urlquery - report: palochusvet.szm.com/43t3f/45y4g.exe

Overview

URL	palochusvet.szm.com/43t3f/45y4g.exe
IP	85.248.228.58
ASN	SWAN, a.s.
Location	Slovakia
Report completed	2022-07-01 16:09:16 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-01	2	palochusvet.szm.com/43t3f/45y4g.exe	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (22)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.35
[Mnemonic Passive DNS]	ssl.google-analytics.com (1)	275	2017-01-30 05:00:07 UTC	2022-07-01 12:40:17 UTC	172.217.21.168
[Mnemonic Passive DNS]	sk.search.etargetnet.com (3)	167949	2017-02-27 16:42:41 UTC	2022-04-17 17:40:26 UTC	195.168.10.172
[Mnemonic Passive DNS]	cdn.mookie1.com (1)	13056	2018-05-03 17:37:14 UTC	2022-07-01 15:09:02 UTC	23.13.39.40
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-01 14:37:30 UTC	52.40.216.187
[Mnemonic Passive DNS]	www.youtube.com (3)	90	2017-01-30 05:00:06 UTC	2022-07-01 04:59:39 UTC	142.250.74.142
[Mnemonic Passive DNS]	sk-gmtdmp.mookie1.com (1)	225766	2015-12-15 14:26:44 UTC	2022-06-30 17:48:20 UTC	35.186.238.175
[Mnemonic Passive DNS]	stats.g.doubleclick.net (1)	96	2017-01-30 04:59:59 UTC	2022-07-01 05:01:53 UTC	173.194.73.154
[Mnemonic Passive DNS]	etargetcdn.com (4)	126528	No data	No data	172.67.73.79
[Mnemonic Passive DNS]	palochusvet.szm.com (2)	0	No data	No data	85.248.228.58	Unknown ranking
[Mnemonic Passive DNS]	ocsp2.globalsign.com (1)	1544	2012-05-21 07:12:19 UTC	2022-07-01 12:43:16 UTC	104.18.20.226
[Mnemonic Passive DNS]	szm.com (6)	0	No data	No data	85.248.228.115	Unknown ranking
[Mnemonic Passive DNS]	ocsp.digicert.com (4)	86	2012-11-29 12:49:49 UTC	2022-07-01 15:56:06 UTC	93.184.220.29
[Mnemonic Passive DNS]	ocsp.pki.goog (7)	175	2017-06-14 07:23:31 UTC	2022-07-01 14:37:30 UTC	142.250.74.3
[Mnemonic Passive DNS]	tpx.tesseradigital.com (5)	238888	No data	No data	35.157.179.180
[Mnemonic Passive DNS]	fd.tesseradigital.com (4)	0	No data	No data	18.196.91.239	Domain (tesseradigital.com) ranked at: 238882
[Mnemonic Passive DNS]	ad.novara.sk (3)	0	No data	No data	85.248.228.68	Unknown ranking
[Mnemonic Passive DNS]	r3.o.lencr.org (16)	344	2020-12-02 08:52:13 UTC	2022-07-01 12:51:19 UTC	23.36.76.226
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-01 05:33:42 UTC	54.230.111.64
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	img.szm.sk (5)	0	No data	No data	85.248.228.60	Unknown ranking
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (4)	1631	2017-09-01 03:40:57 UTC	2022-07-01 14:37:32 UTC	34.120.237.76

Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 85.248.228.58

Date	UQ / IDS / BL	URL	IP
2022-07-02 17:00:41 +0000	0 - 0 - 1	palochusvet.szm.com/43t3f/45y4g.exe	85.248.228.58
2022-06-30 17:48:28 +0000	0 - 0 - 1	palochusvet.szm.com/43t3f/45y4g.exe	85.248.228.58

Last 10 reports on ASN: SWAN, a.s.

Date	UQ / IDS / BL	URL	IP
2022-08-10 11:16:12 +0000	0 - 0 - 4	dogsk.sk/juniorhandling/gallery/2008/bystrica (...)	213.215.124.60
2022-08-06 01:47:14 +0000	0 - 0 - 4	dogsk.sk/juniorhandling/gallery/2008/bystrica (...)	213.215.124.60
2022-08-02 21:32:46 +0000	0 - 0 - 2	f27szerviz.hu/upload/files/56488954650.pdf	85.248.130.113
2022-08-02 19:01:04 +0000	0 - 0 - 1	zamokugrofa.sk/admin/fckeditor/file/487337975 (...)	85.248.226.5
2022-08-02 16:42:32 +0000	0 - 0 - 1	topenglish.sk/app/webroot/gallery/files/81707 (...)	85.248.128.216
2022-08-02 16:23:44 +0000	0 - 0 - 1	slovbau.sk/test/userfiles/file/2555128274.pdf	213.215.124.60
2022-08-01 09:42:58 +0000	0 - 0 - 4	dogsk.sk/juniorhandling/gallery/2008/wieselbu (...)	213.215.124.60
2022-07-28 15:10:04 +0000	0 - 0 - 1	majstrissmt.eu/www-data/file/retaj.pdf	85.248.116.7
2022-07-26 10:01:12 +0000	0 - 0 - 21	www.beautysecret.sk/	85.248.129.35
2022-07-23 22:25:09 +0000	0 - 0 - 4	dogsk.sk/juniorhandling/gallery/2008/padova08 (...)	213.215.124.60

No other reports on domain: szm.com

JavaScript

Executed Scripts (21)

Executed Evals (0)

Executed Writes (6)

#1 JavaScript::Write (size: 125, repeated: 1) - SHA256: d87262ba50b590e8f2bfbb7ceca23b472d0fc4851aa2adc2d8bc506f5c50d333

                                        < script src = "https://szm.com/reklamafr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe"
type = "text/javascript" > < /script>

#2 JavaScript::Write (size: 85, repeated: 1) - SHA256: 2f07f68c604449e8d89471efc2fea27e93365b3806d2494f6432b2e33d2fdf94

                                        < script src = 'https://ssl.google-analytics.com/ga.js'
type = 'text/javascript' > < /script>

#3 JavaScript::Write (size: 23748, repeated: 1) - SHA256: 62d53a1e2af2ca5375b83c291ebd1087625f673eb0a39a6cb40562bb67c9a451

                                        < !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" > < html > < head > < meta http - equiv = "content-type"
content = "text/html; charset=utf-8" > < title > ETARGET 4.2 < /title><style type="text/css
">html,body,div,span,applet,object,iframe,h1,h2,h3,h4,h5,h6,p,blockquote,pre,a,abbr,acronym,address,big,cite,code,del,dfn,em,font,img,ins,kbd,q,s,samp,small,strike,strong,sub,sup,tt,var,b,u,i,center,dl,dt,dd,ol,ul,li,fieldset,form,label,legend,table,caption,tbody,tfoot,thead,tr,th,td{margin:0;padding:0;border:0;outline:0;font-size:100%;/*vertical-align:baseline;*/background:transparent;}body{line-height:1;}ol,ul{list-style:none;}blockquote,q{quotes:none;}blockquote:before,blockquote:after,q:before,q:after{content:'';content: none;}:focus{outline:0;}ins{text-decoration:none;}del{text-decoration:line-through;}table{border-collapse:collapse;border-spacing:0;}body{border-width:0px;margin:0px;padding:0px;font-family:'trebuchetMS',arial,sans-serif;font-size:11px;line-height:13px;background-color:transparent;}div.header{text-align:left;}div.footer{width:0px !important;right:0px !important;left: auto !important;line-height:120%;text-align:right;overflow:visible;position:fixed !important; z-index:2; bottom:0px !important;display:block !important; visibility: visible !important;}div.url{}div.like{text-align:right;}div#hide{background-color:white;position:absolute;top:0px;left:0px;border-width:0px;}div.box div.inbox td.img{background-color:white;border-width:1px;border-color:#909090;border-style:solid;}div.shop{overflow:hidden;text-align:left;border-width:0px 0px 0px 0px;border-style:solid;border-color:#c00000;}div.top {border-radius:5px 5px 0px 0px;text-shadow: #7f7f7f 0.1em 0.1em 0.1em;box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.5);}div.bot {border-radius:0px 0px 5px 5px;text-shadow: #7f7f7f 0.1em 0.1em 0.1em;box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.5);}div.intop {border-radius:5px 5px 0px 0px;}div.inshop {border-radius:5px 5px 0px 0px;/*box-shadow: 0px 0px 6px rgba(0, 0, 0, 0.5);*/}div.inshop td img {box-shadow: 0px 0px 6px rgba(0, 0, 0, 0.5);}div.shop div.title{color:#c00000;text-decoration:underline;}div.shop div.inshop div.obr table.shoptab td.imgbox div.inbox div.title a{color:#c00000;text-decoration:none;}div.shop div.inshop div.obr table.shoptab td.imgbox div.inbox div.desc a{color:#000000;}div.shop div.inshop div.inbox div.title a{font-size:12px;line-height:13px;color:#c00000;text-decoration:none;}div.shop div.inshop div.inbox div.desc a{font-size:11px;line-height:12px;color:#000000;text-decoration:none;}div.shop div.inshop div.inbox div.btn a{font-size:12px;color:#000000;text-decoration:none;}div.shop div.inshop div.inbox div.btn3 a{font-size:12px;line-height:15px;color:#c00000;font-weight:bold;text-decoration:none;}div.shop div.inshop div.inbox div.btn4 a{font-size:10px;line-height:15px;color:#c00000;font-weight:bold;text-decoration:none;}div.shop div.inshop div.inbox div.title a:hover{color:#c00000;}div.shop div.inshop div.inbox div.desc a:hover{color:#000000;text-decoration:none;}div.shop div.inshop div.inbox div.btn3 a:hover{color:#c00000;}div.shop div.inshop div.inbox div.btn4 a:hover{color:#c00000;}div.shop div.top{font-size:13px;font-weight:bold;font-style:italic;color:white;background-color:#c00000;line-height:20px;height:20px;text-align:left;}div.shop div.intop{margin:0px 2px;text-align:left;}div.shop div.inshop{margin:0px 5px;background-color:#ffffff;}/*background-color:#f0f0f1;*/div.shop div.inbox{margin:0px 2px;}div.shop div.inshop table.shoptab{height:100px;}div.shop div.inshop td.btn{cursor:pointer;width:14px;}div.shop div.inshop td.img{background-color:white;border-width:1px;border-color:#909090;border-style:solid;}div.shop div.inshop div.btn{width:80px;height:40px;text-align:center;line-height:36px;background-image:url(//sk.search.etargetnet.com/images/detail_gray.gif);background-repeat:no-repeat;background-position:0%;float:left;overflow:hidden;position:relative;top:-5px;}div.shop div.inshop div.btn2{width:80px;height:26px;text-align:center;line-height:20px;background-image:url(//sk.search.etargetnet.com/images/detail_gray.gif);background-repeat:no-repeat;background-position:0%;float:left;overflow:hidden;position:relative;top:3px;}div.shop div.inshop div.btn3{font-size:12px;text-align:left;float:left;}div.shop div.inshop div.btn4{font-size:10px;text-align:left;float:left;}div.shop div.inshop div.btna{display:block;margin:0px;width:80px;height:40px;text-align:center;line-height:36px;cursor:pointer;color:black;text-decoration:none;font-size:11px;font-weight:bold;}div.shop div.inshop div.price{margin-top:7px;text-align:center;font-family:tahoma;}div.shop div.inshop div.prices{margin-top:3px;text-align:right;font-family:tahoma;}div.shop div.inshop div.pricez{text-align:right;font-family:tahoma;}div.shop div.inshop div.pricezz{text-align:right;font-family:tahoma;}div.shop div.inshop div.prices div.price1{color:#c00000;font-weight:bold;font-size:14px;}div.shop div.inshop div.pricez div.price1{color:#c00000;font-weight:bold;font-size:12px;}div.shop div.inshop div.pricezz div.price1{color:#c00000;font-weight:bold;font-size:10px;}div.shop div.inshop div.price div.price1{color:#c00000;font-weight:bold;font-size:14px;line-height:15px;}div.shop div.inshop div.price div.price2{font-size:12px;line-height:15px;}div.shop div.inshop div.pricez div.price1{font-size:13px;line-height:15px;}div.shop div.inshop div.pricez div.price2{font-size:12px;line-height:15px;}div.shop div.inshop .biz{line-height:10px;}div.shop div.inshop .pricing1 a{color:#000000;text-decoration:none;font-weight:normal;font-size:9px;line-height:10px;}div.shop div.inshop .pricing2{color:#000000;font-weight:normal;font-size:9px;line-height:10px;text-decoration:line-through;}div.shop div.inshop .pricing3 a{color:#c00000;text-decoration:none;font-weight:bold;font-size:10px;line-height:10px;}div.shop div.inshop .pricing4{color:#c00000;text-decoration:none;font-weight:bold;font-size:10px;line-height:10px;}div.shop div.inshop a .buynow{display:block;width:72px;height:20px;background-image:url(//sk.search.etargetnet.com/images/buynow_sk_btn.png);background-position:top;background-repeat:no-repeat;cursor:pointer;}div.shop div.inshop a:hover .buynow{background-position:bottom;}div.main{border-width:0px;border-style:solid;border-color:#d0d0d0;overflow:hidden;position:relative;width:468px;height:60px;line-height:14px;background-color:#ffffff;}div.inmain{line-height:12px;font-family:verdana, sans-serif;font-size:11px;line-height:14px;text-align:center;}div.inmain iframe{display:inline-block !important;}div.box {text-align:left;border-width:0px;border-style:solid;border-color:#d0d0d0;}div.inbox {margin:0px 10px;text-align:left;border-width:0px;border-style:solid;border-color:#d0d0d0;margin: 3px 5px;}div.box div.title a{font-weight:bold;color: #cc0000;font-size:105%;text-decoration:none;}div.box div.desc a{color: #000000;font-size:100%;text-decoration:none;}span.countlikes{font-family:'Lucida Grande',verdana,arial,sans-serif;font-size:9px;line-height:9px;color:#000000;opacity:0.66;letter-spacing:-0.05em;}div.box div.fblike div.countlikes{float:left;height:11px;text-align:left;margin:0px 0px 0px 0px;font-family:'Lucida Grande',verdana,arial,sans-serif;font-size:9px;line-height:9px;color:#000000;opacity:0.66;letter-spacing:-0.05em;border-width:0px;padding:0px;}div.box div.url a{color: #0067d6; font-size:90%;text-decoration:none;}div.box div.title a:hover{color: #cc0000;text-decoration:underline;}div.box div.desc a:hover{color: #000000;text-decoration:none;}div.box div.url a:hover{color: #0067d6;text-decoration:underline;}div.infooter{margin:0px 5px;text-align:right;height: 28px;overflow:hidden;line-height: 36px;}div.inheader{margin:0px 5px;height: 16px;line-height: 16px;}div.inheader a{color: #0067d6;text-decoration:none;position:relative;z-index:1;font-size: 90%;}div.inheader a:hover{color: #0067d6;text-decoration:underline;}div.infooter a{transition: width 0.2s;background-position: left center;background-repeat:no-repeat;background-size:auto 17px;bottom: 1;display: block;height: 20px;width: 14px;position: absolute;z-index: 1;right: 4;background-image:url(https://etargetcdn.com/img/logo/etarget_logo_dark_uni_small.png);}div.infooter a:hover{background-color:rgba(255,255,255,0.8);border-radius:5px 0px 0px;background-position: center center !important;right:1px;width: 108px;}a.etarget_sipka{display:block;border-width:0px;width:40px;height:40px;background-position:top;margin:auto;background-repeat:no-repeat;background-image:url(//sk.search.etargetnet.com/img/sipka/sipka_C00.png);}a.etarget_sipka.sme{background-image:url(//sk.search.etargetnet.com/img/sipka/sipka_sme.png);z-index:1;}a.etarget_sipka:hover{background-position:bottom;}table.imgtable {max-height:60px;}.imgwrapper table.imgtable{overflow:hidden;}.imgwrapper .imgtable img{max-width:254px;max-height:60px;}.box.version-1.pulse-1 > .inbox > .imgwrapper table.imgtable img{animation: logo-pulse-def 2s 0s infinite linear !important; left:-50% !important;}@keyframes logo-pulse-def{0%{transform:scale(1);}25%{transform:scale(1.1);}50%{transform:scale(1);}75%{transform:scale(1.1);}100%{transform:scale(1);}}</style><script type="
text / javascript " charset="
utf - 8 " >var rotimages=[];var forcedWidth=468;var forcedHeight=60;var columns=1;var borderstyle='none';var radius=0;var opacity=100;var minspace=5;var ref=991;var c=1;var vert=0;var logo_type=9;var goUrl='https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&cid=1&';var boCol='#ffffff';var bgCol='#ffffff';var tbw=455;var lbw=254;var opac = 100;var transition = false;var icanthide=false;;function makeBorders(a,b,c,d,e,f){};var iebug=true;var aShopItems = new Array();var bw = 0;var bh = 0;var wh = 0;var ww = 0;var sxtotal = 0;var sytotal = 0;var ymax = 0;var header = null;var footer = null;var mytime;var j = new Array();var s = new Array();var hide = null;var cnt = 0;var shop = 0;var smer = '';var shopItemNo = 1;var dtime=new Date();var btime=dtime.getTime();var captchax = false;var cdata = false;function setCaptcha(){if(typeof(Captcha)=='function'){if(captchax==false){captchax = new Captcha(); captchax.init();};};};function getCaptcha(){if(typeof(captchax)=='object'){if(typeof(captchax.serialize)=='function'){cdata = captchax.serialize(); cdata = window.btoa(cdata); return cdata};};};setCaptcha();function clicktime(o,event){var dtime=new Date();o.href=o.href+'&cti='+Math.round((dtime.getTime()-btime)/1000);if(typeof(event)=='object' && typeof(event.clientX)=='number'){var ctype = ''; var shownflag = 0; var parents = findParents('inbox',o); if(typeof(parents)=='object'){if(parents.getElementsByClassName('etarget_img').length){shownflag+=1;};if(parents.getElementsByClassName('etarget_title').length){shownflag+=2;};if(parents.getElementsByClassName('etarget_desc').length){shownflag+=4;};if(parents.getElementsByClassName('etarget_url').length){shownflag+=8;};}; if(typeof(o.className)=='string'){try{var otype = o.className;var atype = otype.split('etarget_');var ctype = atype[1]; ctype = ctype.split(' '); ctype = ctype[0];}catch(e){console.log(e);}}; var where=ctype+'x'+(parseInt(event.clientX)*(991))+'x'+(parseInt(event.pageY)*(991))+'x'+shownflag;var cdata = getCaptcha();if(typeof(cdata)=='string' && typeof(where)=='string'){where = where+'|'+cdata};if(where){o.href=o.href+'&psi='+where;};};};function TRJS(src){var s=document.createElement('script');document.body.appendChild(s);s.src=src+'&js=1';};function findParents(cname,o){var p = o; if(typeof(p)=='object'){var px = ''; var pi = 0;while(true){if(pi>10){break;};if(typeof(p.className)=='string'){if(p.className==cname){return p;break;}};pi++;p = p.parentNode;};};return false;}function jednotka(o){this.o=o;this.width=this.o.offsetWidth;this.height=this.o.offsetHeight;this.c=o.className;this.left=0;this.top=0;this.isShop=false;this.hasImage=false;this.img=null;this.tab=null;this.title=null;this.text=null;this.url=null;this.price1=null;this.price2=null;this.badge=null;this.btn=null;this.moveRate=50;this.moveStepX=0;this.moveStepY=0;this.moveStartX=0;this.moveEndX=0;this.moveStartY=0;this.moveEndY=0;this.moveFrames=0;this.moveFrame=0;this.init=function(){var e=this.o.getElementsByTagName('DIV');for(var i=0;i<e.length;i++){if(e[i].className=='title')this.title=e[i];else if(e[i].className=='desc')this.text=e[i];else if(e[i].className=='url')this.url=e[i];else if(e[i].className=='price1')this.price1=e[i];else if(e[i].className=='price2')this.price2=e[i];if(e[i].className=='btn')this.btn=e[i];};var e=this.o.getElementsByTagName('TD');for(var i=0;i<e.length;i++){if(e[i].className=='imgbox')this.tab=e[i];if(e[i].className=='img')this.hasImage=true;};var e=this.o.getElementsByTagName('IMG');for(var i=0;i<e.length;i++){if(e[i].className=='shopImage')this.img=e[i];else if(e[i].className=='badge')this.badge=e[i];};},this.measure=function(){this.o.style.display='block';this.width=this.o.offsetWidth;this.height=this.o.offsetHeight;},this.hide=function(){this.o.style.display='none';},this.place=function(){this.o.style.position='absolute';this.o.style.left=(this.left)+'px';this.o.style.top=(this.top)+'px';if(this.badge){this.badge.style.position='absolute';var alt=this.badge.alt;if(alt=='hot'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth)+'px';this.badge.style.top=(this.o.offsetHeight-this.badge.offsetHeight)+'px';}else if(alt=='new'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth)+'px';this.badge.style.top=(0)+'px';}else if(alt=='percent'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth-10)+'px';this.badge.style.top=(Math.floor((this.o.offsetHeight-this.badge.offsetHeight)/2))+'px';}else if(alt=='sale'){this.badge.style.left=(this.o.offsetWidth-this.badge.offsetWidth)+'px';this.badge.style.top=(Math.floor((this.o.offsetHeight-this.badge.offsetHeight)/2))+'px';}};},this.nextX=function(x,xspace){this.left=x;return Math.floor(x+this.width+xspace);},this.nextY=function(y,yspace){this.top=y;return Math.floor(y+this.height+yspace);},this.sameX=function(x,xspace){this.left=x;return x;},this.sameY=function(y,yspace){this.top=y;return y;},this.nextXY=function(x,xspace,y,yspace,want,have){this.top=y;this.left=x;have++;if(have>=want){have=0;return Math.floor(y+this.height+yspace);}else{return Math.floor(x+this.width+xspace);}},this.setMove=function(moveStartX,moveStartY,moveEndX,moveEndY,moveFrames){var moveLengthX=Math.floor(moveEndX-moveStartX);var moveLengthY=Math.floor(moveEndY-moveStartY);this.moveStepX=moveLengthX/moveFrames;this.moveStepY=moveLengthY/moveFrames;this.moveFrames=moveFrames;this.moveEndX=moveEndX;this.moveEndY=moveEndY;this.moveStartX=moveStartX;this.moveStartY=moveStartY;},this.setMoveTo=function(moveEndX,moveEndY,moveFrames){this.setMove(this.left,this.top,moveEndX,moveEndY,moveFrames);},this.setMoveFrom=function(moveStartX,moveStartY,moveFrames){this.setMove(moveStartX,moveStartY,this.left,this.top,moveFrames);this.left=moveStartX;this.top=moveStartY;this.place();},this.move=function(){if(this.moveFrame==this.moveFrames){this.moveFrame=0;this.left=this.moveEndX;this.top=this.moveEndY;this.place();return false;}else if(this.moveFrame==0){this.moveFrame++;this.left=this.moveStartX;this.top=this.moveStartY;this.place();return true;}else if(this.moveFrame<this.moveFrames){this.moveFrame++;this.left=this.left+Math.floor(this.moveStepX);this.top=this.top+Math.floor(this.moveStepY);this.place();return true;};};};function moves(){if(j[0].move())setTimeout(moves,j[0].moveRate);};function maxix(ww,xtotal){cnt=j.length;ymax=0;for(var i=(j.length-1);i>0;i--){xtotal=xtotal-j[i].width;if(ymax<j[i].height)ymax=j[i].height;cnt--;if(xtotal<(ww-((cnt-1)*minspace)))return xtotal;};return xtotal;};function maxi(wh,ytotal){cnt=j.length;ymax=0;for(var i=(j.length-1);i>0;i--){ytotal=ytotal-j[i].height;if(ymax<j[i].height)ymax=j[i].height;cnt--;if(ytotal<(wh-((cnt-1)*minspace)))return ytotal;};return ytotal;};function ymaxi(){ymax=0;for(var i=0;i<cnt;i++){if(ymax<j[i].height)ymax=j[i].height;};};function refresh2(){var xtotal=0;var ytotal=0;var extrasH=0;var y=0;var x=0;if(header){header.o.style.width=ww+'px';header.measure();header.left=x;header.top=0;header.place();y=header.height;};if(footer){footer.o.style.width=ww+'px';footer.measure();footer.left=x;footer.top=wh-footer.height;footer.place();};if(header)wh=wh-header.height;else wh=wh-5;if(footer)wh=wh-footer.height;else wh=wh-5;var cnt=0;for(var i=0;i<j.length;i++){j[i].o.style.width=Math.floor((ww/2)-3)+'px';j[i].init();j[i].measure();if(j[i].height>0)iebug=false;var nytotal1=0;var nytotal2=0;if(ytotal<(wh-(cnt*minspace))){if((i%2)==0){nytotal1=j[i].nextY(ytotal,0);}else{nytotal2=j[i].nextY(ytotal,0);}if(Math.max(nytotal1,nytotal2)<=(wh-((cnt+1)*minspace))){if(((i%2)!=0)||((j.length-1)==i)){cnt++;ytotal=Math.max(nytotal1,nytotal2);}}}if(j[i].c=='shop'){shop=i;j[i].isShop=true;};};var yspace=Math.floor((wh-ytotal-1)/(cnt-1));for(var i=0;i<j.length;i++){if((i%2)==0){x=0;x=j[i].nextX(x,0);}else{x=j[i].sameX(x,0);}if((i%2)==0){y=j[i].sameY(y,yspace);}else{y=j[i].nextY(y,yspace);}};for(var i=0;i<j.length;i++){if(icanthide){j[i].place();}else{if(cnt<=0)j[i].hide();else j[i].place();if((i%2)!=0)cnt--;if((i%2)!=0)j[i].o.className='box2';}};};function refresh(){wh=bh;ww=bw;if(radius>0){if(borderstyle=='3d'){wh=wh-Math.floor(radius/2);ww=ww-Math.floor(radius/2);};};if(columns==2)return refresh2();var xtotal=0;var ytotal=0;var y=0;var x=0;if((vert==0)){ww=ww-10;x=5;if(header){header.o.style.display='none';};if(borderstyle=='3d'){if(footer){footer.o.style.width='120px';footer.measure();footer.left=bw-120-Math.floor(radius/2);footer.top=bh-footer.height-Math.floor(radius/2);footer.place();};}else{if(footer){footer.o.style.width='120px';footer.measure();footer.left=bw-120;footer.top=bh-footer.height;footer.place();};};}else{if(header){header.o.style.width=ww+'px';header.measure();header.left=x;header.top=0;header.place();y=header.height;};if(footer){footer.o.style.width=ww+'px';footer.measure();footer.left=x;footer.top=wh-footer.height;footer.place();};if(header)wh=wh-header.height;else wh=wh-5;if(footer)wh=wh-footer.height;else wh=wh-5;};for(var i=0;i<j.length;i++){j[i].o.style.width=ww+'px';j[i].init();if(vert==1){if(j[i].tab!=null)j[i].tab.style.width=Math.floor(j[i].width-14-14-10)+'px';}else{if(j[i].o!=null){if((j[i].hasImage)){j[i].o.style.width=Math.min(Number(Number(tbw)+Number(lbw)),Number(ww)-6)+'px';}else{j[i].o.style.width=tbw+'px';};};};j[i].measure();if(j[i].height>0)iebug=false;if(vert==0){if(j[i].height>(wh-2)){j[i].height=wh-2;j[i].o.style.height=wh-2;};};if(ymax<j[i].height)ymax=j[i].height;xtotal=j[i].nextX(xtotal,0);ytotal=j[i].nextY(ytotal,0);if(j[i].c=='shop'){shop=i;j[i].isShop=true;};};if(vert==1){var o_ytotal=ytotal;cnt=j.length;if(ytotal>=(wh-((cnt-1)*minspace))){ytotal=maxi(wh,ytotal);};if(ytotal>=(wh-((cnt-1)*minspace))){if(footer){footer.o.style.display='none';wh=wh+footer.height;};};if(ytotal>=(wh-((cnt-1)*minspace))){if(header){header.o.style.display='none';wh=wh+header.height;y=0;};};var yspace=0;if(cnt>2)yspace=Math.floor((wh-ytotal)/(cnt-1));else if(cnt==2){y=Number(y)+Math.floor((wh-ytotal)/3);yspace=y;}else if(ytotal>wh){x=0;}else y=Number(y)+Math.floor((wh-ytotal)/2);for(var i=0;i<j.length;i++){j[i].nextX(0,0);y=j[i].nextY(y,yspace);};}else{var o_xtotal=xtotal;cnt=j.length;if(xtotal>=(ww-((cnt-1)*minspace))){xtotal=maxix(ww,xtotal);};ymaxi();if(ymax>(wh-10)){if(footer){footer.o.style.display='none';wh=wh+footer.height;};ymax=wh;y=0;}else{y=Math.round((Number(wh)-(Number(ymax)+12))/2);};var xspace=0;if(cnt>2)xspace=Math.floor((ww-xtotal)/(cnt-1));else if(cnt==2){x=Number(x)+Math.floor((ww-xtotal)/3);xspace=x;}else x=Number(x)+Math.floor((ww-xtotal)/2);for(var i=0;i<j.length;i++){j[i].nextY(y,0);x=j[i].nextX(x,xspace);};};for(var i=0;i<j.length;i++){if(icanthide){j[i].place();}else{if(i>=cnt)j[i].hide();else j[i].place();}};};function go(){bh=document.getElementById('main').offsetHeight;bw=document.getElementById('main').offsetWidth;if(typeof(forcedWidth)!='undefined')bw=forcedWidth;if(typeof(forcedHeight)!='undefined')bh=forcedHeight;makeBorders('main',borderstyle,radius,opacity,boCol,bgCol);hide=document.getElementById('hide');var d=document.getElementsByTagName('DIV');var changed=0;if(shop!=0)changeShop();for(var i=0;i<d.length;i++){var ccn = d[i].className;if(typeof(ccn)=='string'){ccn = ccn.split(' ');ccn = ccn[0];}if(ccn=='box'){j.push(new jednotka(d[i]));}if(ccn=='shop'){j.push(new jednotka(d[i]));};if(ccn=='header')header=new jednotka(d[i]);if(ccn=='footer')footer=new jednotka(d[i]);};refresh();if(transition)setTimeout(transition,300);else document.getElementById('hide').style.display='none';if(typeof(forcedWidth)!='undefined')window.onresize=refresh;if(iebug){iebug=false;setTimeout(refresh,1500);};!function(n,t,a,i){n.mpfContainr||(n.mpfContainr=function(){a.push(arguments)},mpfContainr.q=a,(i=t.createElement('script')).type='application/javascript',i.async=!0,i.src='//cdn.mookie1.com/containr.js',t.head.appendChild(i))}(window,document,[]);mpfContainr('V2_291021',{'host': 'sk-gmtdmp.mookie1.com', 'tagType': 'learn','src.rand': '1656691744'});var adv_tracking = parseInt('1');if(adv_tracking){/*tracking-pixel2*/var go3 = 'https://tpx.tesseradigital.com/dist/bundle.js';var img3 = document.createElement('script');img3.src = go3;document.getElementById('main').appendChild(img3);}!function(n,t,a,i){n.mpfContainr||(n.mpfContainr=function(){a.push(arguments)},mpfContainr.q=a,(i=t.createElement('script')).type='application/javascript',i.async=!0,i.src='//cdn.mookie1.com/containr.js',t.head.appendChild(i))}(window,document,[]);mpfContainr('V2_291021',{'host': 'sk-gmtdmp.mookie1.com', 'tagType': 'learn','src.rand': '1656691744'});var go3 = 'https://tpx.tesseradigital.com/dist/bundle.js';var img3 = document.createElement('script');img3.src = go3;document.getElementById('main').appendChild(img3);};function highlight(o){if(typeof(hover_back)=='undefined')return false;o.parentNode.style.backgroundColor=hover_back;};function lowlight(o){o.parentNode.style.backgroundColor='transparent';};var canRefresh = true;function timedReload(){var p=window.location.href;var n=11;var o=false;var a=p.split('?');var adr='';var b=a[1].split('&');for (x in b){var c=b[x].split('=');if (c[0]=='refresher') {n = Number(c[1]); n=Number(n)+1; if(n>10)return false;if(o==false)o=true;}else if(c[0]=='q'){adr=adr+'';}else{if(adr!='')adr=adr+'&';adr = adr+''+b[x]+'';};};if(canRefresh){if(o==false){ n=1;adr = 'refresher=1&'+adr;o=true;}else{adr = 'refresher='+n+'&'+adr};if(n>10)return false;if(adr!='')adr=adr+'&';adr=adr+'q='+escape('https://szm.com/reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe');adr=a[0]+'?'+adr;window.location.replace(adr);}};function imgRotator(n,s){this.n=n;this.srcs=s.split('|');this.w=1;this.split=function(s){this.aln=s.split(';');},this.assign=function(){this.ob=document.getElementById('etargetAdImg'+this.n);},this.next=function(){if(this.srcs.length<2)return false;if(typeof(this.ob=='undefined'))this.assign();if(!this.ob)return false;this.w++;if(this.w>=this.srcs.length)this.w=0;if(typeof(this.srcs[this.w])=='string'){var u=this.srcs[this.w];this.srcs[this.w]=new Image();this.srcs[this.w].src=u;}this.ob.src=this.srcs[this.w].src;},this.assign();}if(typeof(rotimages)=='undefined') var rotimages=[];function imgrot(){for(var i=0;i<rotimages.length;i++){rotimages[i].next();}};imgrottime=setInterval(imgrot,2000);rotimages[rotimages.length]=new imgRotator(0,'https://etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000|https://etargetcdn.com/frontend/logos/sk/35160/35160_9-11.jpg#3000|https://etargetcdn.com/frontend/logos/sk/35160/35160_9-6.jpg#3000');</script></head>

#4 JavaScript::Write (size: 9389, repeated: 1) - SHA256: 9b987cc5b117288c47886b91a6b5c92b76d7532fe94508d8a67090e9e090cf5d

                                        < body style = "overflow:hidden;"
onload = "if(typeof(go)=='function'){go();};if(typeof(gox)=='function'){gox();}" > < div class = "main"
id = "main" > < div class = "inmain"
id = "inmain"
ref = "991"
rel = "w_64850" > < div class = "ad-close"
style = "display:none;"
onclick = "try{var pd = parent.document; var adclose = pd.getElementById(''); adclose.parentNode.removeChild(adclose);}catch(e){console.log(e);}" > < /div><!--[jednotka1]--><div class="box version-1 pulse-0" id="b0"><div class="inbox"  onmouseover="if(typeof(highlight)=='function'){highlight(this);}" onmouseout="if(typeof(highlight)=='function'){lowlight(this);}"><div class="imgwrapper" style="float:left;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="max-width:254;max-height:131px" class="imgtable"><tr><td align="center" valign="middle" class="img"><a href="https:/ / sk.search.etargetnet.com / generic / broad / go.php ? action = ppc & amp;
cid = 1 & amp;
hh = gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y & amp;
pattern = AJNWU0MZt2c & amp;
at = 1656691744 & amp; & sfx = AM " style=";
background - image: url(https: //etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000); background-size: 0px;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_img" title=""><img id="etargetAdImg0" src="https://etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000"></a></td></tr></table></div><div class="imgwrapper sipkawrapper" style="float:right;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="width:40px;height:40px;border-width:0px;margin-right:5px;" ><tr><td align="center" valign="middle" class="sipka" style="border-width:0px;" ><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_sipka " ></a></td></tr></table></div><div class="adbox" style="margin-left:123px;" ><div class="title"><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM" style="" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_title" title="">Top kvalita CBD zo `vaj
        iarska < /a></div > < div class = "desc" > < a href = "https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM"
        style = ""
        target = "_blank"
        onclick = "if(typeof(clicktime)=='function'){clicktime(this,event);}"
        class = "etarget_desc"
        title = "" > Akcia - ve > koobchodn� ceny a~-60 % Uv� dzacie ceny v jedine nom dizajne < /a></div > < /div><div style="clear:both;max-height:0px;">&nbsp;</div > < /div></div > < /div></div > < div class = "main"
        id = "hide" > < /div><script language='JavaScript'  charset="utf-8"  >var chrome = /Chrome / .test(navigator.userAgent) && /Google Inc/.test(navigator.vendor);
        var isPixel = parseInt('0');
        var eident = 'EPLAYA';
        var skanJSForYT = false;
        var nextVideoAfterEnd = parseInt('0');
        var etargetAfterClose = parseInt('0');
        var skiptext = 'reklama ETARGET';
        var ceuvn = 'YTowOnt9';
        var xeuvn = '';
        var ourips = '';
        var videoReferer = parseInt('');
        var newStyle = '';
        var parentRelated = '1';
        var noPrerolls = false;
        var globalMidroll = '35,120';
        if ('' == 'true') {
            noPrerolls = true;
        }
        try {
            if (typeof(isEplayaRunSet) == 'undefined') {
                var isEplayaRunSet = false;
            }
            if (!isEplayaRunSet) {
                if (typeof(apiREADY) == 'undefined') {
                    var apiREADY = false;
                }
                if (typeof(eplayaAutoplay) == 'undefined' || isPixel == 1) {
                    var eplayaAutoplay = parseInt('0');
                }
                if ((typeof(tryEtarget) == 'undefined' || isPixel == 1) && '1' == 'none') {
                    var tryEtarget = 0;
                }
                if ((typeof(defaultVPAIDURL) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var defaultVPAIDURL = '';
                }
                if ((typeof(debugMode) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var debugMode = '';
                }
                if (typeof(eplayaResponsive) == 'undefined' || isPixel == 1) {
                    var eplayaResponsive = parseInt('0');
                }
                if (typeof(etargetAfterClose) == 'undefined' || isPixel == 1) {
                    var etargetAfterClose = parseInt('0');
                }
                if (typeof(eplayaXko) == 'undefined' || isPixel == 1) {
                    var eplayaXko = 'width:30px;height:30px;';
                }
                if (typeof(blockedJSON) == 'undefined' || isPixel == 1) {
                    var blockedJSON = 'eyJibG9ja2VkX3NvdXJjZSI6WyJhZG9jZWFuIiwiem96bmFtLnNrIiwid2Vibm92aW55LnNrIiwidG9wa3kuc2siLCJldGFyZ2V0IiwidmlkZW9zZXJpZXMiXSwiYmxvY2tlZF92aWRlb19pZCI6WyJaY3J3QkVDV05PRSIsIlFsSm5oYjYwVDFjIl0sImJsb2NrZWRfaWQiOlsiYnJhbmRpbmdfdmlkZW8iXSwiYmxvY2tlZF9jbGFzcyI6WyJwbGF5ZXI1LXZpZGVvIiwiZnAtZW5naW5lIiwiYnJhbmRpbmdfdmlkZW9fY29udGVudCJdLCJibG9ja2VkX2F0dHIiOlsiZGF0YS1wbGF5ZXI9em96bmFtIiwiZGF0YS1wbGF5ZXI9bm8tYWRzIl19';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var forcedJSON = 'W10=';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var showinfo = parseInt('');
                }
                if (typeof(adsTimeDelay) == 'undefined' || isPixel == 1) {
                    var adsTimeDelay = parseInt('') * -1;
                }
                if (typeof(onReadyFilled) == 'undefined') {
                    var onReadyFilled = false;
                }
                if (typeof(dont_touch) == 'undefined' || dont_touch.length == 0) {
                    var dont_touch = '';
                }
                if (typeof(blockedPlayers) == 'undefined') {
                    var blockedPlayers = '';
                } else {
                    blockedPlayers = blockedPlayers + ',';
                }
                if (typeof(allowedPlayers) == 'undefined') {
                    var allowedPlayers = '';
                } else {
                    allowedPlayers = allowedPlayers + ',';
                }
                if (typeof(onLoadFilled) == 'undefined') {
                    var onLoadFilled = false;
                }
                if (typeof(alreadyChecked) == 'undefined') {
                    var alreadyChecked = false;
                }
                if (typeof(etargetVideoType) == 'undefined') {
                    var etargetVideoType = '0';
                }
                if (typeof(maxAdsCount) == 'undefined' || isPixel == 1) {
                    var maxAdsCount = parseInt('0');
                    var niecoX = 1;
                }
                if (typeof(etargetVideoReferrer) == 'undefined') {
                    var etargetVideoReferrer = 0;
                }
                if (typeof(etargetVideoDomain) == 'undefined') {
                    var etargetVideoDomain = '';
                }
                if (typeof(eplayaDeviceType) == 'undefined') {
                    var eplayaDeviceType = parseInt('0');
                }
                if (document.readyState == 'complete' || document.readyState == 'interactive') {
                    if (typeof(checkYURun) == 'function' && !alreadyChecked) {
                        checkYURun('start');
                    }
                }
                if (!alreadyChecked) {
                    var docold = '';
                    if (!alreadyChecked && !onReadyFilled) {
                        if (typeof(document.onreadystatechange) == 'function') {
                            docold = document.onreadystatechange;
                        }
                        document.onreadystatechange = function() {
                            if (!alreadyChecked) {
                                checkYURun('ready');
                            }
                            if (typeof(docold) == 'function') {
                                docold();
                            }
                            onReadyFilled = true;
                        }
                    }
                    var winold = '';
                    if (!alreadyChecked && !onLoadFilled) {
                        if (typeof(window.onload) == 'function') {
                            winold = window.onload;
                        }
                        window.onload = function() {
                            if (!alreadyChecked) {
                                checkYURun('loaded');
                            }
                            if (typeof(winold) == 'function') {
                                winold();
                            }
                            onLoadFilled = true;
                        }
                    }
                }
                if (typeof(onYouTubeIframeAPIReady) == 'function') {
                    skanJSForYT = true;
                }

                function checkYURun(where) {
                    var state = document.readyState;
                    if (state == 'complete' || state == 'interactive') {
                        if (typeof(checkYUExist) == 'function' && !alreadyChecked) {
                            if (typeof(eplayaInit) == 'function') {
                                eplayaInit();
                            } else {
                                checkYUExist();
                            }
                        }
                    }
                }

                function checkYUExist() {
                    var exist = false;
                    var estyle = document.getElementsByTagName('link');
                    for (key in estyle) {
                        if (estyle[key]) {
                            var esrc = estyle[key].href;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                        }
                    }
                    var exist = false;
                    var exist2 = false;
                    var escripts = document.getElementsByTagName('script');
                    for (key in escripts) {
                        if (escripts[key]) {
                            var esrc = escripts[key].src;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                            if (esrc && esrc.indexOf('iframe_api') >= 0) {
                                var exist2 = true;
                            }
                        }
                    }
                    if (!exist2) {
                        var yuscript = document.createElement('script');
                        yuscript.type = 'text/javascript';
                        yuscript.src = 'https://www.youtube.com/iframe_api';
                        document.head.appendChild(yuscript);
                        apiREADY = true;
                    } else {
                        apiREADY = true;
                    }
                    if (!exist) {
                        window.etargetVideoReferrer = parseInt('991');
                        window.etargetVideoDomain = 'sk';
                        var newscript = document.createElement('script');
                        newscript.type = 'text/javascript';
                        newscript.src = 'https://etargetcdn.com/embed/eplayaV5.32.js';
                        if (document.head) {
                            document.head.appendChild(newscript);
                        }
                    }
                }
                isEplayaRunSet = true;
            }
        } catch (e) {
            console.log(e);
        } < /script></body > < /html>

#5 JavaScript::Write (size: 9389, repeated: 1) - SHA256: 644a1ffeea2d9607100cc6b53dab16b5745d2e81a7cfad0a224f2a3e849dec54

                                        < body style = "overflow:hidden;"
onload = "if(typeof(go)=='function'){go();};if(typeof(gox)=='function'){gox();}" > < div class = "main"
id = "main" > < div class = "inmain"
id = "inmain"
ref = "991"
rel = "w_70457" > < div class = "ad-close"
style = "display:none;"
onclick = "try{var pd = parent.document; var adclose = pd.getElementById(''); adclose.parentNode.removeChild(adclose);}catch(e){console.log(e);}" > < /div><!--[jednotka1]--><div class="box version-1 pulse-0" id="b0"><div class="inbox"  onmouseover="if(typeof(highlight)=='function'){highlight(this);}" onmouseout="if(typeof(highlight)=='function'){lowlight(this);}"><div class="imgwrapper" style="float:left;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="max-width:254;max-height:131px" class="imgtable"><tr><td align="center" valign="middle" class="img"><a href="https:/ / sk.search.etargetnet.com / generic / broad / go.php ? action = ppc & amp;
cid = 1 & amp;
hh = gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y & amp;
pattern = AJNWU0MZt2c & amp;
at = 1656691744 & amp; & sfx = AM " style=";
background - image: url(https: //etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000); background-size: 0px;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_img" title=""><img id="etargetAdImg0" src="https://etargetcdn.com/frontend/logos/sk/35160/35160_9-5.jpg#3000"></a></td></tr></table></div><div class="imgwrapper sipkawrapper" style="float:right;margin:0px;"><table cellpadding="0" cellspacing="0" border="0" style="width:40px;height:40px;border-width:0px;margin-right:5px;" ><tr><td align="center" valign="middle" class="sipka" style="border-width:0px;" ><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_sipka " ></a></td></tr></table></div><div class="adbox" style="margin-left:123px;" ><div class="title"><a href="https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM" style="" target="_blank"  onclick="if(typeof(clicktime)=='function'){clicktime(this,event);}"  class="etarget_title" title="">Top kvalita CBD zo `vaj
        iarska < /a></div > < div class = "desc" > < a href = "https://sk.search.etargetnet.com/generic/broad/go.php?action=ppc&amp;cid=1&amp;hh=gRyUSbvNmatq3cGjOjGjOjBNOj0BHdzhxPyqnjwYDe4YDNlExfyFmjzAOT0YOMlAHd0fCMlAHdifkNlAHdJfSN2UDT3EDT0UDT1UJM0MDTWiJMlIOYufCMlEmbmMDNlY2cmQONW4kMz4CM54SM5zOYy9mj2UJMlI3b9dmjWzOf2Nmj4I0N3EJMzMOMlsGdmADMWzDcvfSMlcGbmgJNwEOYWY2NhFDMifJY9dDf0M2Y5gDMhNGfwcOMWE0Ylg2chhGb0fCNzcOM5YJN1YOMlcGdmzJYzfyM2g0NWUOPWV2cmEOPi92YmEOPzfCMwEOPktmjWzJcmEGfJRxT3IOT5MGTmhJM0IJNzQxMJNmM4Q0NkR0NhRGNlsmj0z0dmEOT5zJf9jnjWiOTlAnjWzOcmMON0gJN0z0Y&amp;pattern=AJNWU0MZt2c&amp;at=1656691744&amp;&sfx=AM"
        style = ""
        target = "_blank"
        onclick = "if(typeof(clicktime)=='function'){clicktime(this,event);}"
        class = "etarget_desc"
        title = "" > Akcia - ve > koobchodn� ceny a~-60 % Uv� dzacie ceny v jedine nom dizajne < /a></div > < /div><div style="clear:both;max-height:0px;">&nbsp;</div > < /div></div > < /div></div > < div class = "main"
        id = "hide" > < /div><script language='JavaScript'  charset="utf-8"  >var chrome = /Chrome / .test(navigator.userAgent) && /Google Inc/.test(navigator.vendor);
        var isPixel = parseInt('0');
        var eident = 'EPLAYA';
        var skanJSForYT = false;
        var nextVideoAfterEnd = parseInt('0');
        var etargetAfterClose = parseInt('0');
        var skiptext = 'reklama ETARGET';
        var ceuvn = 'YTowOnt9';
        var xeuvn = '';
        var ourips = '';
        var videoReferer = parseInt('');
        var newStyle = '';
        var parentRelated = '1';
        var noPrerolls = false;
        var globalMidroll = '35,120';
        if ('' == 'true') {
            noPrerolls = true;
        }
        try {
            if (typeof(isEplayaRunSet) == 'undefined') {
                var isEplayaRunSet = false;
            }
            if (!isEplayaRunSet) {
                if (typeof(apiREADY) == 'undefined') {
                    var apiREADY = false;
                }
                if (typeof(eplayaAutoplay) == 'undefined' || isPixel == 1) {
                    var eplayaAutoplay = parseInt('0');
                }
                if ((typeof(tryEtarget) == 'undefined' || isPixel == 1) && '1' == 'none') {
                    var tryEtarget = 0;
                }
                if ((typeof(defaultVPAIDURL) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var defaultVPAIDURL = '';
                }
                if ((typeof(debugMode) == 'undefined' || isPixel == 1) && ''.length > 0) {
                    var debugMode = '';
                }
                if (typeof(eplayaResponsive) == 'undefined' || isPixel == 1) {
                    var eplayaResponsive = parseInt('0');
                }
                if (typeof(etargetAfterClose) == 'undefined' || isPixel == 1) {
                    var etargetAfterClose = parseInt('0');
                }
                if (typeof(eplayaXko) == 'undefined' || isPixel == 1) {
                    var eplayaXko = 'width:30px;height:30px;';
                }
                if (typeof(blockedJSON) == 'undefined' || isPixel == 1) {
                    var blockedJSON = 'eyJibG9ja2VkX3NvdXJjZSI6WyJhZG9jZWFuIiwiem96bmFtLnNrIiwid2Vibm92aW55LnNrIiwidG9wa3kuc2siLCJldGFyZ2V0IiwidmlkZW9zZXJpZXMiXSwiYmxvY2tlZF92aWRlb19pZCI6WyJaY3J3QkVDV05PRSIsIlFsSm5oYjYwVDFjIl0sImJsb2NrZWRfaWQiOlsiYnJhbmRpbmdfdmlkZW8iXSwiYmxvY2tlZF9jbGFzcyI6WyJwbGF5ZXI1LXZpZGVvIiwiZnAtZW5naW5lIiwiYnJhbmRpbmdfdmlkZW9fY29udGVudCJdLCJibG9ja2VkX2F0dHIiOlsiZGF0YS1wbGF5ZXI9em96bmFtIiwiZGF0YS1wbGF5ZXI9bm8tYWRzIl19';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var forcedJSON = 'W10=';
                }
                if (typeof(forcedJSON) == 'undefined' || isPixel == 1) {
                    var showinfo = parseInt('');
                }
                if (typeof(adsTimeDelay) == 'undefined' || isPixel == 1) {
                    var adsTimeDelay = parseInt('') * -1;
                }
                if (typeof(onReadyFilled) == 'undefined') {
                    var onReadyFilled = false;
                }
                if (typeof(dont_touch) == 'undefined' || dont_touch.length == 0) {
                    var dont_touch = '';
                }
                if (typeof(blockedPlayers) == 'undefined') {
                    var blockedPlayers = '';
                } else {
                    blockedPlayers = blockedPlayers + ',';
                }
                if (typeof(allowedPlayers) == 'undefined') {
                    var allowedPlayers = '';
                } else {
                    allowedPlayers = allowedPlayers + ',';
                }
                if (typeof(onLoadFilled) == 'undefined') {
                    var onLoadFilled = false;
                }
                if (typeof(alreadyChecked) == 'undefined') {
                    var alreadyChecked = false;
                }
                if (typeof(etargetVideoType) == 'undefined') {
                    var etargetVideoType = '0';
                }
                if (typeof(maxAdsCount) == 'undefined' || isPixel == 1) {
                    var maxAdsCount = parseInt('0');
                    var niecoX = 1;
                }
                if (typeof(etargetVideoReferrer) == 'undefined') {
                    var etargetVideoReferrer = 0;
                }
                if (typeof(etargetVideoDomain) == 'undefined') {
                    var etargetVideoDomain = '';
                }
                if (typeof(eplayaDeviceType) == 'undefined') {
                    var eplayaDeviceType = parseInt('0');
                }
                if (document.readyState == 'complete' || document.readyState == 'interactive') {
                    if (typeof(checkYURun) == 'function' && !alreadyChecked) {
                        checkYURun('start');
                    }
                }
                if (!alreadyChecked) {
                    var docold = '';
                    if (!alreadyChecked && !onReadyFilled) {
                        if (typeof(document.onreadystatechange) == 'function') {
                            docold = document.onreadystatechange;
                        }
                        document.onreadystatechange = function() {
                            if (!alreadyChecked) {
                                checkYURun('ready');
                            }
                            if (typeof(docold) == 'function') {
                                docold();
                            }
                            onReadyFilled = true;
                        }
                    }
                    var winold = '';
                    if (!alreadyChecked && !onLoadFilled) {
                        if (typeof(window.onload) == 'function') {
                            winold = window.onload;
                        }
                        window.onload = function() {
                            if (!alreadyChecked) {
                                checkYURun('loaded');
                            }
                            if (typeof(winold) == 'function') {
                                winold();
                            }
                            onLoadFilled = true;
                        }
                    }
                }
                if (typeof(onYouTubeIframeAPIReady) == 'function') {
                    skanJSForYT = true;
                }

                function checkYURun(where) {
                    var state = document.readyState;
                    if (state == 'complete' || state == 'interactive') {
                        if (typeof(checkYUExist) == 'function' && !alreadyChecked) {
                            if (typeof(eplayaInit) == 'function') {
                                eplayaInit();
                            } else {
                                checkYUExist();
                            }
                        }
                    }
                }

                function checkYUExist() {
                    var exist = false;
                    var estyle = document.getElementsByTagName('link');
                    for (key in estyle) {
                        if (estyle[key]) {
                            var esrc = estyle[key].href;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                        }
                    }
                    var exist = false;
                    var exist2 = false;
                    var escripts = document.getElementsByTagName('script');
                    for (key in escripts) {
                        if (escripts[key]) {
                            var esrc = escripts[key].src;
                            if (esrc && esrc.indexOf('eplaya') >= 0) {
                                var exist = true;
                            }
                            if (esrc && esrc.indexOf('iframe_api') >= 0) {
                                var exist2 = true;
                            }
                        }
                    }
                    if (!exist2) {
                        var yuscript = document.createElement('script');
                        yuscript.type = 'text/javascript';
                        yuscript.src = 'https://www.youtube.com/iframe_api';
                        document.head.appendChild(yuscript);
                        apiREADY = true;
                    } else {
                        apiREADY = true;
                    }
                    if (!exist) {
                        window.etargetVideoReferrer = parseInt('991');
                        window.etargetVideoDomain = 'sk';
                        var newscript = document.createElement('script');
                        newscript.type = 'text/javascript';
                        newscript.src = 'https://etargetcdn.com/embed/eplayaV5.32.js';
                        if (document.head) {
                            document.head.appendChild(newscript);
                        }
                    }
                }
                isEplayaRunSet = true;
            }
        } catch (e) {
            console.log(e);
        } < /script></body > < /html>

#6 JavaScript::Write (size: 125, repeated: 1) - SHA256: e3fc402cd815d2d7aa3f0d12eece9347048b9cd41aa2cc0b61f081657a07a8f5

                                        < script src = "https://szm.com/reklamatr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe"
type = "text/javascript" > < /script>

HTTP Transactions (76)

Request	Response
GET /43t3f/45y4g.exe HTTP/1.1 Host: palochusvet.szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 313 Md5: e1b7426e0fe426e7ba1a138ab1722d2d$ 85.248.228.58 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Fri, 01 Jul 2022 16:09:03 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 313 Md5: e1b7426e0fe426e7ba1a138ab1722d2d Sha1: 9836feb8393138bd566e49cde0e9de3f73d0117e Sha256: 4f54abb483dc5513a55e5fa8d290ddfb1879fde7154b09f7ed184603e1c24bbd Alerts: Blocklists: - fortinet: Malware
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Fri, 01 Jul 2022 15:48:59 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: _lsQfgjaWLEaSyJkeR6OCl5Q6c8FrthgvKEdppG7LBchAJf6BwlqJw== Age: 1204 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F" Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6250 Expires: Fri, 01 Jul 2022 17:53:13 GMT Date: Fri, 01 Jul 2022 16:09:03 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f877dcf1049551cb05fe926e4b94fb51 Sha1: 2f5c8da538c78853b68ca58a3df5dd64b032291b Sha256: 3e2650132bc75a58c9b08c2a69ec353237f48e840d9d2481f9d5e63d92abbc6f
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.64 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Fri, 01 Jul 2022 03:26:42 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PbKkUcQrdZy5tULswrCqvxipt4RHBnie_wVHhv8AGf-ZpvT2d-sI9w== age: 45742 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:09:03 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:03 GMT Content-Length: 1423 Connection: keep-alive Expires: Tue, 05 Jul 2022 15:39:49 GMT ETag: "038dc923fa7af80147244213e666036e2e6d670b" Last-Modified: Fri, 01 Jul 2022 15:39:49 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 72406764fb7ffac0-OSL --- Additional Info --- Magic: data Size: 1423 Md5: 012dd0511c204b3c4d5ec22404bee797 Sha1: 038dc923fa7af80147244213e666036e2e6d670b Sha256: 6fdb2f85faac897dc18c64bb074f0458ddf7596486338f36bbb5c2562098aeb9
GET /reklamatr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe HTTP/1.1 Host: szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://palochusvet.szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	85.248.228.115 HTTP/1.1 200 OK Content-Type: text/javascript;charset=utf-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:03 GMT Transfer-Encoding: chunked Connection: keep-alive --- Additional Info --- Magic: ASCII text, with very long lines (433) Size: 6300 Md5: b930531c0c975bce30d86658440769a9 Sha1: 8f78178dcf04d05a0c2a3f246b52e441333ee7cb Sha256: 8d367d32d7cc5db06c38f6fa49c35e64543e8e8e4b003b09a373598bfe68fcdb
GET /reklamafr.phtml?URL=http://palochusvet.szm.com/43t3f/45y4g.exe HTTP/1.1 Host: szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://palochusvet.szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	85.248.228.115 HTTP/1.1 200 OK Content-Type: text/javascript;charset=utf-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Transfer-Encoding: chunked Connection: keep-alive --- Additional Info --- Magic: HTML document, ISO-8859 text, with very long lines (1036) Size: 8055 Md5: 1b76f57afe73ff5982654c8e4660f6ff Sha1: 413fc6341566a94f4a21d95955a57c3bbbb89e84 Sha256: a6ae784e53b82f8bb5605d39a9f6076f81aa6ecac4c0cebd1aabe116b81f28a6
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Fri, 01 Jul 2022 15:38:48 GMT Expires: Fri, 01 Jul 2022 16:11:33 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: fx5vwjwnZeGc107sBnFU9169N-vbW0pR2rb7_lnYMuEbmOtBLI_oNQ== Age: 1816 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /google-analytics.html HTTP/1.1 Host: szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://palochusvet.szm.com/ Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 178 Md5: cd2e0e43980a00fb6a2742d3afd803b8$ 85.248.228.115 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Content-Length: 178 Connection: keep-alive Location: https://szm.com/google-analytics.html --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 178 Md5: cd2e0e43980a00fb6a2742d3afd803b8 Sha1: 81ffbd1712afe8cdf138b570c0fc9934742c33c1 Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe HTTP/1.1 Host: szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://palochusvet.szm.com/ Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 178 Md5: cd2e0e43980a00fb6a2742d3afd803b8$ 85.248.228.115 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Content-Length: 178 Connection: keep-alive Location: https://szm.com/reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 178 Md5: cd2e0e43980a00fb6a2742d3afd803b8 Sha1: 81ffbd1712afe8cdf138b570c0fc9934742c33c1 Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /google-analytics.html HTTP/1.1 Host: szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://palochusvet.szm.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	85.248.228.115 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Last-Modified: Sun, 24 Jan 2010 22:13:32 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"4b5cc60c-197" Content-Encoding: gzip --- Additional Info --- Magic: HTML document, ASCII text Size: 274 Md5: 4d428f1d564f5006313d081ded483776 Sha1: 3d5f09a9a77a4c8dab7b2dcc816e4c5281073525 Sha256: 2607804c544b3bbd776e8d078b481761d2a058c540381f762bf60aae53f7d1ab
GET /PIC/reklama.gif HTTP/1.1 Host: img.szm.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://palochusvet.szm.com/	$Magic: GIF image data, version 89a, 12 x 61\012- data Size: 1216 Md5: c3260f4b9a3aa946a2ed7305e3cc36d2$ 85.248.228.60 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Content-Length: 1216 Last-Modified: Tue, 23 Jun 2020 10:27:25 GMT Connection: keep-alive ETag: "5ef1d90d-4c0" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 12 x 61\012- data Size: 1216 Md5: c3260f4b9a3aa946a2ed7305e3cc36d2 Sha1: 35e41c0064cb7f4709129c7f34a2a259889cd54e Sha256: 35571cbb7c061079794e64259ab76263b7b4ad7d4699e7ac1e447648fcfaee1a
GET /PIC/minilogoszm.gif HTTP/1.1 Host: img.szm.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://palochusvet.szm.com/	$Magic: GIF image data, version 89a, 16 x 46\012- data Size: 939 Md5: 0783acd3aec000196b15ab7c791daa10$ 85.248.228.60 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Content-Length: 939 Last-Modified: Tue, 23 Jun 2020 10:27:26 GMT Connection: keep-alive ETag: "5ef1d90e-3ab" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 16 x 46\012- data Size: 939 Md5: 0783acd3aec000196b15ab7c791daa10 Sha1: dc045f8ceb87d2a8b25d1386d5c639b43ecc208f Sha256: 8d5da64a4b9a9222ec115e20aa5572bad099e9f9d3a0d28d18b6c01ca53b19bb
GET /PIC/zavriet.gif HTTP/1.1 Host: img.szm.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://palochusvet.szm.com/	$Magic: GIF image data, version 89a, 15 x 14\012- data Size: 107 Md5: 73cebb1642c5d0a07da398b331d12be9$ 85.248.228.60 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Content-Length: 107 Last-Modified: Tue, 23 Jun 2020 10:27:26 GMT Connection: keep-alive ETag: "5ef1d90e-6b" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 15 x 14\012- data Size: 107 Md5: 73cebb1642c5d0a07da398b331d12be9 Sha1: 921a826744a0c460527dd1e435a8255cea61a2a8 Sha256: 68f00ddb2fea05491cd747ba59dc7783ee6f93244bb8e4f34020493081f54524
GET /reklama/adsense.phtml?URL=http%3A%2F%2Fpalochusvet.szm.com%2F43t3f%2F45y4g.exe HTTP/1.1 Host: szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://palochusvet.szm.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6523) Size: 3292 Md5: 83092a6fac7ec521e773f2d7610869c0$ 85.248.228.115 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6523) Size: 3292 Md5: 83092a6fac7ec521e773f2d7610869c0 Sha1: ca10eeb2e2dd6f977ac8285a4477c453b217d03e Sha256: 5f4da8b7d0fed273f4ddaa7574fd780c162e743e764b7309b2d3955c19239e2f
GET /favicon.ico HTTP/1.1 Host: palochusvet.szm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://palochusvet.szm.com/43t3f/45y4g.exe	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 313 Md5: e1b7426e0fe426e7ba1a138ab1722d2d$ 85.248.228.58 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 313 Md5: e1b7426e0fe426e7ba1a138ab1722d2d Sha1: 9836feb8393138bd566e49cde0e9de3f73d0117e Sha256: 4f54abb483dc5513a55e5fa8d290ddfb1879fde7154b09f7ed184603e1c24bbd
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 14c0b8dfbcc9d9305c595990d76ac438 Sha1: c3bd6f322d7604a1e48dbebdf243f0573f6a0648 Sha256: cf33c6eb2c13df16ee1e1e87d633a1d2966436349a23681b0f09d2fc8f4969cf
GET /ga.js HTTP/1.1 Host: ssl.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.217.21.168 HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 17168 date: Fri, 01 Jul 2022 14:17:10 GMT expires: Fri, 01 Jul 2022 16:17:10 GMT cache-control: public, max-age=7200 age: 6714 last-modified: Wed, 13 Apr 2022 21:02:38 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1305) Size: 17168 Md5: 01d5892e6e243b52998310c2925b9f3a Sha1: 58180151b6a6ee4af73583a214b68efb9e8844d4 Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1680 Cache-Control: 'max-age=158059' Date: Fri, 01 Jul 2022 16:09:04 GMT Last-Modified: Fri, 01 Jul 2022 15:41:04 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a5af35b6c6d203c1f7943571f558c790 Sha1: 832cfc0aff6943cf487e007f97216fd91ee45713 Sha256: 8f1ee2202e24b6dc484d8b6b284ee6d4153e802386344e5edc106b5c1d6a0777
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 14c0b8dfbcc9d9305c595990d76ac438 Sha1: c3bd6f322d7604a1e48dbebdf243f0573f6a0648 Sha256: cf33c6eb2c13df16ee1e1e87d633a1d2966436349a23681b0f09d2fc8f4969cf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 5e1ad6e1788c45bf3797507802afd870 Sha1: 43488e9b79dad96fd6c1faab32b307d528e22824 Sha256: 647892cf5809d16d9088f7f2388374ea65845ac46aa46940212bfee45908d7b9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "54600436DDCB13E9097E7081ECD348437B9334213EB3E3A02BB37F6DE4D59857" Last-Modified: Wed, 29 Jun 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8181 Expires: Fri, 01 Jul 2022 18:25:25 GMT Date: Fri, 01 Jul 2022 16:09:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 22f75ea24cb7e185b3066d159809b6cf Sha1: 17f24b78eb64d6b0873823e0846eab51aed54045 Sha256: 54600436ddcb13e9097e7081ecd348437b9334213eb3e3a02bb37f6de4d59857
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "54600436DDCB13E9097E7081ECD348437B9334213EB3E3A02BB37F6DE4D59857" Last-Modified: Wed, 29 Jun 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8181 Expires: Fri, 01 Jul 2022 18:25:25 GMT Date: Fri, 01 Jul 2022 16:09:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 22f75ea24cb7e185b3066d159809b6cf Sha1: 17f24b78eb64d6b0873823e0846eab51aed54045 Sha256: 54600436ddcb13e9097e7081ecd348437b9334213eb3e3a02bb37f6de4d59857
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8813686-1&cid=1171909612.1656691745&jid=400838370&_v=5.7.2&z=579405538 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://szm.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 28d6814f309ea289f847c69cf91194c6$ 173.194.73.154 HTTP/2 200 OK access-control-allow-origin: * strict-transport-security: max-age=10886400; includeSubDomains; preload date: Fri, 01 Jul 2022 16:09:04 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT x-content-type-options: nosniff content-type: image/gif cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 35 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 28d6814f309ea289f847c69cf91194c6 Sha1: 0f4e929dd5bb2564f7ab9c76338e04e292a42ace Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 8de493851ec6aeb45deb0e0a801831fa Sha1: 32865efdb4afcbc3b2eb844d8c522796fb5f9291 Sha256: 9afa477fa70f1dd73f4e7d7619792cb8bdd17ebfd298458904daa2f4fcd257cd
GET /generic/advert.php?g=ref:991,area:468x60,:,tabl:4,design_name:custom,border_color:ffffff,border_style:none,background_opacity:100,background_color:ffffff,hover_back:,title_color:cc0000,text_color:000000,url_color:0067d6,h_title_color:cc0000,h_text_color:000000,h_url_color:0067d6,freespace:0,logo_type:0,logo:0,title_underline:0,url_underline:0,h_title_underline:1,h_url_underline:1,nourl:,fsi:auto,font:verdana,require_login_pass:0,login_pass:,show_in_fb:,show_in_fb_text:,tt:0,q:https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 Host: sk.search.etargetnet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24111) Size: 13675 Md5: 3521415e5acb6179042eaca567c84dda$ 195.168.10.172 HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache, must-revalidate Pragma: no-cache X-Protected-By: Bee/0.43 Set-Cookie: p=991; expires=Fri, 01-Jul-2022 17:09:04 GMT; Max-Age=3600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=512; expires=Fri, 15-Jul-2022 16:09:04 GMT; Max-Age=1209600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=J; expires=Mon, 01-Aug-2022 16:09:04 GMT; Max-Age=2678400; path=/; samesite=none; domain=.etargetnet.com; secure ckf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure ckf=1; expires=Sat, 01-Jul-2023 16:09:04 GMT; Max-Age=31536000; path=/; samesite=none; domain=.etargetnet.com; secure ecc[996]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure ecc[944]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" X-Powered-By: Queen/2.145 Access-Control-Allow-Origin: * Y-Protected-By: Bulbasaur/mblade01-01-c Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24111) Size: 13675 Md5: 3521415e5acb6179042eaca567c84dda Sha1: 5c2c9323cd43e6dad292a35a4df11963de483e41 Sha256: d29e65017e71b59609e54eefb34d172322ccd23c8c17c42cdb37db5dec9c8b49
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 73lMXkAbURW6nTzG9PnrHQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.40.216.187 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: cEIEmkuh0E5JsnMxFuRSgqzQnqQ= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frontend/logos/sk/35160/35160_9-5.jpg HTTP/1.1 Host: etargetcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 254x133, components 3\012- data Size: 10440 Md5: b6cf84521f99c67fc3b2c8feab2264d0$ 172.67.73.79 HTTP/2 200 OK date: Fri, 01 Jul 2022 16:09:04 GMT content-type: image/jpeg content-length: 10440 cf-bgj: imgq:100,h2pri cf-polished: origSize=10681, status=webp_bigger etag: "622ddf97-29b9" last-modified: Sun, 13 Mar 2022 12:12:07 GMT y-protected-by: Bulbasaur/mblade01-01-b cache-control: max-age=14400 cf-cache-status: HIT age: 4165 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtE31%2BLI6EibkUsKOgWMoFQ4%2FaH6ChUukhI8gfNXyMrR3TTLiORaha0R2IyetVCCKh44bsy17CX5F%2B37O8LUc1rT8Jh9ULmM0X0W%2FvZuiyTWEW6d1RdWRj%2FxDA1SiIJM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7240676d19b00b59-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 254x133, components 3\012- data Size: 10440 Md5: b6cf84521f99c67fc3b2c8feab2264d0 Sha1: 50db1c62ad5592fff4ee11c3b91437f1de7bff0f Sha256: 32dc254d4446e07446f29b03505d72ce1bcf3962c6cf2b921308102b721ca28d
GET /generic/advert.php?g=ref:991,area:468x60,:,tabl:4,design_name:custom,border_color:ffffff,border_style:none,background_opacity:100,background_color:ffffff,hover_back:,title_color:cc0000,text_color:000000,url_color:0067d6,h_title_color:cc0000,h_text_color:000000,h_url_color:0067d6,freespace:0,logo_type:0,logo:0,title_underline:0,url_underline:0,h_title_underline:1,h_url_underline:1,nourl:,fsi:auto,font:verdana,require_login_pass:0,login_pass:,show_in_fb:,show_in_fb_text:,tt:0,q:https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 Host: sk.search.etargetnet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24111) Size: 13672 Md5: 41965640ee57b41afa419b964a578acb$ 195.168.10.172 HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache, must-revalidate Pragma: no-cache X-Protected-By: Bee/0.43 Set-Cookie: p=991; expires=Fri, 01-Jul-2022 17:09:04 GMT; Max-Age=3600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure euvf=512; expires=Fri, 15-Jul-2022 16:09:04 GMT; Max-Age=1209600; path=/; samesite=none; domain=.etargetnet.com; secure euvh=J; expires=Mon, 01-Aug-2022 16:09:04 GMT; Max-Age=2678400; path=/; samesite=none; domain=.etargetnet.com; secure ckf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure ckf=1; expires=Sat, 01-Jul-2023 16:09:04 GMT; Max-Age=31536000; path=/; samesite=none; domain=.etargetnet.com; secure ecc[996]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure ecc[944]=3; expires=Fri, 01-Jul-2022 22:09:04 GMT; Max-Age=21600; path=/; samesite=none; domain=.etargetnet.com; secure P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml" X-Powered-By: Queen/2.145 Access-Control-Allow-Origin: * Y-Protected-By: Bulbasaur/mblade01-01-c Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24111) Size: 13672 Md5: 41965640ee57b41afa419b964a578acb Sha1: 279c368fe9184a9443d24ee91b60fe4c34fa4047 Sha256: 076ca59950090a9d5430a6663cc0017e479965878491e4cfd0f6a1b51ee9c35b
GET /img/sipka/sipka_C00.png HTTP/1.1 Host: sk.search.etargetnet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PNG image data, 40 x 80, 8-bit colormap, non-interlaced\012- data Size: 1228 Md5: a162c304f69121a0342881c7637f769b$ 195.168.10.172 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Fri, 01 Jul 2022 16:09:04 GMT Content-Length: 1228 Last-Modified: Fri, 06 Dec 2013 09:35:48 GMT Connection: keep-alive ETag: "52a19a74-4cc" Expires: Sat, 02 Jul 2022 16:09:04 GMT Cache-Control: max-age=86400 Vary: Origin Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers: Content-Length,Content-Range Pragma: cache Y-Protected-By: Bulbasaur/mblade01-01-c Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 40 x 80, 8-bit colormap, non-interlaced\012- data Size: 1228 Md5: a162c304f69121a0342881c7637f769b Sha1: 22ca11af669d289f8698ad0e58d22459c9f6ad93 Sha256: e64bec99568e524ce2729f0768e3eccedfeeac91ad93caee216804db928619fc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a8876ea1457d585ab779a64d7df3d75b Sha1: ac2d8ae4ed080efcd5f4ff4009032d294640c2e6 Sha256: 052a25589541420c7e33c808af2d48fe4bff4d5b157e7a873cc18b5819d3b2e9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a8876ea1457d585ab779a64d7df3d75b Sha1: ac2d8ae4ed080efcd5f4ff4009032d294640c2e6 Sha256: 052a25589541420c7e33c808af2d48fe4bff4d5b157e7a873cc18b5819d3b2e9
GET /s/player/0e7373c2/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1 Host: www.youtube.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	142.250.74.142 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding, Origin content-encoding: br cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="youtube" report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-length: 51437 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 01 Jul 2022 02:35:04 GMT expires: Sat, 01 Jul 2023 02:35:04 GMT cache-control: public, max-age=31536000 last-modified: Thu, 30 Jun 2022 00:22:13 GMT content-type: text/javascript age: 48840 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (570) Size: 51437 Md5: 60e8dd90f7a033a48223948b15e245f8 Sha1: 771bcecd99ad5c822194a0430e8bc6b8495becc8 Sha256: fcb481f5c417a885d11411ce103c03e59e58f2909a1fb4393fc14d84bc24027d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 01 Jul 2022 16:09:04 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a8876ea1457d585ab779a64d7df3d75b Sha1: ac2d8ae4ed080efcd5f4ff4009032d294640c2e6 Sha256: 052a25589541420c7e33c808af2d48fe4bff4d5b157e7a873cc18b5819d3b2e9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3310 Cache-Control: 'max-age=158059' Date: Fri, 01 Jul 2022 16:09:05 GMT Last-Modified: Fri, 01 Jul 2022 15:13:55 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 45a75b323452da7c0fa991fb802efc78 Sha1: 95638dda6d5da27618b6b9046a35c2501fbfe851 Sha256: 73f9237b768bb353f1065867395374cb71a68d7adde88615e5e8c935f4453c06
GET /containr.js HTTP/1.1 Host: cdn.mookie1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	23.13.39.40 HTTP/1.1 200 OK Content-Type: application/x-javascript Accept-Ranges: bytes ETag: "6200df1a0ff97d44f843b0184fa20225:1599561740.987291" Last-Modified: Tue, 08 Sep 2020 10:42:20 GMT Server: AkamaiNetStorage Vary: Accept-Encoding Content-Encoding: gzip Cache-Control: max-age=60 Expires: Fri, 01 Jul 2022 16:10:05 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Content-Length: 2941 Connection: keep-alive Access-Control-Max-Age: 86400 Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,POST Access-Control-Allow-Origin: * --- Additional Info --- Magic: ASCII text, with very long lines (8911), with no line terminators Size: 2941 Md5: 7ffd4fb7e1453522a471c78427da2ae1 Sha1: ffd31aaa4c68ff2d09b295092cabf335b3657d4a Sha256: 38d3be2ed4b565fd170f63bd420ef939e1b565ef30d461341986c505d84833ed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B" Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19991 Expires: Fri, 01 Jul 2022 21:42:16 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68b6d076dced4216b260baa100861b42 Sha1: 714ce92b5bab062587f225e729a98b45b1209172 Sha256: 974497d7defc2e7cc99cfdf35346137ba84d342d3bcdad854df7920019e9846b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B" Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20508 Expires: Fri, 01 Jul 2022 21:50:53 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68b6d076dced4216b260baa100861b42 Sha1: 714ce92b5bab062587f225e729a98b45b1209172 Sha256: 974497d7defc2e7cc99cfdf35346137ba84d342d3bcdad854df7920019e9846b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B" Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20563 Expires: Fri, 01 Jul 2022 21:51:48 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68b6d076dced4216b260baa100861b42 Sha1: 714ce92b5bab062587f225e729a98b45b1209172 Sha256: 974497d7defc2e7cc99cfdf35346137ba84d342d3bcdad854df7920019e9846b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "974497D7DEFC2E7CC99CFDF35346137BA84D342D3BCDAD854DF7920019E9846B" Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20029 Expires: Fri, 01 Jul 2022 21:42:54 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 68b6d076dced4216b260baa100861b42 Sha1: 714ce92b5bab062587f225e729a98b45b1209172 Sha256: 974497d7defc2e7cc99cfdf35346137ba84d342d3bcdad854df7920019e9846b
GET /dist/bundle.js HTTP/1.1 Host: tpx.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	35.157.179.180 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:09:05 GMT content-type: application/javascript content-length: 26906 etag: "f8ef48c937b68b99d07d3f89ad4b87ff8f42c502" set-cookie: tpuuid=gHQX4elOLABtkAUHelTQtx6zZjlUosgp6xj0OwNMI88Y; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (26906), with no line terminators Size: 26906 Md5: 5febbc7eedc877d965812a719a5d79b8 Sha1: f8ef48c937b68b99d07d3f89ad4b87ff8f42c502 Sha256: b8481fc163157c34968627e542b5947bde503853016133a04c50bccd3dbfe595
GET /dist/bundle.js HTTP/1.1 Host: tpx.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	35.157.179.180 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:09:05 GMT content-type: application/javascript content-length: 26906 etag: "3ae6cedcc5e46fbf56523cd45aff891d14e60376" set-cookie: tpuuid=BQuDOTBxOZxows6Pqx6uRVWIAVAgcyszrRMwB6Q7swKy; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (26906), with no line terminators Size: 26906 Md5: 76c2aab2f36f6ea1af592e6de951a2ea Sha1: 3ae6cedcc5e46fbf56523cd45aff891d14e60376 Sha256: e8824df762c60fb701c3a061299de3df835b9119aba3b42bd5f86804865f52d8
GET /dist/bundle.js HTTP/1.1 Host: tpx.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	35.157.179.180 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:09:05 GMT content-type: application/javascript content-length: 26906 etag: "c10da53c7d91d1dbb265482374ded6d83997ac53" set-cookie: tpuuid=8bqlrqtPQihZiA4PZCbRIEVQosbEZwuUcsJcPp1FlNar; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (26906), with no line terminators Size: 26906 Md5: 07e0a2881d8e32b7e35eece77afbf234 Sha1: c10da53c7d91d1dbb265482374ded6d83997ac53 Sha256: a38d2774f51dcc351a587124feb3bd3a30ac5e1af63f99968f7427054285d01d
GET /dist/bundle.js HTTP/1.1 Host: tpx.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	35.157.179.180 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:09:05 GMT content-type: application/javascript content-length: 26906 etag: "8b20953cd7be3ba1db576b6a5b0dcf0d82bfeb59" set-cookie: tpuuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n; Domain=.tesseradigital.com; expires=Sat, 27 Jun 2037 16:09:05 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (26906), with no line terminators Size: 26906 Md5: 5dd05d7c889f10edfad5b24dd0053513 Sha1: 8b20953cd7be3ba1db576b6a5b0dcf0d82bfeb59 Sha256: d5268fe10a9e4b4bc4f624cec3fd5549ebc7f4481a9c461510f51135466a77f2
GET /iframe_api HTTP/1.1 Host: www.youtube.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	142.250.74.142 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 x-content-type-options: nosniff expires: Fri, 01 Jul 2022 16:09:04 GMT date: Fri, 01 Jul 2022 16:09:04 GMT cache-control: private, max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000 cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main" critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy: cross-origin report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-platform=, ch-ua-platform-version=* p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." content-encoding: br server: ESF x-xss-protection: 0 set-cookie: YSC=c-dX31UCPa4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=urX3icDC-NA; Domain=.youtube.com; Expires=Wed, 28-Dec-2022 16:09:04 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+506; expires=Sun, 30-Jun-2024 16:09:04 GMT; path=/; domain=.youtube.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (509) Size: 988 Md5: 8e1e4ace3f65e9b08b3de9bac58b9408 Sha1: 3479d90458c51ffdb3a2cc7626a54dad743eadd2 Sha256: b2307407c6747808284085bc115b3f2008516387705d3b011261c4e6f47e2171
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "73B35E1142F56B80F8CCD3F5E75131E0C2862C08C708F14CC5EAC3E83672A5DA" Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1106 Expires: Fri, 01 Jul 2022 16:27:31 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aab982914e28a991b89ca8d776584081 Sha1: 2cadadb367816785f35ce90e2554fbf8a1cd006f Sha256: 73b35e1142f56b80f8ccd3f5e75131e0c2862c08c708f14cc5eac3e83672a5da
GET /incoming?p=false&a=false&b=false HTTP/1.1 Host: tpx.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Cookie: tpuuid=8bqlrqtPQihZiA4PZCbRIEVQosbEZwuUcsJcPp1FlNar Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	35.157.179.180 HTTP/2 204 No Content server: nginx date: Fri, 01 Jul 2022 16:09:05 GMT last-modified: Friday, 01-Jul-2022 16:09:05 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FCE600B67DA1F1FDE46D8E1752605A1DA76A369EAA1AF92C78BBC7D793882B99" Last-Modified: Wed, 29 Jun 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10493 Expires: Fri, 01 Jul 2022 19:03:58 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6f95e729e87bd9f1e3badba8a1687fdc Sha1: 1b059dfc9ba77fc64318680947afd6fae1e7aa85 Sha256: fce600b67da1f1fde46d8e1752605a1da76a369eaa1af92c78bbc7d793882b99
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FCE600B67DA1F1FDE46D8E1752605A1DA76A369EAA1AF92C78BBC7D793882B99" Last-Modified: Wed, 29 Jun 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1284 Expires: Fri, 01 Jul 2022 16:30:29 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6f95e729e87bd9f1e3badba8a1687fdc Sha1: 1b059dfc9ba77fc64318680947afd6fae1e7aa85 Sha256: fce600b67da1f1fde46d8e1752605a1da76a369eaa1af92c78bbc7d793882b99
GET /PIC/zavriet.gif HTTP/1.1 Host: img.szm.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://palochusvet.szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 15 x 14\012- data Size: 107 Md5: 73cebb1642c5d0a07da398b331d12be9$ 85.248.228.60 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:09:05 GMT Content-Length: 107 Last-Modified: Tue, 23 Jun 2020 10:27:26 GMT Connection: keep-alive ETag: "5ef1d90e-6b" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 15 x 14\012- data Size: 107 Md5: 73cebb1642c5d0a07da398b331d12be9 Sha1: 921a826744a0c460527dd1e435a8255cea61a2a8 Sha256: 68f00ddb2fea05491cd747ba59dc7783ee6f93244bb8e4f34020493081f54524
GET /PIC/reklama-horizontalna.gif HTTP/1.1 Host: img.szm.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://palochusvet.szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 61 x 12\012- data Size: 1251 Md5: a49ad5ae145f1d611ef5bae605889f06$ 85.248.228.60 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:09:05 GMT Content-Length: 1251 Last-Modified: Tue, 23 Jun 2020 10:27:25 GMT Connection: keep-alive ETag: "5ef1d90d-4e3" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 61 x 12\012- data Size: 1251 Md5: a49ad5ae145f1d611ef5bae605889f06 Sha1: 9632a30c2c4f29de66b570c095ad5032df357d5a Sha256: 3f061b3425b4ce73a0029131e7eaf6ab1daa7e92947fb76daef7380e9d3ebbb8
GET /imp.js?_pid=163594704&_ouuid=gHQX4elOLABtkAUHelTQtx6zZjlUosgp6xj0OwNMI88Y&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 Host: fd.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Cookie: tpuuid=gHQX4elOLABtkAUHelTQtx6zZjlUosgp6xj0OwNMI88Y Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	18.196.91.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:03:35 GMT content-type: text/html; charset=UTF-8 content-length: 0 etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709" cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 last-modified: Friday, 01-Jul-2022 16:03:35 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imp.js?_pid=163594704&_ouuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 Host: fd.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Cookie: tpuuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	18.196.91.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:03:35 GMT content-type: text/html; charset=UTF-8 content-length: 0 etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709" cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 last-modified: Friday, 01-Jul-2022 16:03:35 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imp.js?_pid=163594704&_ouuid=8bqlrqtPQihZiA4PZCbRIEVQosbEZwuUcsJcPp1FlNar&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 Host: fd.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Cookie: tpuuid=XSFRmjNBG01K9VeiEuk1UPJnWJJZcnILHX4p0JQZAu2n Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	18.196.91.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:03:35 GMT content-type: text/html; charset=UTF-8 content-length: 0 etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709" cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 last-modified: Friday, 01-Jul-2022 16:03:35 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F763D7576AAB81AE47F35FD4AFFB2D6BE29F421DA0A2F3607F966049C88AE66C" Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10078 Expires: Fri, 01 Jul 2022 18:57:03 GMT Date: Fri, 01 Jul 2022 16:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7787c62ed0112b4ca6371a3acc507975 Sha1: 21de1c155efbe45cd26827c4ede0e43598da5f63 Sha256: f763d7576aab81ae47f35fd4affb2d6be29f421da0a2f3607f966049c88ae66c
GET /imp.js?_pid=163594704&_ouuid=BQuDOTBxOZxows6Pqx6uRVWIAVAgcyszrRMwB6Q7swKy&_oprio=0&_oref=https%3A%2F%2Fszm.com%2Freklama%2Fadsense.phtml%3FURL%3Dhttp%253A%252F%252Fpalochusvet.szm.com%252F43t3f%252F45y4g.exe HTTP/1.1 Host: fd.tesseradigital.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Cookie: tpuuid=BQuDOTBxOZxows6Pqx6uRVWIAVAgcyszrRMwB6Q7swKy Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	18.196.91.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:03:35 GMT content-type: text/html; charset=UTF-8 content-length: 0 etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709" cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 last-modified: Friday, 01-Jul-2022 16:03:35 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /www/delivery/afr.php?zoneid=60&cb=988273 HTTP/1.1 Host: ad.novara.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://palochusvet.szm.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (704) Size: 654 Md5: 8797aea55e923fde29413c308c7a6f81$ 85.248.228.68 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 01 Jul 2022 16:09:05 GMT Transfer-Encoding: chunked Connection: keep-alive Pragma: no-cache Cache-Control: no-cache, no-store, must-revalidate Expires: 0 Access-Control-Allow-Origin: * P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAGEO=NO%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/ OAID=7f127d5908e1b06015c93420fc3bfc22; expires=Sat, 01-Jul-2023 16:09:05 GMT; Max-Age=31536000; path=/ Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (704) Size: 654 Md5: 8797aea55e923fde29413c308c7a6f81 Sha1: 3d8c01825cfbb656260b8415899f6c01f71d3d99 Sha256: 192ec1ec9385d9ed6d8e01f30e4800dd1113f305d8cd1031ee4ecaac1d06d381
GET /www/images/85ebc45601450d75a4c0a72eb1f95988.jpg HTTP/1.1 Host: ad.novara.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ad.novara.sk/www/delivery/afr.php?zoneid=60&cb=988273 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x600, components 3\012- data Size: 34478 Md5: 85ebc45601450d75a4c0a72eb1f95988$ 85.248.228.68 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Fri, 01 Jul 2022 16:09:05 GMT Content-Length: 34478 Last-Modified: Thu, 26 Oct 2017 00:30:50 GMT Connection: keep-alive ETag: "59f12cba-86ae" Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x600, components 3\012- data Size: 34478 Md5: 85ebc45601450d75a4c0a72eb1f95988 Sha1: b5da0f677377647adc5584b3e05e8ab54017f69b Sha256: ace6cc45873b82fb762fd66ea94bf46569cdd5da4fc887231404ca80c2744ac9
GET /www/delivery/lg.php?bannerid=4130&campaignid=1689&zoneid=60&loc=http%3A%2F%2Fpalochusvet.szm.com%2F&cb=04d5794623 HTTP/1.1 Host: ad.novara.sk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ad.novara.sk/www/delivery/afr.php?zoneid=60&cb=988273 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1$ 85.248.228.68 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:09:05 GMT Transfer-Encoding: chunked Connection: keep-alive Pragma: no-cache Cache-Control: no-cache, no-store, must-revalidate Expires: 0 Access-Control-Allow-Origin: * P3P: CP="CUR ADM OUR NOR STA NID" Set-Cookie: OAGEO=NO%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/ OAID=94c8c30c57a3e5148fe7c35663a682f0; expires=Sat, 01-Jul-2023 16:09:05 GMT; Max-Age=31536000; path=/ --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7974 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:09:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7974 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:09:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7974 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:09:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7974 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:09:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7974 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:09:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
GET /embed/eplayaV5.32.js HTTP/1.1 Host: etargetcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.67.73.79 HTTP/2 200 OK date: Fri, 01 Jul 2022 16:09:04 GMT content-type: application/javascript access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * access-control-expose-headers: Content-Length,Content-Range cache-control: max-age=86400 cf-bgj: minify cf-polished: origSize=79702 etag: W/"610a490a-13756" expires: Fri, 01 Jul 2022 21:34:47 GMT last-modified: Wed, 04 Aug 2021 08:00:10 GMT pragma: cache vary: Accept-Encoding, Origin y-protected-by: Bulbasaur/mblade01-01-b cf-cache-status: HIT age: 66857 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa1757hZi8XbK%2BFN%2B8XqOUqZWD7d1YN1N7g2frui6zkfk1Bfh%2FuQnQUvKk%2BPgJIYDmenIZzaOR06t53iYcpCDKKqMcX7v6s6bngCK18WG%2Fx6hlvUVMs86NyzZw6OxSJm"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7240676d09930b59-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (3450) Size: 23156 Md5: e4d4361d9671a03954458a4158ed6195 Sha1: 4a21fea5784ddb6763cca88158c81354f6c6da25 Sha256: 14b6ca7075d1bc5962da1f969fa0f2e1cb15948fdb811b2be9a9797c7d9f2b42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11303 x-amzn-requestid: bb4e28bd-b8fe-46aa-b7e1-9df6f52c9d34 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeQW-EnzIAMFSfw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbfa92-4788a606125c42431ba5c73a;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:09:06 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: FECr8vnUNXIJXah4ilgSdBbkbjEIYjsLUdys3R4NE65S9iuOzjcSwQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 07:42:41 GMT age: 30385 etag: "91d2dc48008a198adb2b740bec1843a146f826c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2 Sha1: 91d2dc48008a198adb2b740bec1843a146f826c1 Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
GET /iframe_api HTTP/1.1 Host: www.youtube.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.142 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 x-content-type-options: nosniff expires: Fri, 01 Jul 2022 16:09:04 GMT date: Fri, 01 Jul 2022 16:09:04 GMT cache-control: private, max-age=0 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000 report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main" permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-platform=, ch-ua-platform-version=* cross-origin-resource-policy: cross-origin p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." content-encoding: br server: ESF x-xss-protection: 0 set-cookie: YSC=GIg0ILMGV0o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=1nQBFQk8q3o; Domain=.youtube.com; Expires=Wed, 28-Dec-2022 16:09:04 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+519; expires=Sun, 30-Jun-2024 16:09:04 GMT; path=/; domain=.youtube.com; Secure alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (509) Size: 7262 Md5: 13bf60a42d19683e4082a2bab6c7a64a Sha1: 932adf8bd5fdc8b175192446a2383b7e81b3a9b1 Sha256: 64b5830d2c071b09011be11c339a70c1edd88af71a346c4901a187e20b90b4a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf1e617a-6fd1-48e4-960a-73bddd0fb482.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9555 Md5: 8f957d00754df49ffe6ebbcf869b528a$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9555 x-amzn-requestid: ddc50c80-7b41-4709-952d-096c3fcfc5a2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UUXJ-HsgIAMFwag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b80572-1ecc47e74333e7c2352e2e0e;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 07:06:26 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: fx_8uoi08YuMMK-Gg4rNkPq53DuRCUSW_zVMfl3JfmlrKn5VjQl4SQ== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 19:57:44 GMT age: 72682 etag: "e52d1a0382cee461a2ba0df6d554cdb82087ff49" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9555 Md5: 8f957d00754df49ffe6ebbcf869b528a Sha1: e52d1a0382cee461a2ba0df6d554cdb82087ff49 Sha256: 87a80c1e2f261504f8e821829babcce76b00de442bd7c6f9880b2932b2864839
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fb8f8ac-1447-4cbf-a03d-3b6276064e5d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5228 Md5: 2403216bc2dcf981397210dd8c97d21b$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5228 x-amzn-requestid: aa2ae070-d7af-4ab5-a62b-cd3133c0717d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UXjQMF1fIAMFm-Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b94c01-39c87d2c65b06bc212bee113;Sampled=0 x-amzn-remapped-date: Mon, 27 Jun 2022 06:19:45 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: -hFyOxRNAoBAZwq1tZEZx-WmK1wrvy7_GMngpvsKzKrngHEWN8dWTg== via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 22:03:52 GMT age: 65114 etag: "ce25cc6aba5d9ebdd79eb30b51847cf96807f608" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5228 Md5: 2403216bc2dcf981397210dd8c97d21b Sha1: ce25cc6aba5d9ebdd79eb30b51847cf96807f608 Sha256: ca2d93917806e02e9015493ba5fee438c720d23509a2628bc1bf13e4bb76128d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1934ff6c-738b-4ee1-a3a7-f172a73da4bd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10798 Md5: 23c2976b6fa0265e05566907f71bd9e3$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10798 x-amzn-requestid: ec008800-0485-48fc-ad7d-1f28baff782f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UjickERbIAMF1NA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be1783-328a674d1742f9c236542ec2;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 21:37:07 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: o3AnxqrsGxaBlFc3pR1fNbgG8owT3PJgY29iVJBLj3DXcaZYfGX0EQ== via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 22:03:52 GMT age: 65114 etag: "7db6b42dda26780d3a6cf5c9e3761db08722c630" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10798 Md5: 23c2976b6fa0265e05566907f71bd9e3 Sha1: 7db6b42dda26780d3a6cf5c9e3761db08722c630 Sha256: a706e15acd54d9ffa304b4f931c811c57ba91e4d58c3970794a77eb873be3287
GET /frontend/logos/sk/35160/35160_9-6.jpg HTTP/1.1 Host: etargetcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 254x133, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8668 Md5: bddafba05cf7d3f173d93f3f34dcb544$ 172.67.73.79 HTTP/2 200 OK date: Fri, 01 Jul 2022 16:09:06 GMT content-type: image/webp content-length: 8668 cf-bgj: imgq:100,h2pri cf-polished: origFmt=jpeg, origSize=8958 content-disposition: inline; filename="35160_9-6.webp" etag: "622e43b5-22fe" last-modified: Sun, 13 Mar 2022 19:19:17 GMT vary: Accept y-protected-by: Bulbasaur/mblade01-01-c cache-control: max-age=14400 cf-cache-status: HIT age: 4165 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAFxYXyIlQ2i49%2FIA%2BTuaP4NuJP5697HiX8i4Zj%2B%2BnGvNVXOXS02cSW1reRkENbCTEuJMvgKnDmlUt3BOZtIC9dF43AiyNMYjhEgDqawgTKzLWCmJ0uBWJIJqN0ROPaM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 724067796f6f0b59-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: RIFF (little-endian) data, Web/P image, VP8 encoding, 254x133, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size: 8668 Md5: bddafba05cf7d3f173d93f3f34dcb544 Sha1: ce90711b8063ab5d73eb85502b1d65cab4ca4754 Sha256: 9fe4d7993f750551ac87658dc4208050b684fa8df3a6034c2bd3c55bc9584b96
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3052 Cache-Control: max-age=92170 Date: Fri, 01 Jul 2022 16:09:08 GMT Etag: "62bdd542-1d7" Expires: Sat, 02 Jul 2022 17:45:18 GMT Last-Modified: Thu, 30 Jun 2022 16:54:26 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 78aadc1a8c08031cf8cf2e77468bd67b Sha1: 83725cb6a2f71bf7b1b141c34370ad3b9a43140d Sha256: 1de99af03c2fdcde0d6c7a27fff4f2d37111a6f210320975d77d8315e1a900bc
GET /t/v2/learn?tagid=V2_291021&src.rand=1656691744&gdpr_err=NO_CMP&gdpr_consent=-1&depp=7.0.1-4-eu HTTP/1.1 Host: sk-gmtdmp.mookie1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: 07fff40b5dd495aca2ac4e1c3fbc60aa$ 35.186.238.175 HTTP/2 200 OK date: Fri, 01 Jul 2022 16:09:08 GMT server: Apache p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" x-application-context: application cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT content-type: image/gif;charset=UTF-8 content-length: 43 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: 07fff40b5dd495aca2ac4e1c3fbc60aa Sha1: e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4 Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3052 Cache-Control: max-age=92170 Date: Fri, 01 Jul 2022 16:09:08 GMT Etag: "62bdd542-1d7" Expires: Sat, 02 Jul 2022 17:45:18 GMT Last-Modified: Thu, 30 Jun 2022 16:54:26 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 78aadc1a8c08031cf8cf2e77468bd67b Sha1: 83725cb6a2f71bf7b1b141c34370ad3b9a43140d Sha256: 1de99af03c2fdcde0d6c7a27fff4f2d37111a6f210320975d77d8315e1a900bc
GET /frontend/logos/sk/35160/35160_9-11.jpg HTTP/1.1 Host: etargetcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://szm.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 254x133, components 3\012- data Size: 10718 Md5: d74d01ca9da5bfe76511e7bc540704f4$ 172.67.73.79 HTTP/2 200 OK date: Fri, 01 Jul 2022 16:09:10 GMT content-type: image/jpeg content-length: 10718 cf-bgj: imgq:100,h2pri cf-polished: origSize=11055, status=webp_bigger etag: "622f33c8-2b2f" last-modified: Mon, 14 Mar 2022 12:23:36 GMT y-protected-by: Bulbasaur/mblade01-01-b cache-control: max-age=14400 cf-cache-status: HIT age: 2888 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtiYrlYxlrb%2BboDopFIKsQd3cU77h3gfNakmvrXudx8VwfoUqYOP3sBUgk1q7rBtIG8LYfhZqqZjvR%2BgcyoIhvYjEKa%2BbwjH%2Bwi%2FQu%2Fy2zTNGZeOP6doz8LpelL%2BdVSN"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 724067926d520b59-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 254x133, components 3\012- data Size: 10718 Md5: d74d01ca9da5bfe76511e7bc540704f4 Sha1: 4e2b7db7ddd0dd7a4cdd1223e553deca170ae750 Sha256: e13b7b9d3fb653826fba8260d4dac3c63b7a6eaf681431dd9f3dc241210b9cb7