sk';
                        var newscript = document.createElement('script');
                        newscript.type = 'text/javascript';
                        newscript.src = 'https://etargetcdn.com/embed/eplayaV5.32.js';
                        if (document.head) {
                            document.head.appendChild(newscript);
                        }
                    }
                }
                isEplayaRunSet = true;
            }
        } catch (e) {
            console.log(e);
        } < /script></body > < /html>
                                    

#5 JavaScript::Write (size: 9389, repeated: 1) - SHA256: 644a1ffeea2d9607100cc6b53dab16b5745d2e81a7cfad0a224f2a3e849dec54

                                        < body style = "overflow:hidden;"
onload = "if(typeof(go)=='function'){go();};if(typeof(gox)=='function'){gox();}" > < div class = "main"
id = "main" > < div class = "inmain"
id = "inmain"
ref = "991"
rel = "w_70457" > < div class = "ad-close"
style = "display:none;"
onclick = "try{var pd = parent.document; var adclose = pd.getElementById(''); adclose.parentNode.removeChild(adclose);}catch(e){console.log(e);}" > < /div><!--[jednotka1]--><div class="box version-1 pulse-0" id="b0"><div class="inbox"  onmouseover="if(typeof(highlight)=='function'){highlight(this);}" onmouseout="if(typeof(highlight)=='function'){lowlight(this);}"><div class="imgwrapper" style="float:left;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="max-width:254;max-height:131px" class="imgtable"><tr><td align="center" valign="middle" class="img"><a href="https:/ / sk.search.etargetnet.com / generic / broad / go.php ? action = ppc & amp;
cid = 1 & amp;
hh = gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y & amp;
pattern = AJNWU0MZt2c & amp;
at = 1656691744 & amp; & sfx = AM " style=";
background - image: url(https: //etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000); background-size: 0px;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_img" title=""><img id="etargetAdImg0" src="https://etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000"></a></td></tr></table></div><div class="imgwrapper sipkawrapper" style="float:right;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="width:40px;height:40px;border-width:0px;margin-right:5px;" ><tr><td align="center" valign="middle" class="sipka" style="border-width:0px;" ><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_sipka " ></a></td></tr></table></div><div class="adbox" style="margin-left:123px;" ><div class="title"><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM" style="" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_title" title="">Top kvalita CBD zo `vaj
        iarska < /a></div > < div class = "desc" > < a href = "https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM"
        style = ""
        target = "_blank"
        onclick = "if(typeof(clicktime)=='function'){clicktime(this,event);}"
        class = "etarget_desc"
        title = "" > Akcia - ve > koobchodn� ceny a~-60 % Uv� dzacie ceny v jedine nom dizajne < /a></div > < /div><div style="clear:both;max-height:0px;">&nbsp;</div > < /div></div > < /div></div > < div class = "main"
        id = "hide" > < /div><script language='JavaScript'  charset="utf-8"  >var chrome = /Chrome / .test(navigator.userAgent) && /Google Inc/.test(navigator.vendor);
        var isPixel = parseInt('0');
        var eident = 'EPLAYA';
        var skanJSForYT = false;
        var nextVideoAfterEnd = parseInt('0');
        var etargetAfterClose = parseInt('0');
        var skiptext = 'reklama ETARGET';
        var ceuvn = 'YTowOnt9';
        var xeuvn = '';
        var ourips = '';
        var videoReferer = parseInt('');
        var newStyle = '';
        var parentRelated = '1';
        var noPrerolls = false;
        var globalMidroll = '35,120';
        if ('' == 'true') {
            noPrerolls = true;
        }
        try {
            if (typeof(isEplayaRunSet) == 'undefined') {
                var isEplayaRunSet = false;
            }
            if (!isEplayaRunSet) {
                if (typeof(apiREADY) == 'undefined') {
                    var apiREADY = false;
                }
                if (typeof(eplayaAutoplay) == 'undefined' || isPixel == 1) {
                    var eplayaAutoplay = parseInt('0');
                }
                if ((typeof(tryEtarget) == 'undefined' || isPixel == 1) && '1' == 'none') {
                    var tryEtarget = 0;
                }
                if ((typeof(defaultVPAIDURL) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var defaultVPAIDURL = '';
                }
                if ((typeof(debugMode) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var debugMode = '';
                }
                if (typeof(eplayaResponsive) == 'undefined' || isPixel == 1) {
                    var eplayaResponsive = parseInt('0');
                }
                if (typeof(etargetAfterClose) == 'undefined' || isPixel == 1) {
                    var etargetAfterClose = parseInt('0');
                }
                if (typeof(eplayaXko) == 'undefined' || isPixel == 1) {
                    var eplayaXko = 'width:30px;height:30px;';
                }
                if (typeof(blockedJSON) == 'undefined' || isPixel == 1) {
                    var blockedJSON = 'eyJibG9ja2VkX3NvdXJjZSI6WyJhZG9jZWFuIiwiem96bmFtLnNrIiwid2Vibm92aW55LnNrIiwidG9wa3kuc2siLCJldGFyZ2V0IiwidmlkZW9zZXJpZXMiXSwiYmxvY2tlZF92aWRlb19pZCI6WyJaY3J3QkVDV05PRSIsIlFsSm5oYjYwVDFjIl0sImJsb2NrZWRfaWQiOlsiYnJhbmRpbmdfdmlkZW8iXSwiYmxvY2tlZF9jbGFzcyI6WyJwbGF5ZXI1LXZpZGVvIiwiZnAtZW5naW5lIiwiYnJhbmRpbmdfdmlkZW9fY29udGVudCJdLCJibG9ja2VkX2F0dHIiOlsiZGF0YS1wbGF5ZXI9em96bmFtIiwiZGF0YS1wbGF5ZXI9bm8tYWRzIl19';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var forcedJSON = 'W10=';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var showinfo = parseInt('');
                }
                if (typeof(adsTimeDelay) == 'undefined' || isPixel == 1) {
                    var adsTimeDelay = parseInt('') * -1;
                }
                if (typeof(onReadyFilled) == 'undefined') {
                    var onReadyFilled = false;
                }
                if (typeof(dont_touch) == 'undefined' || dont_touch.length == 0) {
                    var dont_touch = '';
                }
                if (typeof(blockedPlayers) == 'undefined') {
                    var blockedPlayers = '';
                } else {
                    blockedPlayers = blockedPlayers + ',';
                }
                if (typeof(allowedPlayers) == 'undefined') {
                    var allowedPlayers = '';
                } else {
                    allowedPlayers = allowedPlayers + ',';
                }
                if (typeof(onLoadFilled) == 'undefined') {
                    var onLoadFilled = false;
                }
                if (typeof(alreadyChecked) == 'undefined') {
                    var alreadyChecked = false;
                }
                if (typeof(etargetVideoType) == 'undefined') {
                    var etargetVideoType = '0';
                }
                if (typeof(maxAdsCount) == 'undefined' || isPixel == 1) {
                    var maxAdsCount = parseInt('0');
                    var niecoX = 1;
                }
                if (typeof(etargetVideoReferrer) == 'undefined') {
                    var etargetVideoReferrer = 0;
                }
                if (typeof(etargetVideoDomain) == 'undefined') {
                    var etargetVideoDomain = '';
                }
                if (typeof(eplayaDeviceType) == 'undefined') {
                    var eplayaDeviceType = parseInt('0');
                }
                if (document.readyState == 'complete' || document.readyState == 'interactive') {
                    if (typeof(checkYURun) == 'function' && !alreadyChecked) {
                        checkYURun('start');
                    }
                }
                if (!alreadyChecked) {
                    var docold = '';
                    if (!alreadyChecked && !onReadyFilled) {
                        if (typeof(document.onreadystatechange) == 'function') {
                            docold = document.onreadystatechange;
                        }
                        document.onreadystatechange = function() {
                            if (!alreadyChecked) {
                                checkYURun('ready');
                            }
                            if (typeof(docold) == 'function') {
                                docold();
                            }
                            onReadyFilled = true;
                        }
                    }
                    var winold = '';
                    if (!alreadyChecked && !onLoadFilled) {
                        if (typeof(window.onload) == 'function') {
                            winold = window.onload;
                        }
                        window.onload = function() {
                            if (!alreadyChecked) {
                                checkYURun('loaded');
                            }
                            if (typeof(winold) == 'function') {
                                winold();
                            }
                            onLoadFilled = true;
                        }
                    }
                }
                if (typeof(onYouTubeIframeAPIReady) == 'function') {
                    skanJSForYT = true;
                }

                function checkYURun(where) {
                    var state = document.readyState;
                    if (state == 'complete' || state == 'interactive') {
                        if (typeof(checkYUExist) == 'function' && !alreadyChecked) {
                            if (typeof(eplayaInit) == 'function') {
                                eplayaInit();
                            } else {
                                checkYUExist();
                            }
                        }
                    }
                }

                function checkYUExist() {
                    var exist = false;
                    var estyle = document.getElementsByTagName('link');
                    for (key in estyle) {
                        if (estyle[key]) {
                            var esrc = estyle[key].href;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                        }
                    }
                    var exist = false;
                    var exist2 = false;
                    var escripts = document.getElementsByTagName('script');
                    for (key in escripts) {
                        if (escripts[key]) {
                            var esrc = escripts[key].src;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                            if (esrc && esrc.indexOf('iframe_api') >= 0) {
                                var exist2 = true;
                            }
                        }
                    }
                    if (!exist2) {
                        var yuscript = document.createElement('script');
                        yuscript.type = 'text/javascript';
                        yuscript.src = 'https://www.youtube.com/iframe_api';
                        document.head.appendChild(yuscript);
                        apiREADY = true;
                    } else {
                        apiREADY = true;
                    }
                    if (!exist) {
                        window.etargetVideoReferrer = parseInt('991');
                        window.etargetVideoDomain = 'sk';
                        var newscript = document.createElement('script');
                        newscript.type = 'text/javascript';
                        newscript.src = 'https://etargetcdn.com/embed/eplayaV5.32.js';
                        if (document.head) {
                            document.head.appendChild(newscript);
                        }
                    }
                }
                isEplayaRunSet = true;
            }
        } catch (e) {
            console.log(e);
        } < /script></body > < /html>
                                    

#6 JavaScript::Write (size: 125, repeated: 1) - SHA256: e3fc402cd815d2d7aa3f0d12eece9347048b9cd41aa2cc0b61f081657a07a8f5

                                        < script src = "https://szm.com/reklamatr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe"
type = "text/javascript" > < /script>
                                    


HTTP Transactions (76)


Request Response
                                        
                                            GET /43t3f/45y4g.exe HTTP/1.1 
Host: palochusvet.szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         85.248.228.58
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   313
Md5:    e1b7426e0fe426e7ba1a138ab1722d2d
Sha1:   9836feb8393138bd566e49cde0e9de3f73d0117e
Sha256: 4f54abb483dc5513a55e5fa8d290ddfb1879fde7154b09f7ed184603e1c24bbd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 01 Jul 2022 15:48:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _lsQfgjaWLEaSyJkeR6OCl5Q6c8FrthgvKEdppG7LBchAJf6BwlqJw==
Age: 1204


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F"
Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6250
Expires: Fri, 01 Jul 2022 17:53:13 GMT
Date: Fri, 01 Jul 2022 16:09:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 01 Jul 2022 03:26:42 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PbKkUcQrdZy5tULswrCqvxipt4RHBnie_wVHhv8AGf-ZpvT2d-sI9w==
age: 45742
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:09:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:03 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 05 Jul 2022 15:39:49 GMT
ETag: "038dc923fa7af80147244213e666036e2e6d670b"
Last-Modified: Fri, 01 Jul 2022 15:39:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 72406764fb7ffac0-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    012dd0511c204b3c4d5ec22404bee797
Sha1:   038dc923fa7af80147244213e666036e2e6d670b
Sha256: 6fdb2f85faac897dc18c64bb074f0458ddf7596486338f36bbb5c2562098aeb9
                                        
                                            GET /reklamatr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe HTTP/1.1 
Host: szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.115
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (433)
Size:   6300
Md5:    b930531c0c975bce30d86658440769a9
Sha1:   8f78178dcf04d05a0c2a3f246b52e441333ee7cb
Sha256: 8d367d32d7cc5db06c38f6fa49c35e64543e8e8e4b003b09a373598bfe68fcdb
                                        
                                            GET /reklamafr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe HTTP/1.1 
Host: szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.115
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ISO-8859 text, with very long lines (1036)
Size:   8055
Md5:    1b76f57afe73ff5982654c8e4660f6ff
Sha1:   413fc6341566a94f4a21d95955a57c3bbbb89e84
Sha256: a6ae784e53b82f8bb5605d39a9f6076f81aa6ecac4c0cebd1aabe116b81f28a6
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 01 Jul 2022 15:38:48 GMT
Expires: Fri, 01 Jul 2022 16:11:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fx5vwjwnZeGc107sBnFU9169N-vbW0pR2rb7_lnYMuEbmOtBLI_oNQ==
Age: 1816


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /google-analytics.html HTTP/1.1 
Host: szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Upgrade-Insecure-Requests: 1

                                         
                                         85.248.228.115
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Content-Length: 178
Connection: keep-alive
Location: https://szm.com/google-analytics.html


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe HTTP/1.1 
Host: szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Upgrade-Insecure-Requests: 1

                                         
                                         85.248.228.115
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Content-Length: 178
Connection: keep-alive
Location: https://szm.com/reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /google-analytics.html HTTP/1.1 
Host: szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://palochusvet.szm.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.115
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Last-Modified: Sun, 24 Jan 2010 22:13:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"4b5cc60c-197"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   274
Md5:    4d428f1d564f5006313d081ded483776
Sha1:   3d5f09a9a77a4c8dab7b2dcc816e4c5281073525
Sha256: 2607804c544b3bbd776e8d078b481761d2a058c540381f762bf60aae53f7d1ab
                                        
                                            GET /PIC/reklama.gif HTTP/1.1 
Host: img.szm.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://palochusvet.szm.com/

                                         
                                         85.248.228.60
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Content-Length: 1216
Last-Modified: Tue, 23 Jun 2020 10:27:25 GMT
Connection: keep-alive
ETag: "5ef1d90d-4c0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 12 x 61\012- data
Size:   1216
Md5:    c3260f4b9a3aa946a2ed7305e3cc36d2
Sha1:   35e41c0064cb7f4709129c7f34a2a259889cd54e
Sha256: 35571cbb7c061079794e64259ab76263b7b4ad7d4699e7ac1e447648fcfaee1a
                                        
                                            GET /PIC/minilogoszm.gif HTTP/1.1 
Host: img.szm.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://palochusvet.szm.com/

                                         
                                         85.248.228.60
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Content-Length: 939
Last-Modified: Tue, 23 Jun 2020 10:27:26 GMT
Connection: keep-alive
ETag: "5ef1d90e-3ab"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 46\012- data
Size:   939
Md5:    0783acd3aec000196b15ab7c791daa10
Sha1:   dc045f8ceb87d2a8b25d1386d5c639b43ecc208f
Sha256: 8d5da64a4b9a9222ec115e20aa5572bad099e9f9d3a0d28d18b6c01ca53b19bb
                                        
                                            GET /PIC/zavriet.gif HTTP/1.1 
Host: img.szm.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://palochusvet.szm.com/

                                         
                                         85.248.228.60
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Content-Length: 107
Last-Modified: Tue, 23 Jun 2020 10:27:26 GMT
Connection: keep-alive
ETag: "5ef1d90e-6b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 14\012- data
Size:   107
Md5:    73cebb1642c5d0a07da398b331d12be9
Sha1:   921a826744a0c460527dd1e435a8255cea61a2a8
Sha256: 68f00ddb2fea05491cd747ba59dc7783ee6f93244bb8e4f34020493081f54524
                                        
                                            GET /reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe HTTP/1.1 
Host: szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://palochusvet.szm.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.115
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6523)
Size:   3292
Md5:    83092a6fac7ec521e773f2d7610869c0
Sha1:   ca10eeb2e2dd6f977ac8285a4477c453b217d03e
Sha256: 5f4da8b7d0fed273f4ddaa7574fd780c162e743e764b7309b2d3955c19239e2f
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: palochusvet.szm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://palochusvet.szm.com/43t3f/45y4g.exe

                                         
                                         85.248.228.58
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   313
Md5:    e1b7426e0fe426e7ba1a138ab1722d2d
Sha1:   9836feb8393138bd566e49cde0e9de3f73d0117e
Sha256: 4f54abb483dc5513a55e5fa8d290ddfb1879fde7154b09f7ed184603e1c24bbd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.168
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 01 Jul 2022 14:17:10 GMT
expires: Fri, 01 Jul 2022 16:17:10 GMT
cache-control: public, max-age=7200
age: 6714
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1680
Cache-Control: 'max-age=158059'
Date: Fri, 01 Jul 2022 16:09:04 GMT
Last-Modified: Fri, 01 Jul 2022 15:41:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "54600436DDCB13E9097E7081ECD348437B9334213EB3E3A02BB37F6DE4D59857"
Last-Modified: Wed, 29 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8181
Expires: Fri, 01 Jul 2022 18:25:25 GMT
Date: Fri, 01 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "54600436DDCB13E9097E7081ECD348437B9334213EB3E3A02BB37F6DE4D59857"
Last-Modified: Wed, 29 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8181
Expires: Fri, 01 Jul 2022 18:25:25 GMT
Date: Fri, 01 Jul 2022 16:09:04 GMT
Connection: keep-alive

                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8813686-1&cid=1171909612.1656691745&jid=400838370&_v=5.7.2&z=579405538 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://szm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.73.154
HTTP/2 200 OK
                                        
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Jul 2022 16:09:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /generic/advert.php?g=ref:991,area:468x60,:,tabl:4,design_name:custom,border_color:ffffff,border_style:none,background_opacity:100,background_color:ffffff,hover_back:,title_color:cc0000,text_color:000000,url_color:0067d6,h_title_color:cc0000,h_text_color:000000,h_url_color:0067d6,freespace:0,logo_type:0,logo:0,title_underline:0,url_underline:0,h_title_underline:1,h_url_underline:1,nourl:,fsi:auto,font:verdana,require_login_pass:0,login_pass:,show_in_fb:,show_in_fb_text:,tt:0,q:https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 
Host: sk.search.etargetnet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.168.10.172
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
X-Protected-By: Bee/0.43
Set-Cookie: p=991; expires=Fri, 01-Jul-2022 17:09:04 GMT; Max-Age=3600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=512; expires=Fri, 15-Jul-2022 16:09:04 GMT; Max-Age=1209600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=J; expires=Mon, 01-Aug-2022 16:09:04 GMT; Max-Age=2678400; path=/; samesite=none; domain=.etargetnet.com; secure ckf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure ckf=1; expires=Sat, 01-Jul-2023 16:09:04 GMT; Max-Age=31536000; path=/; samesite=none; domain=.etargetnet.com; secure ecc[996]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure ecc[944]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
X-Powered-By: Queen/2.145
Access-Control-Allow-Origin: *
Y-Protected-By: Bulbasaur/mblade01-01-c
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24111)
Size:   13675
Md5:    3521415e5acb6179042eaca567c84dda
Sha1:   5c2c9323cd43e6dad292a35a4df11963de483e41
Sha256: d29e65017e71b59609e54eefb34d172322ccd23c8c17c42cdb37db5dec9c8b49
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 73lMXkAbURW6nTzG9PnrHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.40.216.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cEIEmkuh0E5JsnMxFuRSgqzQnqQ=

                                        
                                            GET /frontend/logos/sk/35160/35160_9-5.jpg HTTP/1.1 
Host: etargetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.73.79
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 16:09:04 GMT
content-type: image/jpeg
content-length: 10440
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10681, status=webp_bigger
etag: "622ddf97-29b9"
last-modified: Sun, 13 Mar 2022 12:12:07 GMT
y-protected-by: Bulbasaur/mblade01-01-b
cache-control: max-age=14400
cf-cache-status: HIT
age: 4165
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtE31%2BLI6EibkUsKOgWMoFQ4%2FaH6ChUukhI8gfNXyMrR3TTLiORaha0R2IyetVCCKh44bsy17CX5F%2B37O8LUc1rT8Jh9ULmM0X0W%2FvZuiyTWEW6d1RdWRj%2FxDA1SiIJM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7240676d19b00b59-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 254x133, components 3\012- data
Size:   10440
Md5:    b6cf84521f99c67fc3b2c8feab2264d0
Sha1:   50db1c62ad5592fff4ee11c3b91437f1de7bff0f
Sha256: 32dc254d4446e07446f29b03505d72ce1bcf3962c6cf2b921308102b721ca28d
                                        
                                            GET /generic/advert.php?g=ref:991,area:468x60,:,tabl:4,design_name:custom,border_color:ffffff,border_style:none,background_opacity:100,background_color:ffffff,hover_back:,title_color:cc0000,text_color:000000,url_color:0067d6,h_title_color:cc0000,h_text_color:000000,h_url_color:0067d6,freespace:0,logo_type:0,logo:0,title_underline:0,url_underline:0,h_title_underline:1,h_url_underline:1,nourl:,fsi:auto,font:verdana,require_login_pass:0,login_pass:,show_in_fb:,show_in_fb_text:,tt:0,q:https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 
Host: sk.search.etargetnet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.168.10.172
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
X-Protected-By: Bee/0.43
Set-Cookie: p=991; expires=Fri, 01-Jul-2022 17:09:04 GMT; Max-Age=3600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=512; expires=Fri, 15-Jul-2022 16:09:04 GMT; Max-Age=1209600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=J; expires=Mon, 01-Aug-2022 16:09:04 GMT; Max-Age=2678400; path=/; samesite=none; domain=.etargetnet.com; secure ckf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure ckf=1; expires=Sat, 01-Jul-2023 16:09:04 GMT; Max-Age=31536000; path=/; samesite=none; domain=.etargetnet.com; secure ecc[996]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure ecc[944]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
X-Powered-By: Queen/2.145
Access-Control-Allow-Origin: *
Y-Protected-By: Bulbasaur/mblade01-01-c
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24111)
Size:   13672
Md5:    41965640ee57b41afa419b964a578acb
Sha1:   279c368fe9184a9443d24ee91b60fe4c34fa4047
Sha256: 076ca59950090a9d5430a6663cc0017e479965878491e4cfd0f6a1b51ee9c35b
                                        
                                            GET /img/sipka/sipka_C00.png HTTP/1.1 
Host: sk.search.etargetnet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.168.10.172
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:04 GMT
Content-Length: 1228
Last-Modified: Fri, 06 Dec 2013 09:35:48 GMT
Connection: keep-alive
ETag: "52a19a74-4cc"
Expires: Sat, 02 Jul 2022 16:09:04 GMT
Cache-Control: max-age=86400
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Pragma: cache
Y-Protected-By: Bulbasaur/mblade01-01-c
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 40 x 80, 8-bit colormap, non-interlaced\012- data
Size:   1228
Md5:    a162c304f69121a0342881c7637f769b
Sha1:   22ca11af669d289f8698ad0e58d22459c9f6ad93
Sha256: e64bec99568e524ce2729f0768e3eccedfeeac91ad93caee216804db928619fc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/player/0e7373c2/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.142
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 51437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Jul 2022 02:35:04 GMT
expires: Sat, 01 Jul 2023 02:35:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
content-type: text/javascript
age: 48840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (570)
Size:   51437
Md5:    60e8dd90f7a033a48223948b15e245f8
Sha1:   771bcecd99ad5c822194a0430e8bc6b8495becc8
Sha256: fcb481f5c417a885d11411ce103c03e59e58f2909a1fb4393fc14d84bc24027d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 16:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3310
Cache-Control: 'max-age=158059'
Date: Fri, 01 Jul 2022 16:09:05 GMT
Last-Modified: Fri, 01 Jul 2022 15:13:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /containr.js HTTP/1.1 
Host: cdn.mookie1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.13.39.40
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Last-Modified: Tue, 08 Sep 2020 10:42:20 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=60
Expires: Fri, 01 Jul 2022 16:10:05 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Content-Length: 2941
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (8911), with no line terminators
Size:   2941
Md5:    7ffd4fb7e1453522a471c78427da2ae1
Sha1:   ffd31aaa4c68ff2d09b295092cabf335b3657d4a
Sha256: 38d3be2ed4b565fd170f63bd420ef939e1b565ef30d461341986c505d84833ed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B"
Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19991
Expires: Fri, 01 Jul 2022 21:42:16 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B"
Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20508
Expires: Fri, 01 Jul 2022 21:50:53 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B"
Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20563
Expires: Fri, 01 Jul 2022 21:51:48 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B"
Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20029
Expires: Fri, 01 Jul 2022 21:42:54 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            GET /dist/bundle.js HTTP/1.1 
Host: tpx.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.157.179.180
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:09:05 GMT
content-type: application/javascript
content-length: 26906
etag: "f8ef48c937b68b99d07d3f89ad4b87ff8f42c502"
set-cookie: tpuuid=gHQX4elOLABtkAUHelTQtx6zZjlUosgp6xj0OwNMI88Y; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26906), with no line terminators
Size:   26906
Md5:    5febbc7eedc877d965812a719a5d79b8
Sha1:   f8ef48c937b68b99d07d3f89ad4b87ff8f42c502
Sha256: b8481fc163157c34968627e542b5947bde503853016133a04c50bccd3dbfe595
                                        
                                            GET /dist/bundle.js HTTP/1.1 
Host: tpx.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.157.179.180
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:09:05 GMT
content-type: application/javascript
content-length: 26906
etag: "3ae6cedcc5e46fbf56523cd45aff891d14e60376"
set-cookie: tpuuid=BQuDOTBxOZxows6Pqx6uRVWIAVAgcyszrRMwB6Q7swKy; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26906), with no line terminators
Size:   26906
Md5:    76c2aab2f36f6ea1af592e6de951a2ea
Sha1:   3ae6cedcc5e46fbf56523cd45aff891d14e60376
Sha256: e8824df762c60fb701c3a061299de3df835b9119aba3b42bd5f86804865f52d8
                                        
                                            GET /dist/bundle.js HTTP/1.1 
Host: tpx.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.157.179.180
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:09:05 GMT
content-type: application/javascript
content-length: 26906
etag: "c10da53c7d91d1dbb265482374ded6d83997ac53"
set-cookie: tpuuid=8bqlrqtPQihZiA4PZCbRIEVQosbEZwuUcsJcPp1FlNar; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26906), with no line terminators
Size:   26906
Md5:    07e0a2881d8e32b7e35eece77afbf234
Sha1:   c10da53c7d91d1dbb265482374ded6d83997ac53
Sha256: a38d2774f51dcc351a587124feb3bd3a30ac5e1af63f99968f7427054285d01d
                                        
                                            GET /dist/bundle.js HTTP/1.1 
Host: tpx.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.157.179.180
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:09:05 GMT
content-type: application/javascript
content-length: 26906
etag: "8b20953cd7be3ba1db576b6a5b0dcf0d82bfeb59"
set-cookie: tpuuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26906), with no line terminators
Size:   26906
Md5:    5dd05d7c889f10edfad5b24dd0053513
Sha1:   8b20953cd7be3ba1db576b6a5b0dcf0d82bfeb59
Sha256: d5268fe10a9e4b4bc4f624cec3fd5549ebc7f4481a9c461510f51135466a77f2
                                        
                                            GET /iframe_api HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.142
HTTP/2 200 OK
                                        
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 01 Jul 2022 16:09:04 GMT
date: Fri, 01 Jul 2022 16:09:04 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=c-dX31UCPa4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=urX3icDC-NA; Domain=.youtube.com; Expires=Wed, 28-Dec-2022 16:09:04 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+506; expires=Sun, 30-Jun-2024 16:09:04 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (509)
Size:   988
Md5:    8e1e4ace3f65e9b08b3de9bac58b9408
Sha1:   3479d90458c51ffdb3a2cc7626a54dad743eadd2
Sha256: b2307407c6747808284085bc115b3f2008516387705d3b011261c4e6f47e2171
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "73B35E1142F56B80F8CCD3F5E75131E0C2862C08C708F14CC5EAC3E83672A5DA"
Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1106
Expires: Fri, 01 Jul 2022 16:27:31 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            GET /incoming?p=false&a=false&b=false HTTP/1.1 
Host: tpx.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Cookie: tpuuid=8bqlrqtPQihZiA4PZCbRIEVQosbEZwuUcsJcPp1FlNar
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.157.179.180
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 01 Jul 2022 16:09:05 GMT
last-modified: Friday, 01-Jul-2022 16:09:05 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCE600B67DA1F1FDE46D8E1752605A1DA76A369EAA1AF92C78BBC7D793882B99"
Last-Modified: Wed, 29 Jun 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Fri, 01 Jul 2022 19:03:58 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCE600B67DA1F1FDE46D8E1752605A1DA76A369EAA1AF92C78BBC7D793882B99"
Last-Modified: Wed, 29 Jun 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1284
Expires: Fri, 01 Jul 2022 16:30:29 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            GET /PIC/zavriet.gif HTTP/1.1 
Host: img.szm.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.60
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:05 GMT
Content-Length: 107
Last-Modified: Tue, 23 Jun 2020 10:27:26 GMT
Connection: keep-alive
ETag: "5ef1d90e-6b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 14\012- data
Size:   107
Md5:    73cebb1642c5d0a07da398b331d12be9
Sha1:   921a826744a0c460527dd1e435a8255cea61a2a8
Sha256: 68f00ddb2fea05491cd747ba59dc7783ee6f93244bb8e4f34020493081f54524
                                        
                                            GET /PIC/reklama-horizontalna.gif HTTP/1.1 
Host: img.szm.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.60
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:05 GMT
Content-Length: 1251
Last-Modified: Tue, 23 Jun 2020 10:27:25 GMT
Connection: keep-alive
ETag: "5ef1d90d-4e3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 61 x 12\012- data
Size:   1251
Md5:    a49ad5ae145f1d611ef5bae605889f06
Sha1:   9632a30c2c4f29de66b570c095ad5032df357d5a
Sha256: 3f061b3425b4ce73a0029131e7eaf6ab1daa7e92947fb76daef7380e9d3ebbb8
                                        
                                            GET /imp.js?_pid=163594704&_ouuid=gHQX4elOLABtkAUHelTQtx6zZjlUosgp6xj0OwNMI88Y&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 
Host: fd.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Cookie: tpuuid=gHQX4elOLABtkAUHelTQtx6zZjlUosgp6xj0OwNMI88Y
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.196.91.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:03:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Friday, 01-Jul-2022 16:03:35 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /imp.js?_pid=163594704&_ouuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 
Host: fd.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Cookie: tpuuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.196.91.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:03:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Friday, 01-Jul-2022 16:03:35 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /imp.js?_pid=163594704&_ouuid=8bqlrqtPQihZiA4PZCbRIEVQosbEZwuUcsJcPp1FlNar&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 
Host: fd.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Cookie: tpuuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.196.91.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:03:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Friday, 01-Jul-2022 16:03:35 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F763D7576AAB81AE47F35FD4AFFB2D6BE29F421DA0A2F3607F966049C88AE66C"
Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Fri, 01 Jul 2022 18:57:03 GMT
Date: Fri, 01 Jul 2022 16:09:05 GMT
Connection: keep-alive

                                        
                                            GET /imp.js?_pid=163594704&_ouuid=BQuDOTBxOZxows6Pqx6uRVWIAVAgcyszrRMwB6Q7swKy&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 
Host: fd.tesseradigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Cookie: tpuuid=BQuDOTBxOZxows6Pqx6uRVWIAVAgcyszrRMwB6Q7swKy
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.196.91.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 16:03:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Friday, 01-Jul-2022 16:03:35 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /www/delivery/afr.php?zoneid=60&cb=988273 HTTP/1.1 
Host: ad.novara.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://palochusvet.szm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.248.228.68
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=NO%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/ OAID=7f127d5908e1b06015c93420fc3bfc22; expires=Sat, 01-Jul-2023 16:09:05 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (704)
Size:   654
Md5:    8797aea55e923fde29413c308c7a6f81
Sha1:   3d8c01825cfbb656260b8415899f6c01f71d3d99
Sha256: 192ec1ec9385d9ed6d8e01f30e4800dd1113f305d8cd1031ee4ecaac1d06d381
                                        
                                            GET /www/images/85ebc45601450d75a4c0a72eb1f95988.jpg HTTP/1.1 
Host: ad.novara.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.novara.sk/www/delivery/afr.php?zoneid=60&cb=988273
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         85.248.228.68
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:05 GMT
Content-Length: 34478
Last-Modified: Thu, 26 Oct 2017 00:30:50 GMT
Connection: keep-alive
ETag: "59f12cba-86ae"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x600, components 3\012- data
Size:   34478
Md5:    85ebc45601450d75a4c0a72eb1f95988
Sha1:   b5da0f677377647adc5584b3e05e8ab54017f69b
Sha256: ace6cc45873b82fb762fd66ea94bf46569cdd5da4fc887231404ca80c2744ac9
                                        
                                            GET /www/delivery/lg.php?bannerid=4130&campaignid=1689&zoneid=60&loc=http%3A%2F%2Fpalochusvet.szm.com%2F&cb=04d5794623 HTTP/1.1 
Host: ad.novara.sk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.novara.sk/www/delivery/afr.php?zoneid=60&cb=988273
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         85.248.228.68
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 01 Jul 2022 16:09:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=NO%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/ OAID=94c8c30c57a3e5148fe7c35663a682f0; expires=Sat, 01-Jul-2023 16:09:05 GMT; Max-Age=31536000; path=/


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Fri, 01 Jul 2022 18:22:00 GMT
Date: Fri, 01 Jul 2022 16:09:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Fri, 01 Jul 2022 18:22:00 GMT
Date: Fri, 01 Jul 2022 16:09:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Fri, 01 Jul 2022 18:22:00 GMT
Date: Fri, 01 Jul 2022 16:09:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Fri, 01 Jul 2022 18:22:00 GMT
Date: Fri, 01 Jul 2022 16:09:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7974
Expires: Fri, 01 Jul 2022 18:22:00 GMT
Date: Fri, 01 Jul 2022 16:09:06 GMT
Connection: keep-alive

                                        
                                            GET /embed/eplayaV5.32.js HTTP/1.1 
Host: etargetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.73.79
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 16:09:04 GMT
content-type: application/javascript
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=79702
etag: W/"610a490a-13756"
expires: Fri, 01 Jul 2022 21:34:47 GMT
last-modified: Wed, 04 Aug 2021 08:00:10 GMT
pragma: cache
vary: Accept-Encoding, Origin
y-protected-by: Bulbasaur/mblade01-01-b
cf-cache-status: HIT
age: 66857
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa1757hZi8XbK%2BFN%2B8XqOUqZWD7d1YN1N7g2frui6zkfk1Bfh%2FuQnQUvKk%2BPgJIYDmenIZzaOR06t53iYcpCDKKqMcX7v6s6bngCK18WG%2Fx6hlvUVMs86NyzZw6OxSJm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7240676d09930b59-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3450)
Size:   23156
Md5:    e4d4361d9671a03954458a4158ed6195
Sha1:   4a21fea5784ddb6763cca88158c81354f6c6da25
Sha256: 14b6ca7075d1bc5962da1f969fa0f2e1cb15948fdb811b2be9a9797c7d9f2b42
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11303
x-amzn-requestid: bb4e28bd-b8fe-46aa-b7e1-9df6f52c9d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeQW-EnzIAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbfa92-4788a606125c42431ba5c73a;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:09:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FECr8vnUNXIJXah4ilgSdBbkbjEIYjsLUdys3R4NE65S9iuOzjcSwQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 01 Jul 2022 07:42:41 GMT
age: 30385
etag: "91d2dc48008a198adb2b740bec1843a146f826c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11303
Md5:    b38a21dc4af2a753ec1149a58eca2ee2
Sha1:   91d2dc48008a198adb2b740bec1843a146f826c1
Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
                                        
                                            GET /iframe_api HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.142
HTTP/2 200 OK
                                        
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 01 Jul 2022 16:09:04 GMT
date: Fri, 01 Jul 2022 16:09:04 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=GIg0ILMGV0o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=1nQBFQk8q3o; Domain=.youtube.com; Expires=Wed, 28-Dec-2022 16:09:04 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+519; expires=Sun, 30-Jun-2024 16:09:04 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (509)
Size:   7262
Md5:    13bf60a42d19683e4082a2bab6c7a64a
Sha1:   932adf8bd5fdc8b175192446a2383b7e81b3a9b1
Sha256: 64b5830d2c071b09011be11c339a70c1edd88af71a346c4901a187e20b90b4a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf1e617a-6fd1-48e4-960a-73bddd0fb482.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9555
x-amzn-requestid: ddc50c80-7b41-4709-952d-096c3fcfc5a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UUXJ-HsgIAMFwag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b80572-1ecc47e74333e7c2352e2e0e;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 07:06:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fx_8uoi08YuMMK-Gg4rNkPq53DuRCUSW_zVMfl3JfmlrKn5VjQl4SQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 19:57:44 GMT
age: 72682
etag: "e52d1a0382cee461a2ba0df6d554cdb82087ff49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9555
Md5:    8f957d00754df49ffe6ebbcf869b528a
Sha1:   e52d1a0382cee461a2ba0df6d554cdb82087ff49
Sha256: 87a80c1e2f261504f8e821829babcce76b00de442bd7c6f9880b2932b2864839
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fb8f8ac-1447-4cbf-a03d-3b6276064e5d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5228
x-amzn-requestid: aa2ae070-d7af-4ab5-a62b-cd3133c0717d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UXjQMF1fIAMFm-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b94c01-39c87d2c65b06bc212bee113;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 06:19:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -hFyOxRNAoBAZwq1tZEZx-WmK1wrvy7_GMngpvsKzKrngHEWN8dWTg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 22:03:52 GMT
age: 65114
etag: "ce25cc6aba5d9ebdd79eb30b51847cf96807f608"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5228
Md5:    2403216bc2dcf981397210dd8c97d21b
Sha1:   ce25cc6aba5d9ebdd79eb30b51847cf96807f608
Sha256: ca2d93917806e02e9015493ba5fee438c720d23509a2628bc1bf13e4bb76128d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1934ff6c-738b-4ee1-a3a7-f172a73da4bd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10798
x-amzn-requestid: ec008800-0485-48fc-ad7d-1f28baff782f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UjickERbIAMF1NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62be1783-328a674d1742f9c236542ec2;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 21:37:07 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: o3AnxqrsGxaBlFc3pR1fNbgG8owT3PJgY29iVJBLj3DXcaZYfGX0EQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 22:03:52 GMT
age: 65114
etag: "7db6b42dda26780d3a6cf5c9e3761db08722c630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10798
Md5:    23c2976b6fa0265e05566907f71bd9e3
Sha1:   7db6b42dda26780d3a6cf5c9e3761db08722c630
Sha256: a706e15acd54d9ffa304b4f931c811c57ba91e4d58c3970794a77eb873be3287
                                        
                                            GET /frontend/logos/sk/35160/35160_9-6.jpg HTTP/1.1 
Host: etargetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.73.79
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 16:09:06 GMT
content-type: image/webp
content-length: 8668
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=8958
content-disposition: inline; filename="35160_9-6.webp"
etag: "622e43b5-22fe"
last-modified: Sun, 13 Mar 2022 19:19:17 GMT
vary: Accept
y-protected-by: Bulbasaur/mblade01-01-c
cache-control: max-age=14400
cf-cache-status: HIT
age: 4165
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAFxYXyIlQ2i49%2FIA%2BTuaP4NuJP5697HiX8i4Zj%2B%2BnGvNVXOXS02cSW1reRkENbCTEuJMvgKnDmlUt3BOZtIC9dF43AiyNMYjhEgDqawgTKzLWCmJ0uBWJIJqN0ROPaM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 724067796f6f0b59-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 254x133, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8668
Md5:    bddafba05cf7d3f173d93f3f34dcb544
Sha1:   ce90711b8063ab5d73eb85502b1d65cab4ca4754
Sha256: 9fe4d7993f750551ac87658dc4208050b684fa8df3a6034c2bd3c55bc9584b96
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3052
Cache-Control: max-age=92170
Date: Fri, 01 Jul 2022 16:09:08 GMT
Etag: "62bdd542-1d7"
Expires: Sat, 02 Jul 2022 17:45:18 GMT
Last-Modified: Thu, 30 Jun 2022 16:54:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /t/v2/learn?tagid=V2_291021&src.rand=1656691744&gdpr_err=NO_CMP&gdpr_consent=-1&depp=7.0.1-4-eu HTTP/1.1 
Host: sk-gmtdmp.mookie1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.186.238.175
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 16:09:08 GMT
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
x-application-context: application
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-type: image/gif;charset=UTF-8
content-length: 43
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3052
Cache-Control: max-age=92170
Date: Fri, 01 Jul 2022 16:09:08 GMT
Etag: "62bdd542-1d7"
Expires: Sat, 02 Jul 2022 17:45:18 GMT
Last-Modified: Thu, 30 Jun 2022 16:54:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /frontend/logos/sk/35160/35160_9-11.jpg HTTP/1.1 
Host: etargetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://szm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.73.79
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 16:09:10 GMT
content-type: image/jpeg
content-length: 10718
cf-bgj: imgq:100,h2pri
cf-polished: origSize=11055, status=webp_bigger
etag: "622f33c8-2b2f"
last-modified: Mon, 14 Mar 2022 12:23:36 GMT
y-protected-by: Bulbasaur/mblade01-01-b
cache-control: max-age=14400
cf-cache-status: HIT
age: 2888
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtiYrlYxlrb%2BboDopFIKsQd3cU77h3gfNakmvrXudx8VwfoUqYOP3sBUgk1q7rBtIG8LYfhZqqZjvR%2BgcyoIhvYjEKa%2BbwjH%2Bwi%2FQu%2Fy2zTNGZeOP6doz8LpelL%2BdVSN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 724067926d520b59-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 254x133, components 3\012- data
Size:   10718
Md5:    d74d01ca9da5bfe76511e7bc540704f4
Sha1:   4e2b7db7ddd0dd7a4cdd1223e553deca170ae750
Sha256: e13b7b9d3fb653826fba8260d4dac3c63b7a6eaf681431dd9f3dc241210b9cb7