Loading ...

Analysis Report http://xn--b1apdkbbqid.xn--p1ai/

Overview

General Information

Joe Sandbox Version:25.0.0 Tiger's Eye
Analysis ID:109776
Start date:11.02.2019
Start time:17:58:24
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 6m 52s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:browseurl.jbs
Sample URL:http://xn--b1apdkbbqid.xn--p1ai/
Analysis system description:Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113
Number of analysed new started processes analysed:10
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies
  • EGA enabled
Analysis stop reason:Timeout
Detection:CLEAN
Classification:clean1.win@3/315@17/12
Cookbook Comments:
  • Adjust boot time
  • Browsing link: http://redhelper.ru/?copy
  • Browsing link: http://?????????.??/
  • Browsing link: http://?????????.??/magazin.html
  • Browsing link: http://?????????.??/nashi-uslugi.html
  • Browsing link: http://?????????.??/ceny.html
  • Browsing link: http://?????????.??/kontakty.html
  • Browsing link: http://?????????.??/stati-o-remonte.html
  • Browsing link: http://?????????.??/video.html
Warnings:
Show All
  • Exclude process from analysis (whitelisted): ielowutil.exe, TiWorker.exe, wermgr.exe, MusNotifyIcon.exe, conhost.exe, CompatTelRunner.exe, svchost.exe
  • Report size exceeded maximum capacity and may have missing behavior information.
  • Report size getting too big, too many NtCreateFile calls found.
  • Report size getting too big, too many NtDeviceIoControlFile calls found.
  • Report size getting too big, too many NtOpenFile calls found.
  • Report size getting too big, too many NtQueryAttributesFile calls found.
  • Report size getting too big, too many NtSetValueKey calls found.

Detection

StrategyScoreRangeReportingWhitelistedDetection
Threshold10 - 100Report FP / FNfalseclean

Confidence

StrategyScoreRangeFurther Analysis Required?Confidence
Threshold30 - 5true
ConfidenceConfidence


Classification

Analysis Advice

Some HTTP requests failed (404). It is likely the sample will exhibit less behavior
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis



Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and Control
Valid AccountsWindows Remote ManagementWinlogon Helper DLLPort MonitorsFile System Logical OffsetsCredential DumpingSystem Service DiscoveryApplication Deployment SoftwareData from Local SystemData Encrypted1Standard Non-Application Layer Protocol6
Replication Through Removable MediaService ExecutionPort MonitorsAccessibility FeaturesBinary PaddingNetwork SniffingApplication Window DiscoveryRemote ServicesData from Removable MediaExfiltration Over Other Network MediumStandard Application Layer Protocol6

Signature Overview

Click to jump to signature section


Phishing:

barindex
Found iframesShow sources
Source: https://redhelper.ru/?copyHTTP Parser: Iframe src: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
META author tag missingShow sources
Source: https://redhelper.ru/?copyHTTP Parser: No <meta name="author".. found
META copyright tag missingShow sources
Source: https://redhelper.ru/?copyHTTP Parser: No <meta name="copyright".. found

Networking:

barindex
Connects to country known for bullet proof hostersShow sources
Source: unknownNetwork traffic detected: IP: 195.208.1.107 Russian Federation
Source: unknownNetwork traffic detected: IP: 185.134.203.99 Russian Federation
Source: unknownNetwork traffic detected: IP: 87.250.250.119 Russian Federation
Source: unknownNetwork traffic detected: IP: 95.163.144.221 Russian Federation
Source: unknownNetwork traffic detected: IP: 87.240.180.136 Russian Federation
Downloads compressed data via HTTPShow sources
Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.12.2Date: Mon, 11 Feb 2019 16:59:12 GMTContent-Type: application/x-javascript; charset=utf-8Content-Length: 3171Connection: keep-aliveX-Powered-By: PHP/5.3.29Expires: Mon, 11 Feb 2019 16:59:13 GMTVary: Accept-EncodingLast-Modified: Fri, 13 Feb 2015 17:23:42 GMTETag: "pub1423848222;gz"Cache-Control: max-age=1, publicContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 1a db 6e db 46 f6 dd 5f 61 1b 86 49 46 14 43 a5 97 ed 52 61 83 c4 6d d1 14 ed 3a a8 83 cd 62 05 c1 a0 c5 91 35 09 45 0a 24 65 c9 91 f4 ef 7b ce dc 87 a4 25 b9 5b bf 48 33 3a f7 fb cc f8 21 29 4f a7 eb f8 6d 59 26 8f ae 37 7c 80 e5 cc 5a fd f7 e3 1f e4 3e f9 83 e4 cb 78 ba cc 27 35 2d 72 f7 ae 58 7f a4 73 52 fa eb eb e9 b4 22 b5 ff 28 3e ab 79 52 d6 ef 8a f5 cd 72 3a a5 6b b5 bc ca 8a 8a f8 b4 5a de f9 eb 74 59 26 48 c4 5f d7 65 92 57 14 bf 7b 27 1b 64 25 c1 49 15 5f b8 69 31 59 ce 49 5e 07 77 45 fa e8 05 f7 a4 fe 39 23 b8 51 b9 4e 4a 1f 46 34 bd 88 9d 9e cd b0 e7 8c 1d 2e f5 04 3
Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.12.2Date: Mon, 11 Feb 2019 16:59:52 GMTContent-Type: application/x-javascript; charset=utf-8Content-Length: 1417Connection: keep-aliveX-Powered-By: PHP/5.3.29Expires: Mon, 11 Feb 2019 16:59:53 GMTVary: Accept-EncodingLast-Modified: Fri, 13 Feb 2015 14:13:34 GMTETag: "pub1423836814;gz"Cache-Control: max-age=1, publicContent-Encoding: gzipData Raw: 1f 8b 08 00 00 00 00 00 00 03 ad 57 5b 6f db 36 14 7e cf af 48 8a 20 14 61 5a 53 06 ec c5 9a 3a 2c 41 0b 14 58 e1 a0 09 d0 61 41 30 c8 12 15 73 95 45 43 a2 6c b9 86 fe 7b cf a1 68 91 b2 9d db b6 bc 38 3c 3a 97 ef dc c9 55 5c 9e 66 4d f4 7b 59 c6 1b 8f 86 2b 38 ce 07 a7 bf ee 3e f3 c7 f8 33 2f ea 28 ab 8b 44 09 59 78 33 d9 dc 89 05 2f 59 33 cd b2 8a 2b b6 31 bf d5 22 2e d5 95 6c 6e eb 2c 13 4d 7f bc ce 65 c5 99 a8 ea 19 6b d2 ba 8c 51 09 6b 54 19 17 95 c0 ff e9 c9 16 4d ed d8 79 15 9d 7b a9 4c ea 05 2f 94 3f 93 e9 86 fa 8f 5c 7d c8 39 12 2a 8f a4 62 75 2f d2 f3 88 8c 86 06 47 e4 81 74 a8 13 b4 88 02 2f 68 f2 ad 0
Downloads files from webservers via HTTPShow sources
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/system/css/system.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/system/css/general.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/default.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/template.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/rainbow.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/patterns.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/typo.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/fonts.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/css/horizotal.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/css/jv_boro.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/modules.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /media/system/js/mootools.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js,/modules/mod_jv_headline/assets/js/horizotal.js,/modules/mod_jv_headline/assets/js/jv_boro.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/80/com_content/117/thumbl_700x320.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/80/com_content/74/thumbl_700x320.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/80/com_content/104/thumbl_700x320.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/80/com_content/120/thumbl_700x320.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/80/com_content/118/thumbl_700x320.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/2-1.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /flash/fcode.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: img.gismeteo.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /images/stories/2-2.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/2-0.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/kotly/27.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/boilery/23.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/radiatory/28.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/teplyi_pol/29.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/kotly/30.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/nasosy/31.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/indent1.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/phocagallery/Kotelnye/dscn4400.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/83/com_content/111/thumbs_270x141.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/83/com_content/110/thumbs_270x141.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/83/com_content/109/thumbs_270x141.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/83/com_content/105/thumbs_270x141.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/83/com_content/103/thumbs_270x141.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/thumbs/83/com_content/97/thumbs_270x141.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d4df1e66_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb34fcd97c4_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb32dd651cf_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/60-pkgtvaschy.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d382fb1c_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/buderus.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/orig_vaillant_logo-60.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/16835.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/giacomini_logo.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/curatenie_20rehau_20tunari-.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/776800-60.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/bosch_sl-es_4c_l-1.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/logo_int-60.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/logo.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/image_get-60.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/8008422-60.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/370big-150.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/wilo.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/brands/logo-global-60.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/otoplenie-v-kredit.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-body.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-wapper.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_body.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-button-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_member_login_bottom.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_right_module_center.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_right_module_bottom.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_readmore.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /flash/City100.swf?city=37144&lang=ru HTTP/1.1Accept: */*Accept-Language: en-USReferer: http://./x-flash-version: 30,0,0,113Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: img.gismeteo.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/fonts/cuprum-webfont.eot? HTTP/1.1Accept: */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoOrigin: http://.Accept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/zt_kaupi_bg_mainmenu.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/logo.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/zt_kaupi_fancy.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-slide-bottom.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-slide.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/images/jv_boro/preload.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/images/jv_boro/overlay.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_right_module_top.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg_title_module.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-user.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/images/bg_featured_bottom.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/images/bg_icon_slide_active.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /modules/mod_jv_headline/assets/images/bg_icon_slide.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/zt_kaupi_bg_footer.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /flashinf/FLB37144.TXT?5069 HTTP/1.1Accept: */*Accept-Language: en-USReferer: http://img.gismeteo.ru/flash/City100.swf?city=37144&lang=rux-flash-version: 30,0,0,113Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: img.gismeteo.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery112406821580612033046_1549936785036&_=1549936785037 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/favicon.ico HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /flash/City100.swf?city=37144&lang=ru HTTP/1.1Accept: */*Accept-Language: en-USReferer: http://./x-flash-version: 30,0,0,113Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: img.gismeteo.ruIf-Modified-Since: Fri, 10 Jul 2009 23:17:36 GMTIf-None-Match: "4a57cc10-6128"Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /flashinf/FLB37144.TXT?4003 HTTP/1.1Accept: */*Accept-Language: en-USReferer: http://img.gismeteo.ru/flash/City100.swf?city=37144&lang=rux-flash-version: 30,0,0,113Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: img.gismeteo.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /?copy HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: redhelper.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js,/modules/mod_jv_headline/assets/js/horizotal.js,/modules/mod_jv_headline/assets/js/jv_boro.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiIf-Modified-Since: Fri, 13 Feb 2015 17:23:42 GMTIf-None-Match: "pub1423848222;gz"Connection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/indent1.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /images/phocagallery/Kotelnye/dscn3822.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /flash/City100.swf?city=37144&lang=ru HTTP/1.1Accept: */*Accept-Language: en-USReferer: http://./x-flash-version: 30,0,0,113Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: img.gismeteo.ruIf-Modified-Since: Fri, 10 Jul 2009 23:17:36 GMTIf-None-Match: "4a57cc10-6128"Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb34fcd97c4_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb32dd651cf_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2f1cdaac2_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d382fb1c_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery112409652612544229004_1549936816218&_=1549936816219 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /flashinf/FLB37144.TXT?6730 HTTP/1.1Accept: */*Accept-Language: en-USReferer: http://img.gismeteo.ru/flash/City100.swf?city=37144&lang=rux-flash-version: 30,0,0,113Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: img.gismeteo.ruConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /magazin.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=e9b73bccd1762555582b513ff9d02492a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/default&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/default&file[0]=theme.css&subdir[1]=/js/mootools&file[1]=mooPrompt.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/bloknot2.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/delivery_man.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/payment2.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_________________54df586740c69_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_________________54df59a860218_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_____________54df5abe8e291_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_________________54df5be66521a_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/___________54df603159681_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_________________54df605cac686_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_________________54df60738a29c_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/category/resized/_________________54eb27e454dc2_150x150.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/js&file[0]=wz_tooltip.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/shop_image/ps_image/menu_logo.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb34fcd97c4_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery112404029890232692246_1549936825727&_=1549936825728 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/magazin.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /nashi-uslugi.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=45c48cce2e2d7fbdea1afc51c7c6ad26a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiIf-Modified-Since: Fri, 13 Feb 2015 14:13:34 GMTIf-None-Match: "pub1423836814;gz"Connection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/M_images/printButton.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/M_images/emailButton.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/7/000523.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/7/72944.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/teplyi%20pol.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/7/vodosnab.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/7/welding3.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/indent1.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb34fcd97c4_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /images/phocagallery/Kotelnye/dscn4280.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery1124017034931958695043_1549936828567&_=1549936828568 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /ceny.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=f7a82ce7e16d9687e7cd9a9feb85d187a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiIf-Modified-Since: Fri, 13 Feb 2015 14:13:34 GMTIf-None-Match: "pub1423836814;gz"Connection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/indent1.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /images/phocagallery/Kotelnye/dscn4364.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb34fcd97c4_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2f1cdaac2_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb32dd651cf_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d382fb1c_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery112409893075621610392_1549936839627&_=1549936839628 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/ceny.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /kontakty.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=d4a897919a124958e699170b2b1dc8f2a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiIf-Modified-Since: Fri, 13 Feb 2015 14:13:34 GMTIf-None-Match: "pub1423836814;gz"Connection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d4df1e66_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb32dd651cf_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2f1cdaac2_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d382fb1c_140x140.jpg&newxsize=140&newysize=140&fileout= HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery1124019825494603520144_1549936842367&_=1549936842368 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/kontakty.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /stati-o-remonte.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=787afca6b6dd1f06fc22e4b52b0b89bfa4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiIf-Modified-Since: Fri, 13 Feb 2015 14:13:34 GMTIf-None-Match: "pub1423836814;gz"Connection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/kotly/0000000242v.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/6/polypropylene-pipes.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/radiatory/5.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/6/101.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /images/stories/teplyi_pol/x_d175f37b.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery1124038652826364993675_1549936847761&_=1549936847762 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /video.html HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, */*Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=3ce6d3c8830d27ec2e6a1936ecbaa514a4xn
Source: global trafficHTTP traffic detected: GET /plugins/content/jw_allvideos/tmpl/Classic/css/template.css HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /plugins/content/jw_allvideos/includes/js/mediaplayer/jwplayer.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /plugins/content/jw_allvideos/includes/js/wmvplayer/silverlight.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /plugins/content/jw_allvideos/includes/js/wmvplayer/wmvplayer.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /plugins/content/jw_allvideos/includes/js/quicktimeplayer/AC_QuickTime.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/ HTTP/1.1Accept: text/css, */*Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiIf-Modified-Since: Fri, 13 Feb 2015 14:13:34 GMTIf-None-Match: "pub1423836814;gz"Connection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /templates/zt_kaupi/images/bg-inputbox-search.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: xn--b1apdkbbqid.xn--p1aiConnection: Keep-AliveCookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; virtuemart=a5af02931786766df5c70925c2d8efef; zt_kaupi_tpl=zt_kaupi; s5_qc=6c19e0a6da12dc02239312f151072ddda4xn
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery1124037932289011078995_1549936851951&_=1549936851952 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Source: global trafficHTTP traffic detected: GET /rc/status/567668?timeShift=480&callback=jQuery1124037932289011078995_1549936851951&_=1549936851953 HTTP/1.1Accept: application/javascript, */*;q=0.8Referer: http://xn--b1apdkbbqid.xn--p1ai/video.htmlAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: web.redhelper.ruConnection: Keep-AliveCookie: _ym_uid=1549936804993293147; _ym_d=1549936804; _fbp=fb.1.1549936804120.1704994592; _ym_isad=2; _ym_visorc_34357155=w
Found strings which match to known social media urlsShow sources
Source: U332KZ1D.htm.3.drString found in binary or memory: <a target="_blank" href="//www.youtube.com/user/RedHelperRus" class="social-link yt" title="YouTube"></a> equals www.youtube.com (Youtube)
Source: U332KZ1D.htm.3.drString found in binary or memory: <a target="_blank" href="https://www.facebook.com/RedHelper.ru" class="social-link fb" title="Facebook"></a> equals www.facebook.com (Facebook)
Source: U332KZ1D.htm.3.drString found in binary or memory: var fb = $('<iframe class="fb" src="//www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FRedHelper%2F162535687158055&amp;width=90&amp;layout=button_count&amp;action=like&amp;show_faces=false&amp;share=false&amp;height=21&amp;appId=1450561965156458" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:160px; height:21px;left: 450px; top: -50px; position: absolute;" allowTransparency="true"></iframe>'); equals www.facebook.com (Facebook)
Source: main_conc[1].js.3.drString found in binary or memory: var src = "https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FRedHelper%2F162535687158055&width=90&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=1450561965156458"; equals www.facebook.com (Facebook)
Source: 1uZWcKTCtkI[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=1uZWcKTCtkI"> equals www.youtube.com (Youtube)
Source: 9EDo6zQJJGM[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=9EDo6zQJJGM"> equals www.youtube.com (Youtube)
Source: CeX3uvPxRQY[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=CeX3uvPxRQY"> equals www.youtube.com (Youtube)
Source: XLgn4PBA6Uw[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=XLgn4PBA6Uw"> equals www.youtube.com (Youtube)
Source: kH8TIiFkqRw[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=kH8TIiFkqRw"> equals www.youtube.com (Youtube)
Source: m_ifDocouTo[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=m_ifDocouTo"> equals www.youtube.com (Youtube)
Source: yxnlhNp8_6Q[1].htm.3.drString found in binary or memory: <link rel="canonical" href="https://www.youtube.com/watch?v=yxnlhNp8_6Q"> equals www.youtube.com (Youtube)
Source: U332KZ1D.htm.3.drString found in binary or memory: src="https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light" equals www.youtube.com (Youtube)
Source: main[1].css.3.drString found in binary or memory: * Copyright 2012 Twitter, Inc equals www.twitter.com (Twitter)
Source: yxnlhNp8_6Q[1].htm.3.drString found in binary or memory: 2","gapi_hint_params":"m;\/_\/scs\/abc-static\/_\/js\/k=gapi.gapi.en.Qyhlf-E27OQ.O\/rt=j\/d=1\/rs=AHpOoo_77KcTN4WVhdQMqIfKBMTqlRW8yg\/m=__features__","enablejsapi":"1","innertube_api_key":"AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8","expanded_subtitle":"34K subscribers","loaderUrl":"http:\/\/xn--b1apdkbbqid.xn--p1ai\/video.html","iurlmq":"https:\/\/i.ytimg.com\/vi\/yxnlhNp8_6Q\/mqdefault.jpg","xhr_apiary_host":"youtubei.youtube.com","innertube_api_version":"v1","expanded_title":"VseInstrumentiRu","channel_path":"\/channel\/UCe5b_iDBYNiLcx0DlJmdrRQ","cbr":"IE","enablecastapi":"1","embed_config":"{}","iurlhq720":"https:\/\/i.ytimg.com\/vi\/yxnlhNp8_6Q\/hq720.jpg","avg_rating":4.8309859155,"short_view_count_text":"73K views","cver":"20190207","subscribed":false,"eventid":"J6phXJnRCpqQ1waquIuoCA","ucid":"UCe5b_iDBYNiLcx0DlJmdrRQ","view_count":73664,"vss_host":"s.youtube.com","iurlhq":"https:\/\/i.ytimg.com\/vi\/yxnlhNp8_6Q\/hqdefault.jpg","rel":"1","cbrver":"11.0","innertube_context_client_version":"20190207","apiar
Source: kH8TIiFkqRw[1].htm.3.drString found in binary or memory: VALTEC","cver":"20190207","ucid":"UCjCyVxOlVFgFGgdzMAu0oCA","enablejsapi":"1","iurlmaxres":"https:\/\/i.ytimg.com\/vi\/kH8TIiFkqRw\/maxresdefault.jpg","length_seconds":98,"cbr":"IE","vss_host":"s.youtube.com","cr":"CH","adformat":null,"fexp":"23710476,23722138,23726563,23736684,23744176,23751767,23752869,23755886,23755898,23758087,23759539,23760558,23761607,23762649,23769988,23777631,23778527,23783191,23783369,23783454,23784508,23784902,23786282,23786921,23787228,23788655,23788655,23789247,23790140,23790497,23790939,23791120,23793803,23793960,9449243","is_html5_mobile_device":false,"origin":"*","subtitle":"183K views equals www.youtube.com (Youtube)
Source: 9EDo6zQJJGM[1].htm.3.drString found in binary or memory: www.youtube.com</a>.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: (g.vn(b,"www.youtube.com"),c=b.toString()):c=WJ(c);b=new g.$J(c);b.set("cmo=pf","1");d&&b.set("cmo=td","a1.googlevideo.com");return b}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: (g.wn(b,"www.youtube.com"),c=b.toString()):c=WJ(c);b=new g.$J(c);b.set("cmo=pf","1");d&&b.set("cmo=td","a1.googlevideo.com");return b}; equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: )https://www.youtube.com/embed/1uZWcKTCtkI equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: )https://www.youtube.com/embed/CeX3uvPxRQY equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: )https://www.youtube.com/embed/XLgn4PBA6Uw equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: )https://www.youtube.com/embed/kH8TIiFkqRw equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: )https://www.youtube.com/embed/m_ifDocouTo equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: )https://www.youtube.com/embed/yxnlhNp8_6Q equals www.youtube.com (Youtube)
Source: fbevents[1].js.3.drString found in binary or memory: * As with any software that integrates with the Facebook platform, your use of equals www.facebook.com (Facebook)
Source: fbevents[1].js.3.drString found in binary or memory: * Copyright (c) 2017-present, Facebook, Inc. All rights reserved. equals www.facebook.com (Facebook)
Source: fbevents[1].js.3.drString found in binary or memory: * [http://developers.facebook.com/policy/]. This copyright notice shall be equals www.facebook.com (Facebook)
Source: fbevents[1].js.3.drString found in binary or memory: * in connection with the web services and APIs provided by Facebook. equals www.facebook.com (Facebook)
Source: fbevents[1].js.3.drString found in binary or memory: * this software is subject to the Facebook Platform Policy equals www.facebook.com (Facebook)
Source: 9EDo6zQJJGM[1].htm.3.drString found in binary or memory: .</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=9EDo6zQJJGM" target="_blank"> equals www.youtube.com (Youtube)
Source: www-embed-player[1].js.3.drString found in binary or memory: ;function Ci(a){if("1"!==cb(me(),"args","privembed")){a&&ne();try{Bi().then(function(a){a=qe(a);a.bsq=Di++;Re("//www.youtube.com/ad_data_204",{va:!1,B:a,withCredentials:!0})},function(){}),T(Ci,18E5)}catch(b){R(b)}}} equals www.youtube.com (Youtube)
Source: U332KZ1D.htm.3.drString found in binary or memory: <!-- End Facebook Pixel Code --> equals www.facebook.com (Facebook)
Source: U332KZ1D.htm.3.drString found in binary or memory: <!-- Facebook Pixel Code --> equals www.facebook.com (Facebook)
Source: msapplication.xml0.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xb5e301a6,0x01d4c276</date><accdate>0xb5e301a6,0x01d4c276</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml0.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.facebook.com/"/><date>0xb5e301a6,0x01d4c276</date><accdate>0xb5e4016c,0x01d4c276</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Facebook.url"/></tile></msapplication></browserconfig> equals www.facebook.com (Facebook)
Source: msapplication.xml5.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xb6061477,0x01d4c276</date><accdate>0xb6061477,0x01d4c276</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml5.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.twitter.com/"/><date>0xb6061477,0x01d4c276</date><accdate>0xb60882ef,0x01d4c276</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Twitter.url"/></tile></msapplication></browserconfig> equals www.twitter.com (Twitter)
Source: msapplication.xml7.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xb625c8f0,0x01d4c276</date><accdate>0xb625c8f0,0x01d4c276</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: msapplication.xml7.2.drString found in binary or memory: <browserconfig><msapplication><config><site src="http://www.youtube.com/"/><date>0xb625c8f0,0x01d4c276</date><accdate>0xb6299594,0x01d4c276</accdate></config><tile><wide310x150logo/><square310x310logo/><square70x70logo/><favorite src="C:\Users\user\Favorites\Youtube.url"/></tile></msapplication></browserconfig> equals www.youtube.com (Youtube)
Source: 1uZWcKTCtkI[1].htm.3.drString found in binary or memory: <noscript><div class="player-unavailable"><h1 class="message">An error occurred.</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=1uZWcKTCtkI" target="_blank">Try watching this video on www.youtube.com</a>, or enable JavaScript if it is disabled in your browser.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: CeX3uvPxRQY[1].htm.3.drString found in binary or memory: <noscript><div class="player-unavailable"><h1 class="message">An error occurred.</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=CeX3uvPxRQY" target="_blank">Try watching this video on www.youtube.com</a>, or enable JavaScript if it is disabled in your browser.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: XLgn4PBA6Uw[1].htm.3.drString found in binary or memory: <noscript><div class="player-unavailable"><h1 class="message">An error occurred.</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=XLgn4PBA6Uw" target="_blank">Try watching this video on www.youtube.com</a>, or enable JavaScript if it is disabled in your browser.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: kH8TIiFkqRw[1].htm.3.drString found in binary or memory: <noscript><div class="player-unavailable"><h1 class="message">An error occurred.</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=kH8TIiFkqRw" target="_blank">Try watching this video on www.youtube.com</a>, or enable JavaScript if it is disabled in your browser.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: m_ifDocouTo[1].htm.3.drString found in binary or memory: <noscript><div class="player-unavailable"><h1 class="message">An error occurred.</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=m_ifDocouTo" target="_blank">Try watching this video on www.youtube.com</a>, or enable JavaScript if it is disabled in your browser.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: yxnlhNp8_6Q[1].htm.3.drString found in binary or memory: <noscript><div class="player-unavailable"><h1 class="message">An error occurred.</h1><div class="submessage"><a href="http://www.youtube.com/watch?v=yxnlhNp8_6Q" target="_blank">Try watching this video on www.youtube.com</a>, or enable JavaScript if it is disabled in your browser.</div></div></noscript></body></html> equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: Az=function(a){var b=a.va().fa;if(zz(a)&&null!=b){var c=a.Wa.Hj;b=g.F(b.channelId);c=g.D(b)?null:(null!=c?c:"//www.youtube.com/")+"channel/"+(g.tb(b,"UC")&&24==b.length?b:"UC"+b);null!==c&&(a.Ma.pause(),uo(c))}}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: Az=function(a){var b=a.va().fa;if(zz(a)&&null!=b){var c=a.Wa.Hj;b=g.F(b.channelId);c=g.D(b)?null:(null!=c?c:"//www.youtube.com/")+"channel/"+(g.vb(b,"UC")&&24==b.length?b:"UC"+b);null!==c&&(a.Ma.pause(),vo(c))}}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: BI=function(a,b,c){this.o=a;this.uri=b||"http://youtube.com/streaming/metadata/segment/102015";this.C=void 0===c?null:c;this.A=AI(this,"Sequence-Number");this.J=AI(this,"Segment-Count");this.K=this.o["Segment-Durations-Ms"]||"";this.ingestionTime=AI(this,"Ingestion-Walltime-Us")/1E6;this.B=(AI(this,"First-Frame-Time-Us")+AI(this,"First-Frame-Uncertainty-Us"))/1E6;this.H=AI(this,"Target-Duration-Us")/1E6;this.G="T"==this.o["Overlayed-With-Slate"];this.F="T"==this.o["Stream-Finished"];this.D="T"==this.o.Streamable}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: Eu=function(a,b){var c={action:"condor-brand-precap",event:b,ei:"[EID]",cpn:"[CPN]",content_v:"[CONTENT_V]",ad_cpn:"[AD_CPN]",ad_v:"[AD_V]",ad_id:"[AD_ID]",ad_len:"[AD_LEN]"};c=null!=c?c:{};var d=new g.tn("//www.youtube.com/gen_204");g.un(d,"https");c=Gn(c);yn(d,c);d=d.toString();d=g.Rn(d,a.wa.Qa);vo(d)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: Eu=function(a,b){var c={action:"condor-brand-precap",event:b,ei:"[EID]",cpn:"[CPN]",content_v:"[CONTENT_V]",ad_cpn:"[AD_CPN]",ad_v:"[AD_V]",ad_id:"[AD_ID]",ad_len:"[AD_LEN]"};c=null!=c?c:{};var d=new g.un("//www.youtube.com/gen_204");g.vn(d,"https");c=Hn(c);zn(d,c);d=d.toString();d=g.Sn(d,a.wa.Qa);wo(d)}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: HN.prototype.getVideoUrl=function(a,b,c,d,e){b={list:b};c&&(e?b.time_continue=c:b.t=c);c=KN(this);d&&"www.youtube.com"==c?d="https://youtu.be/"+a:g.FN(this)?(d="https://"+c+"/fire",b.v=a):(d=this.protocol+"://"+c+"/watch",b.v=a,TF&&(a=hF())&&(b.ebc=a));return g.lh(d,b)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: HN.prototype.getVideoUrl=function(a,b,c,d,e){b={list:b};c&&(e?b.time_continue=c:b.t=c);c=KN(this);d&&"www.youtube.com"==c?d="https://youtu.be/"+a:g.FN(this)?(d="https://"+c+"/fire",b.v=a):(d=this.protocol+"://"+c+"/watch",b.v=a,TF&&(a=hF())&&(b.ebc=a));return g.mh(d,b)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: JN=function(a){a=BN(a.D);return"www.youtube-nocookie.com"==a?"www.youtube.com":a}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: KN=function(a){return"gaming"==a.playerStyle?"gaming.youtube.com":JN(a)}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: Pha=function(a){var b=a.va().N;if(null!=b){b=b.videoId;var c=a.Wa.Hj;if(g.D(g.F(b)))b=null;else{c=new g.tn((null!=c?c:"//www.youtube.com/")+"watch");var d=c.o;d.set("v",b);yn(c,d);c.J="action=share";b=c.toString()}null!=b&&(uo(b),a.UF())}}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: RJ=function(a){var b=void 0===b?!1:b;return NJ(Hka.test(a),a,b,"Google/YouTube Brand Lift URL")}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: RJ=function(a){var b=void 0===b?!1:b;return NJ(Jka.test(a),a,b,"Google/YouTube Brand Lift URL")}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: Rha=function(a){var b=a.va().N;if(null!=b){b=b.videoId;var c=a.Wa.Hj;if(g.D(g.F(b)))b=null;else{c=new g.un((null!=c?c:"//www.youtube.com/")+"watch");var d=c.o;d.set("v",b);zn(c,d);c.J="action=share";b=c.toString()}null!=b&&(vo(b),a.LF())}}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: Rla=function(a,b,c){for(var d in b)for(var e=g.q(b[d]),f=e.next();!f.done;f=e.next()){f=f.value;if(!f.Yc)return;for(var k in f.Yc){if(!pO[k])return;for(var l=g.q(pO[k]),m=l.next();!m.done;m=l.next())m=m.value,a.A[m]=a.A[m]||new XN(k,m,f.Yc[k],a.D),a.C[k]=a.C[k]||{},a.C[k][f.mimeType]=!0}}MF()?(a.o=["com.youtube.fairplay"],a.A["com.youtube.fairplay"]=new XN("fairplay","com.youtube.fairplay","",a.D),a.C.fairplay={'audio/mp4; codecs="avc1.4d4015"':!0,'video/mp4; codecs="mp4a.40.2"':!0}):a.o=(c?g.bb(pO.widevine, equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: Tla=function(a,b,c){for(var d in b)for(var e=g.q(b[d]),f=e.next();!f.done;f=e.next()){f=f.value;if(!f.Yc)return;for(var k in f.Yc){if(!pO[k])return;for(var l=g.q(pO[k]),m=l.next();!m.done;m=l.next())m=m.value,a.A[m]=a.A[m]||new XN(k,m,f.Yc[k],a.D),a.C[k]=a.C[k]||{},a.C[k][f.mimeType]=!0}}MF()?(a.o=["com.youtube.fairplay"],a.A["com.youtube.fairplay"]=new XN("fairplay","com.youtube.fairplay","",a.D),a.C.fairplay={'audio/mp4; codecs="avc1.4d4015"':!0,'video/mp4; codecs="mp4a.40.2"':!0}):a.o=(c?g.cb(pO.widevine, equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: WN=function(a){var b=KN(a);!a.na("yt_embeds_disable_new_error_lozenge_url")&&Jla.includes(b)&&(b="www.youtube.com");return a.protocol+"://"+b}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: WN=function(a){var b=KN(a);!a.na("yt_embeds_disable_new_error_lozenge_url")&&Lla.includes(b)&&(b="www.youtube.com");return a.protocol+"://"+b}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: Wr=function(a,b){if(b.A){1012==b.Gb()&&(b=Co(Sr));var c=Cr(b,a),d=a.ka;P()&&303==b.Gb()&&(d=(0,g.ne)(d,function(a){return-1==a.indexOf(".youtube.com/api/stats/ads")})); equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: Xr=function(a,b){if(b.A){1012==b.Gb()&&(b=Do(Tr));var c=Dr(b,a),d=a.ka;P()&&303==b.Gb()&&(d=(0,g.oe)(d,function(a){return-1==a.indexOf(".youtube.com/api/stats/ads")})); equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: ZQ.prototype.za=function(){if(this.o.videoData.fg){var a=this.o.videoData.fg;cR(this,"drm-"+a.flavor);cR(this,"eme-"+(a.A?"final":ZN(a)?"ms":"com.youtube.fairplay"==a.o?"ytfp":bO(a)?"safarifp":"nonfinal"))}}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: Zla=function(a,b,c,d,e){if(!(TF||QF()||MF()))return fG();var f=Yla(c),k=rO(c);if(!k)return fG();c={};var l=(c.fairplay="https://youtube.com/api/drm/fps?ek=uninitialized",c),m;c=[];var n=[],p=[],t=a.experiments.A("html5_hls_min_video_height"),x=0;a.experiments.o("html5_hls_pair_all_audio")?x=1:a.experiments.o("html5_hls_pair_distinct_audio")&&(x=2);var y;for(y in k)if(!a.experiments.o("html5_disable_drm_hfr_1080")||"383"!=y&&"373"!=y){var E=g.q(k[y]);for(m=E.next();!m.done;m=E.next()){var G=m.value; equals www.youtube.com (Youtube)
Source: 9EDo6zQJJGM[1].htm.3.drString found in binary or memory: \"}]}}},\"channelThumbnailEndpoint\":{\"channelThumbnailEndpoint\":{\"urlEndpoint\":{\"urlEndpoint\":{\"url\":\"\/channel\/UCHmBhaIc9mmSjeAwf9K51Fw\"}}}}}}}}}","loaderUrl":"https:\/\/redhelper.ru\/?copy","vss_host":"s.youtube.com","origin":"*","gapi_hint_params":"m;\/_\/scs\/abc-static\/_\/js\/k=gapi.gapi.en.Qyhlf-E27OQ.O\/rt=j\/d=1\/rs=AHpOoo_77KcTN4WVhdQMqIfKBMTqlRW8yg\/m=__features__","iurlsd":"https:\/\/i.ytimg.com\/vi\/9EDo6zQJJGM\/sddefault.jpg","title":"RedHelper - equals www.youtube.com (Youtube)
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: ]https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: a.B=new zW(a.C,{I:"div",ca:["ytp-popup","ytp-generic-popup"],U:{role:"alert",tabindex:"0"},P:[b[0],{I:"a",U:{href:"https://support.google.com/youtube/answer/6276924",target:g.Y(a.C).G},ba:b[2]},b[4]]},100,!0);a.B.hide();g.K(a,a.B);a.B.subscribe("show",(0,g.A)(a.G.Wo,a.G,a.B));g.fV(a.C,a.B.element,4);a.element.setAttribute("aria-disabled",!0);a.element.setAttribute("aria-haspopup",!0);a.D();a.D=null}}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: a.byteLength/2)).replace("skd://","https://")):(a=this.A.C,this.B.experiments.o("enable_shadow_yttv_channels")&&(a=new g.tn(a),document.location.origin&&document.location.origin.includes("green")?g.vn(a,"web-green-qa.youtube.com"):g.vn(a,"www.youtube.com"),a=a.toString()));e=a=this.L=a;var k=void 0===k?!1:k;NJ(qqa.test(e),e,k,"Drm Licensor URL")||lT(this,"drm.net",!0,"t.x");for(var l in this.H)a=qh(a,l,this.H[l]);this.ea=a;this.Z=b.experiments.o("html5_use_drm_retry");this.T=0;this.J=this.R=!1;(0,g.RP)("drm_gk_s"); equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: a.byteLength/2)).replace("skd://","https://")):(a=this.A.C,this.B.experiments.o("enable_shadow_yttv_channels")&&(a=new g.un(a),document.location.origin&&document.location.origin.includes("green")?g.wn(a,"web-green-qa.youtube.com"):g.wn(a,"www.youtube.com"),a=a.toString()));e=a=this.L=a;var k=void 0===k?!1:k;NJ(sqa.test(e),e,k,"Drm Licensor URL")||lT(this,"drm.net",!0,"t.x");for(var l in this.H)a=rh(a,l,this.H[l]);this.ea=a;this.Z=b.experiments.o("html5_use_drm_retry");this.T=0;this.J=this.R=!1;(0,g.RP)("drm_gk_s"); equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: ama=function(a,b,c,d,e){if(!(TF||QF()||MF()))return fG();var f=$la(c),k=rO(c);if(!k)return fG();c={};var l=(c.fairplay="https://youtube.com/api/drm/fps?ek=uninitialized",c),m;c=[];var n=[],p=[],t=a.experiments.A("html5_hls_min_video_height"),x=0;a.experiments.o("html5_hls_pair_all_audio")?x=1:a.experiments.o("html5_hls_pair_distinct_audio")&&(x=2);var y;for(y in k)if(!a.experiments.o("html5_disable_drm_hfr_1080")||"383"!=y&&"373"!=y){var E=g.q(k[y]);for(m=E.next();!m.done;m=E.next()){var G=m.value; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: d=new zW(a,{I:"span",ca:["ytp-popup","ytp-generic-popup"],U:{tabindex:"0"},P:[d[0],{I:"a",U:{href:"https://support.google.com/youtube/?p=noaudio",target:c.G},ba:d[2]},d[4]]},100,!0),g.K(this,d),d.hide(),d.subscribe("show",(0,g.A)(b.Wo,b,d)),g.fV(a,d.element,4));this.da=d;iV(a,this.element,this,28662);this.Qc(g.SU(a).getPlayerSize());qta(this,a.getVolume(),a.isMuted())}; equals www.youtube.com (Youtube)
Source: U332KZ1D.htm.3.drString found in binary or memory: document,'script','//connect.facebook.net/en_US/fbevents.js'); equals www.facebook.com (Facebook)
Source: base[1].js0.3.drString found in binary or memory: d||a.jc)"HTML5_NO_AVAILABLE_FORMATS_FALLBACK"!=d||a.jc?"HTML5_FLASH_DEPRECATED"==d?b.Mb(mW(b,"HTML5_FLASH_DEPRECATED","//support.google.com/googleplay/answer/2844198#movies",!1,!0,"Video unavailable")):(b.Mb(gta(c.message)),b.F&&c.subreason&&b.Mb(gta(c.subreason),"subreason")):b.Mb(mW(b,"HTML5_NO_AVAILABLE_FORMATS_FALLBACK_WITH_LINK","//www.youtube.com/html5"));else if(c=g.Y(b.B).Eg,d="//support.google.com/youtube/?p=player_error1",c&&(d=g.mh(d,{hl:c})),b.Mb(mW(b,"GENERIC_WITH_LINK_AND_CPN",d,!0)), equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: d||a.jc)"HTML5_NO_AVAILABLE_FORMATS_FALLBACK"!=d||a.jc?"HTML5_FLASH_DEPRECATED"==d?b.Mb(mW(b,"HTML5_FLASH_DEPRECATED","//support.google.com/googleplay/answer/2844198#movies",!1,!0,"\u041e\u0448\u0438\u0431\u043a\u0430")):(b.Mb(eta(c.message)),b.F&&c.subreason&&b.Mb(eta(c.subreason),"subreason")):b.Mb(mW(b,"HTML5_NO_AVAILABLE_FORMATS_FALLBACK_WITH_LINK","//www.youtube.com/html5"));else if(c=g.Y(b.B).Eg,d="//support.google.com/youtube/?p=player_error1",c&&(d=g.lh(d,{hl:c})),b.Mb(mW(b,"GENERIC_WITH_LINK_AND_CPN", equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: eo.prototype.B=function(){return""};fo.prototype.getId=function(){return this.Ka};go.prototype.getId=function(){return this.Ka};var rea=["ActiveViewExternalLayer"],jo=null;var kfa=["*.googlesyndication.com","gcdn.2mdn.net"],tea=["*.youtu.be","*.youtube.com"],wea="ad.doubleclick.net bid.g.doubleclick.net corp.google.com ggpht.com google.co.uk google.com googleads.g.doubleclick.net googleads4.g.doubleclick.net googleadservices.com googlesyndication.com googleusercontent.com gstatic.com gvt1.com prod.google.com pubads.g.doubleclick.net s0.2mdn.net static.doubleclick.net static.doubleclick.net surveys.g.doubleclick.net youtube.com ytimg.com".split(" "),vea=["c.googlesyndication.com"], equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: fo.prototype.B=function(){return""};go.prototype.getId=function(){return this.Ka};ho.prototype.getId=function(){return this.Ka};var rea=["ActiveViewExternalLayer"],ko=null;var kfa=["*.googlesyndication.com","gcdn.2mdn.net"],tea=["*.youtu.be","*.youtube.com"],wea="ad.doubleclick.net bid.g.doubleclick.net corp.google.com ggpht.com google.co.uk google.com googleads.g.doubleclick.net googleads4.g.doubleclick.net googleadservices.com googlesyndication.com googleusercontent.com gstatic.com gvt1.com prod.google.com pubads.g.doubleclick.net s0.2mdn.net static.doubleclick.net static.doubleclick.net surveys.g.doubleclick.net youtube.com ytimg.com".split(" "),vea=["c.googlesyndication.com"], equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.SP=function(a){return MF()&&a.uh?(a={},a.fairplay="https://youtube.com/api/drm/fps?ek=uninitialized",a):a.Ca&&a.Ca.Yc||null}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.Ap=function(a){if(1==a.info.type)this.o||(a.o&&"http://youtube.com/streaming/otf/durations/112015"==a.o.uri&&dla(this,a.o),this.o=CJ(a));else if(g.EJ(this.info)&&2==a.info.type&&!this.index.Qb()){var b=g.II(BJ(a),0,1936286840);if(b){a=[];var c=QI(b);b=c.Ww.length;var d=c.Hx,e=c.Ww,f=c.On;c=this.indexRange.end+c.YA+1;for(var k=0,l=0;l<b;l++){var m=f[l]/d,n=e[l];a.push(new mI(l,k,m,NaN,"range/"+c+"-"+(c+n-1)));k+=m;c+=n}this.index.append(a)}}}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.Bp=function(a){if(1==a.info.type)this.o||(a.o&&"http://youtube.com/streaming/otf/durations/112015"==a.o.uri&&ala(this,a.o),this.o=CJ(a));else if(g.EJ(this.info)&&2==a.info.type&&!this.index.Qb()){var b=g.II(BJ(a),0,1936286840);if(b){a=[];var c=QI(b);b=c.jx.length;var d=c.Rx,e=c.jx,f=c.Qn;c=this.indexRange.end+c.hB+1;for(var k=0,l=0;l<b;l++){var m=f[l]/d,n=e[l];a.push(new mI(l,k,m,NaN,"range/"+c+"-"+(c+n-1)));k+=m;c+=n}this.index.append(a)}}}; equals www.youtube.com (Youtube)
Source: remote[1].js.3.drString found in binary or memory: g.h.Ex=g.z;g.h.W=function(){this.info("disposeInternal");g.TE(this.C);this.C=0;this.o&&(this.o.removeUpdateListener(this.F),this.o.removeMessageListener("urn:x-cast:com.google.youtube.mdx",this.D));this.o=null;u7.ga.W.call(this)}; equals www.youtube.com (Youtube)
Source: remote[2].js.3.drString found in binary or memory: g.h.OU=function(a,b){if(!this.la())if(b){var c=g.Yx(b);if(g.Ia(c)){var d=""+c.type;c=c.data||{};this.info("onYoutubeMessage_: "+d+" "+g.Vg(c));switch(d){case "mdxSessionStatus":rFa(this,c.screenId);break;default:t7(this,"Unknown youtube message: "+d)}}else t7(this,"Unable to parse message.")}else t7(this,"No data in message.")}; equals www.youtube.com (Youtube)
Source: remote[1].js.3.drString found in binary or memory: g.h.PU=function(a,b){if(!this.la())if(b){var c=g.Yx(b);if(g.Ia(c)){var d=""+c.type;c=c.data||{};this.info("onYoutubeMessage_: "+d+" "+g.Ug(c));switch(d){case "mdxSessionStatus":oFa(this,c.screenId);break;default:t7(this,"Unknown youtube message: "+d)}}else t7(this,"Unable to parse message.")}else t7(this,"No data in message.")}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.RP=function(){var a=this;g.jV(this.B,this.element);var b=g.Y(this.B),c=this.B.getVideoData().videoId;b.Wc?Mwa(this,c):this.B.app.za?esa(function(){Nwa(a,c)},function(){Owa(a,"Video cannot be added to Watch Later as the browser has blocked access to YouTube cookies.")}):Nwa(this,c)}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.SP=function(){var a=this;g.jV(this.B,this.element);var b=g.Y(this.B),c=this.B.getVideoData().videoId;b.Wc?Kwa(this,c):this.B.app.za?csa(function(){Lwa(a,c)},function(){Mwa(a,"Video cannot be added to Watch Later as the browser has blocked access to YouTube cookies.")}):Lwa(this,c)}; equals www.youtube.com (Youtube)
Source: remote[1].js.3.drString found in binary or memory: g.h.W=function(){this.Ex("");s7.ga.W.call(this)};g.B(u7,s7);g.h=u7.prototype;g.h.Dx=function(a){if(this.o){if(this.o==a)return;t7(this,"Overriding cast sesison with new session object");this.o.removeUpdateListener(this.F);this.o.removeMessageListener("urn:x-cast:com.google.youtube.mdx",this.D)}this.o=a;this.o.addUpdateListener(this.F);this.o.addMessageListener("urn:x-cast:com.google.youtube.mdx",this.D);pFa(this)}; equals www.youtube.com (Youtube)
Source: remote[2].js.3.drString found in binary or memory: g.h.W=function(){this.tx("");s7.ga.W.call(this)};g.B(u7,s7);g.h=u7.prototype;g.h.rx=function(a){if(this.o){if(this.o==a)return;t7(this,"Overriding cast sesison with new session object");this.o.removeUpdateListener(this.F);this.o.removeMessageListener("urn:x-cast:com.google.youtube.mdx",this.D)}this.o=a;this.o.addUpdateListener(this.F);this.o.addMessageListener("urn:x-cast:com.google.youtube.mdx",this.D);sFa(this)}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.ZO=function(a){var b=this.api.getRootNode();a?b.parentElement?(b.setAttribute("aria-label","\u041f\u0440\u043e\u0438\u0433\u0440\u044b\u0432\u0430\u0442\u0435\u043b\u044c YouTube \u0432 \u043f\u043e\u043b\u043d\u043e\u044d\u043a\u0440\u0430\u043d\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435"),g.Y(this.api).ha||(b.parentElement.insertBefore(this.fa.element,b),b.parentElement.insertBefore(this.da.element,b.nextSibling))):g.KE(Error("Player not in DOM.")):(b.setAttribute("aria-label","\u041f\u0440\u043e\u0438\u0433\u0440\u044b\u0432\u0430\u0442\u0435\u043b\u044c YouTube"), equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.clone=function(){var a=new g.An;a.A=this.A;this.o&&(a.o=this.o.clone(),a.Oa=this.Oa);return a};var yo={DI:5E3,EI:15E3,mz:"://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/sul www.google.com/pagead/xsul www.youtube.com/pagead/sul www.youtube.com/pagead/psul www.youtube.com/pagead/slav".split(" "),jJ:/\bocr\b/,Qt:0,eh:{},GV:function(a,b,c){a&&(yo.VM(a)?yo.WF(a,b):yo.TF(a,b,c))}, equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.clone=function(){var a=new g.Bn;a.A=this.A;this.o&&(a.o=this.o.clone(),a.Oa=this.Oa);return a};var zo={xI:5E3,yI:15E3,Yy:"://secure-...imrworldwide.com/ ://cdn.imrworldwide.com/ ://aksecure.imrworldwide.com/ ://[^.]*.moatads.com ://youtube[0-9]+.moatpixel.com ://pm.adsafeprotected.com/youtube ://pm.test-adsafeprotected.com/youtube ://e[0-9]+.yt.srs.doubleverify.com www.google.com/pagead/sul www.google.com/pagead/xsul www.youtube.com/pagead/sul www.youtube.com/pagead/psul www.youtube.com/pagead/slav".split(" "),eJ:/\bocr\b/,Gt:0,eh:{},FV:function(a,b,c){a&&(zo.UM(a)?zo.NF(a,b):zo.KF(a,b,c))}, equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.createSession=function(a){var b=a.initData;if(this.o.A){var c=this.D.createSession();"com.youtube.fairplay"==this.o.o&&(b=oqa(this,b));b=c.generateRequest(a.contentType,b);c=new iT(null,null,null,c,null);b.then(null,LE((0,g.A)(c.jE,c,"t.generateRequest")));return c}if(ZN(this.o)){c=new Uint8Array(270);for(a=0;135>a;a++)c[2*a]='<PlayReadyCDMData type="LicenseAcquisition"><LicenseAcquisition version="1.0" Proactive="true"></LicenseAcquisition></PlayReadyCDMData>'.charCodeAt(a);b=this.B.createSession("video/mp4", equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.createSession=function(a){var b=a.initData;if(this.o.A){var c=this.D.createSession();"com.youtube.fairplay"==this.o.o&&(b=qqa(this,b));b=c.generateRequest(a.contentType,b);c=new iT(null,null,null,c,null);b.then(null,LE((0,g.A)(c.aE,c,"t.generateRequest")));return c}if(ZN(this.o)){c=new Uint8Array(270);for(a=0;135>a;a++)c[2*a]='<PlayReadyCDMData type="LicenseAcquisition"><LicenseAcquisition version="1.0" Proactive="true"></LicenseAcquisition></PlayReadyCDMData>'.charCodeAt(a);b=this.B.createSession("video/mp4", equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.getAvailablePlaybackRates=function(){var a=this.app.o;a.za?(a=a.xc[0],a="https://admin.youtube.com"==a||"https://viacon.corp.google.com"==a?mza:lza):a=[1];return a}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.getAvailablePlaybackRates=function(){var a=this.app.o;a.za?(a=a.xc[0],a="https://admin.youtube.com"==a||"https://viacon.corp.google.com"==a?pza:oza):a=[1];return a}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.jK=function(a){var b=mo(),c=this.va();if((g.Wa(Dt(c))||!Dt(c)[0].C)&&!b.o("website_actions_holdback")&&P()&&mu(c)){var d=pga(c,a);if(d)if(Jt(c,[d]),M.A)this.K&&c.H&&this.oa("youtubeKevlarCompanionShow");else try{this.Rd(c)}catch(n){qz(this,g1,n)}}if(d=this.Ua){d=this.va();var e=d.N;d=P()&&g.Wa(Dt(d))&&null!=d.fa&&null!=e&&e.Ae}M.A&&(d=d&&!c.H);if(d){this.bb().X(window,"message",this.iL);d=this.va();e=d.fa.channelId;var f=Lr(d),k=this.Wa.contentId,l=this.Wa.Hj;l=new g.un((null!=l?l:"//www.youtube.com/")+ equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.jL=function(a){if(this.la())return this;this.R=a.status;a=a.responseText;a=(new DOMParser).parseFromString(a,"text/xml").getElementsByTagName("MPD")[0];this.G=1E3*ZK(XK(a,"minimumUpdatePeriod"))||Infinity;if(!this.N){var b;a:{if(a.attributes)for(b=0;b<a.attributes.length;b++)if("http://youtube.com/yt/2012/10/10"==a.attributes[b].value){b=a.attributes[b].name.split(":")[1];break a}b=""}this.Z=b}this.isLive=Infinity>this.G&&this.ha;this.T=parseInt(XK(a,uL(this,"earliestMediaSequence")),10)||0;if(b= equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.kK=function(a){var b=lo(),c=this.va();if((g.Va(Dt(c))||!Dt(c)[0].C)&&!b.o("website_actions_holdback")&&P()&&mu(c)){var d=nga(c,a);if(d)if(Jt(c,[d]),M.A)this.K&&c.H&&this.oa("youtubeKevlarCompanionShow");else try{this.Rd(c)}catch(n){qz(this,g1,n)}}if(d=this.Ua){d=this.va();var e=d.N;d=P()&&g.Va(Dt(d))&&null!=d.fa&&null!=e&&e.Ae}M.A&&(d=d&&!c.H);if(d){this.bb().X(window,"message",this.jL);d=this.va();e=d.fa.channelId;var f=Kr(d),k=this.Wa.contentId,l=this.Wa.Hj;l=new g.tn((null!=l?l:"//www.youtube.com/")+ equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.kL=function(a){if(this.la())return this;this.R=a.status;a=a.responseText;a=(new DOMParser).parseFromString(a,"text/xml").getElementsByTagName("MPD")[0];this.G=1E3*ZK(XK(a,"minimumUpdatePeriod"))||Infinity;if(!this.N){var b;a:{if(a.attributes)for(b=0;b<a.attributes.length;b++)if("http://youtube.com/yt/2012/10/10"==a.attributes[b].value){b=a.attributes[b].name.split(":")[1];break a}b=""}this.Z=b}this.isLive=Infinity>this.G&&this.ha;this.T=parseInt(XK(a,uL(this,"earliestMediaSequence")),10)||0;if(b= equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.kN=function(a){a=a||PP(this);if(this.ua&&!a){if(IP(this)&&(a=this.ua,!a.o["0"])){var b=new EK("0","fakesb",void 0,new AK(0,0,0,void 0,void 0,"auto"),null,null,1);a.o["0"]=this.Ea?new NK(new g.$J("http://www.youtube.com/videoplayback"),b,"fake"):new g.fL(new g.$J("http://www.youtube.com/videoplayback"),b,new g.mJ(0,0),new g.mJ(0,0),0,NaN)}return nO(JP(this),this.jb.H,this.ua,this.fg).then(this.sr,void 0,this)}return fG()}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.kr=function(a){var b=this.o.o,c=this.o.videoData,d={ns:b.da,el:aQ(c),eurl:b.Aa,fmt:c.Ca?wJ(c.Ca):0,html5:1,list:c.playlistId,cpn:c.clientPlaybackNonce,ei:c.eventId,ps:b.playerStyle,noflv:1,st:this.o.A(),video_id:c.videoId,metric:a};dQ(c)&&(d.autoplay="1");"heartbeat"==a&&(d.tpmt=sna(this.B));g.Ma(d,b.A);lR(this,g.mh(b.experiments.o("cardio_base_url_killswitch")?(b.B?b.protocol+"://www.youtube.com/":b.D)+"live_204":b.D+"live_204",d))}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.lN=function(a){a=a||PP(this);if(this.ua&&!a){if(IP(this)&&(a=this.ua,!a.o["0"])){var b=new EK("0","fakesb",void 0,new AK(0,0,0,void 0,void 0,"auto"),null,null,1);a.o["0"]=this.Ea?new NK(new g.$J("http://www.youtube.com/videoplayback"),b,"fake"):new g.fL(new g.$J("http://www.youtube.com/videoplayback"),b,new g.mJ(0,0),new g.mJ(0,0),0,NaN)}return nO(JP(this),this.jb.H,this.ua,this.fg).then(this.tr,void 0,this)}return fG()}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.load=function(a){if(this.rb=this.o.rb){var b=this.o.o;this.F=b.applyFadeOnMidrolls?new AZ(this.o):new zZ;var c=qua(this.o);c.A=Ova(this,a);if(c.A){c.Fp=this.o.F.H;c.gc.TSLA=rua(this);c.gc.GET_MIDROLL_POSITION_IN_SEC=(0,g.A)(this.F.Hr,this.F);c.gc.DESCRIPTION_URL="http://www.youtube.com/video/"+ZX(this.o).videoId;if(a=lva(b).get(3)){var d="";a&2&&a&1?d="video":a&2?d="skippablevideo":a&1&&(d="standardvideo");a&4&&(d&&(d+="_"),d+="text_image_flash");c.B=d;if(b=b.Da)c.J=b}this.rb.X("adsManagerLoaded", equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.load=function(a){if(this.rb=this.o.rb){var b=this.o.o;this.F=b.applyFadeOnMidrolls?new AZ(this.o):new zZ;var c=sua(this.o);c.A=Qva(this,a);if(c.A){c.Ep=this.o.F.H;c.gc.TSLA=tua(this);c.gc.GET_MIDROLL_POSITION_IN_SEC=(0,g.A)(this.F.Gr,this.F);c.gc.DESCRIPTION_URL="http://www.youtube.com/video/"+ZX(this.o).videoId;if(a=nva(b).get(3)){var d="";a&2&&a&1?d="video":a&2?d="skippablevideo":a&1&&(d="standardvideo");a&4&&(d&&(d+="_"),d+="text_image_flash");c.B=d;if(b=b.Da)c.J=b}this.rb.X("adsManagerLoaded", equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.mr=function(a){var b=this.o.o,c=this.o.videoData,d={ns:b.da,el:aQ(c),eurl:b.Aa,fmt:c.Ca?wJ(c.Ca):0,html5:1,list:c.playlistId,cpn:c.clientPlaybackNonce,ei:c.eventId,ps:b.playerStyle,noflv:1,st:this.o.A(),video_id:c.videoId,metric:a};dQ(c)&&(d.autoplay="1");"heartbeat"==a&&(d.tpmt=qna(this.B));g.Ma(d,b.A);lR(this,g.lh(b.experiments.o("cardio_base_url_killswitch")?(b.B?b.protocol+"://www.youtube.com/":b.D)+"live_204":b.D+"live_204",d))}; equals www.youtube.com (Youtube)
Source: remote[2].js.3.drString found in binary or memory: g.h.tx=g.z;g.h.W=function(){this.info("disposeInternal");g.TE(this.C);this.C=0;this.o&&(this.o.removeUpdateListener(this.F),this.o.removeMessageListener("urn:x-cast:com.google.youtube.mdx",this.D));this.o=null;u7.ga.W.call(this)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: g.h.yf=function(a,b){b=void 0===b?!1:b;if("missing-qualities"==a)return{I:"a",U:{href:"https://support.google.com/youtube/?p=missing_quality",target:g.Y(this.B).G},ba:"Missing options?"};if("inline-survey"==a)return"";var c=[Pta(this,a)],d=this.B.getPreferredQuality();b||"auto"!=d||"auto"!=a||(c.push(" "),c.push(Pta(this,this.F,["ytp-menu-label-secondary"])));return{I:"div",P:c}};g.r(mX,g.W);mX.prototype.Qc=function(a){g.pQ(this,this.F&&400<=a.width)}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: g.h.yf=function(a,b){b=void 0===b?!1:b;if("missing-qualities"==a)return{I:"a",U:{href:"https://support.google.com/youtube/?p=missing_quality",target:g.Y(this.B).G},ba:"\u0414\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043d\u0435 \u0432\u0441\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b?"};if("inline-survey"==a)return"";var c=[Nta(this,a)],d=this.B.getPreferredQuality();b||"auto"!=d||"auto"!=a||(c.push(" "),c.push(Nta(this,this.F,["ytp-menu-label-secondary"])));return{I:"div",P:c}};g.r(mX,g.W);mX.prototype.Qc=function(a){g.pQ(this,this.F&&400<=a.width)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: gN("US",a.cr);this.Eg=gN("en",a.host_language);this.oo=!this.aa&&Math.random()<this.experiments.A("web_player_api_logging_fraction");this.ka=!this.aa;this.Dg=new Set;this.deviceHasDisplay=dN(!0,a.deviceHasDisplay);this.cg=fN(this.cg,a.ismb);c=a;this.experiments.B("html5_qoe_intercept")?c=this.experiments.B("html5_qoe_intercept"):this.Aq?(c=c.vss_host||"s.youtube.com",this.na("www_for_videostats")&&"s.youtube.com"==c&&(c=BN(this.D)||"www.youtube.com")):c="video.google.com";this.Hl=c;this.ih(a);this.J= equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: gN("US",a.cr);this.Eg=gN("en",a.host_language);this.po=!this.aa&&Math.random()<this.experiments.A("web_player_api_logging_fraction");this.ka=!this.aa;this.Dg=new Set;this.deviceHasDisplay=dN(!0,a.deviceHasDisplay);this.cg=fN(this.cg,a.ismb);c=a;this.experiments.B("html5_qoe_intercept")?c=this.experiments.B("html5_qoe_intercept"):this.Bq?(c=c.vss_host||"s.youtube.com",this.na("www_for_videostats")&&"s.youtube.com"==c&&(c=BN(this.D)||"www.youtube.com")):c="video.google.com";this.Jl=c;this.ih(a);this.J= equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: kW=function(a){var b=g.Y(a),c=b.o;if(c){var d=new hW(a);b={I:"div",ca:["ytp-error","ytp-related-on-error"],U:{role:"alert"},P:[{I:"div",M:"ytp-error-content",P:[{I:"div",M:"ytp-error-icon-container",P:[Bsa()]},{I:"div",M:"ytp-error-content-wrap",P:[{I:"div",M:"ytp-error-content-wrap-reason",ba:"{{content}}"},{I:"div",M:"ytp-error-content-wrap-subreason",ba:"{{subreason}}"}]}]},{I:"div",M:"ytp-small-redirect",P:[{I:"a",M:"ytp-small-redirect-link",U:{href:WN(b),target:b.G,"aria-label":"\u0412\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u043d\u0430 YouTube \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u0438\u0434\u0435\u043e"}, equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: kW=function(a){var b=g.Y(a),c=b.o;if(c){var d=new hW(a);b={I:"div",ca:["ytp-error","ytp-related-on-error"],U:{role:"alert"},P:[{I:"div",M:"ytp-error-content",P:[{I:"div",M:"ytp-error-icon-container",P:[Esa()]},{I:"div",M:"ytp-error-content-wrap",P:[{I:"div",M:"ytp-error-content-wrap-reason",ba:"{{content}}"},{I:"div",M:"ytp-error-content-wrap-subreason",ba:"{{subreason}}"}]}]},{I:"div",M:"ytp-small-redirect",P:[{I:"a",M:"ytp-small-redirect-link",U:{href:WN(b),target:b.G,"aria-label":"Visit YouTube to search for more videos"}, equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: kwa=function(a,b){var c=g.Y(a.B),d=2==a.B.getPresentingPlayerType(),e=!d||b.Ae;e=!c.K&&!!b.videoId&&e;"play"!=c.playerStyle?c="https://support.google.com/youtube/?p=report_playback":(c={contact_type:"playbackissue",html5:1,ei:b.eventId,v:b.videoId,p:"movies_playback"},b.Ca&&(c.fmt=wJ(b.Ca)),b.clientPlaybackNonce&&(c.cpn=b.clientPlaybackNonce),b.ff&&(c.partnerid=b.ff),c=g.lh("//support.google.com/googleplay/",c));g.pQ(a.C,e&&b.allowEmbed);g.pQ(a.F,e);g.pQ(a.D,e&&!b.Ea);a.aa.Mb(c,"href");g.pQ(a.G,!b.Ea&& equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: lB.prototype.B=function(a,b){this.o[a]=b};g.B(oB,pp);var Aia=$c(g.Sc("https://www.youtube.com/iframe_api")),Qya=["video/mp4","video/webm"],Rya={el:"adunit",controls:0,html5:1,playsinline:1,ps:"gvn",showinfo:0},nB=[],mB=!1;g.h=oB.prototype;g.h.MF=function(a,b,c){var d=g.Qa(a,function(a){return null!==sr(a.Za())}); equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: lB.prototype.B=function(a,b){this.o[a]=b};g.B(oB,qp);var Cia=ad(g.Tc("https://www.youtube.com/iframe_api")),Tya=["video/mp4","video/webm"],Uya={el:"adunit",controls:0,html5:1,playsinline:1,ps:"gvn",showinfo:0},nB=[],mB=!1;g.h=oB.prototype;g.h.DF=function(a,b,c){var d=g.Ra(a,function(a){return null!==tr(a.Za())}); equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: lfa=function(a){if(g.D(g.F(a)))return null;var b=a.match(/^https?:\/\/[^\/]*youtu\.be\/([a-zA-Z0-9_-]+)$/);if(null!=b&&2==b.length)return b[1];b=a.match(/^https?:\/\/[^\/]*youtube.com\/video\/([a-zA-Z0-9_-]+)$/);if(null!=b&&2==b.length)return b[1];b=a.match(/^https?:\/\/[^\/]*youtube.com\/watch\/([a-zA-Z0-9_-]+)$/);if(null!=b&&2==b.length)return b[1];a=(new g.tn(a)).o;return In(a,"v")?a.get("v").toString():In(a,"video_id")?a.get("video_id").toString():null}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: lfa=function(a){if(g.D(g.F(a)))return null;var b=a.match(/^https?:\/\/[^\/]*youtu\.be\/([a-zA-Z0-9_-]+)$/);if(null!=b&&2==b.length)return b[1];b=a.match(/^https?:\/\/[^\/]*youtube.com\/video\/([a-zA-Z0-9_-]+)$/);if(null!=b&&2==b.length)return b[1];b=a.match(/^https?:\/\/[^\/]*youtube.com\/watch\/([a-zA-Z0-9_-]+)$/);if(null!=b&&2==b.length)return b[1];a=(new g.un(a)).o;return Jn(a,"v")?a.get("v").toString():Jn(a,"video_id")?a.get("video_id").toString():null}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: mta=function(a){if(!a.B){var b=(null!=rG(["requestFullscreen","webkitRequestFullscreen","mozRequestFullScreen","msRequestFullscreen"],document.body)?"Full screen is unavailable. $BEGIN_LINKLearn More$END_LINK":"Your browser doesn't support full screen. $BEGIN_LINKLearn More$END_LINK").split(/\$(BEGIN|END)_LINK/);a.B=new zW(a.C,{I:"div",ca:["ytp-popup","ytp-generic-popup"],U:{role:"alert",tabindex:"0"},P:[b[0],{I:"a",U:{href:"https://support.google.com/youtube/answer/6276924",target:g.Y(a.C).G},ba:b[2]}, equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: mwa=function(a,b){var c=g.Y(a.B),d=2==a.B.getPresentingPlayerType(),e=!d||b.Ae;e=!c.K&&!!b.videoId&&e;"play"!=c.playerStyle?c="https://support.google.com/youtube/?p=report_playback":(c={contact_type:"playbackissue",html5:1,ei:b.eventId,v:b.videoId,p:"movies_playback"},b.Ca&&(c.fmt=wJ(b.Ca)),b.clientPlaybackNonce&&(c.cpn=b.clientPlaybackNonce),b.ff&&(c.partnerid=b.ff),c=g.mh("//support.google.com/googleplay/",c));g.pQ(a.C,e&&b.allowEmbed);g.pQ(a.F,e);g.pQ(a.D,e&&!b.Ea);a.aa.Mb(c,"href");g.pQ(a.G,!b.Ea&& equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: null;p=null;if(n=YK(b,"ContentProtection"))if(g.LF())if((p=n.attributes.schemeIdUri)&&"http://youtube.com/drm/2012/10/10"==p.value)for(p={},n=n.firstChild;null!=n;n=n.nextSibling)"yt:SystemURL"==n.nodeName&&(p[n.attributes.type.value]=n.textContent.trim());else p=null;else if((p=n.attributes.schemeIdUri)&&"http://youtube.com/drm/2012/10/10"==p.textContent)for(p={},n=n.firstChild;null!=n;n=n.nextSibling)"SystemURL"==n.localName&&"http://youtube.com/yt/2012/10/10"==n.namespaceURI&&(p[n.attributes.type.textContent]= equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: pha=function(a,b,c,d){var e=new g.tn("https://www.googleapis.com/youtube/v3/videos");g.Cn(e,"id",a);g.Cn(e,"part","snippet,status,statistics");g.Cn(e,"fields","items/id,items/snippet/title,items/snippet/channelId,items/status/privacyStatus,items/statistics/viewCount");null!=d&&(b=(0,g.A)(b,d),c=(0,g.A)(c,d));ny(new g.cy,e,b,c)}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: qha=function(a,b,c,d){var e=new g.tn("https://www.googleapis.com/youtube/v3/channels");g.Cn(e,"id",a);g.Cn(e,"part","snippet,statistics,brandingSettings");g.Cn(e,"fields","items/id,items/snippet/title,items/snippet/thumbnails/default/url,items/statistics/videoCount,items/brandingSettings/image/bannerImageUrl");null!=d&&(b=(0,g.A)(b,d),c=(0,g.A)(c,d));ny(new g.cy,e,b,c)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: rha=function(a,b,c,d){var e=new g.un("https://www.googleapis.com/youtube/v3/videos");g.Dn(e,"id",a);g.Dn(e,"part","snippet,status,statistics");g.Dn(e,"fields","items/id,items/snippet/title,items/snippet/channelId,items/status/privacyStatus,items/statistics/viewCount");null!=d&&(b=(0,g.A)(b,d),c=(0,g.A)(c,d));ny(new g.cy,e,b,c)}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: sha=function(a,b,c,d){var e=new g.un("https://www.googleapis.com/youtube/v3/channels");g.Dn(e,"id",a);g.Dn(e,"part","snippet,statistics,brandingSettings");g.Dn(e,"fields","items/id,items/snippet/title,items/snippet/thumbnails/default/url,items/statistics/videoCount,items/brandingSettings/image/bannerImageUrl");null!=d&&(b=(0,g.A)(b,d),c=(0,g.A)(c,d));ny(new g.cy,e,b,c)}; equals www.youtube.com (Youtube)
Source: video[1].htm.3.drString found in binary or memory: src="http://www.youtube.com/embed/1uZWcKTCtkI" width="400" height="300" frameborder="0" allowfullscreen title="JoomlaWorks AllVideos Player"></iframe></div></div></div></p></div></div><div equals www.youtube.com (Youtube)
Source: video[1].htm.3.drString found in binary or memory: src="http://www.youtube.com/embed/CeX3uvPxRQY" width="400" height="300" frameborder="0" allowfullscreen title="JoomlaWorks AllVideos Player"></iframe></div></div></div></p></div></div><div equals www.youtube.com (Youtube)
Source: video[1].htm.3.drString found in binary or memory: src="http://www.youtube.com/embed/XLgn4PBA6Uw" width="400" height="300" frameborder="0" allowfullscreen title="JoomlaWorks AllVideos Player"></iframe></div></div></div></p></div></div><div equals www.youtube.com (Youtube)
Source: video[1].htm.3.drString found in binary or memory: src="http://www.youtube.com/embed/kH8TIiFkqRw" width="400" height="300" frameborder="0" allowfullscreen title="JoomlaWorks AllVideos Player"></iframe></div></div></div></p></div></div><div equals www.youtube.com (Youtube)
Source: video[1].htm.3.drString found in binary or memory: src="http://www.youtube.com/embed/m_ifDocouTo" width="400" height="300" frameborder="0" allowfullscreen title="JoomlaWorks AllVideos Player"></iframe></div></div></div></p></div></div><div equals www.youtube.com (Youtube)
Source: video[1].htm.3.drString found in binary or memory: src="http://www.youtube.com/embed/yxnlhNp8_6Q" width="400" height="300" frameborder="0" allowfullscreen title="JoomlaWorks AllVideos Player"></iframe></div></div></div></p></div></div><div equals www.youtube.com (Youtube)
Source: U332KZ1D.htm.3.drString found in binary or memory: src="https://www.facebook.com/tr?id=998386910233360&ev=PageView&noscript=1" equals www.facebook.com (Facebook)
Source: base[1].js0.3.drString found in binary or memory: this.X("click",this.ha);this.O(a,"appresize",this.Qc);this.O(a,"onVolumeChange",this.ia);var d=null;c.N?g.Af(this,sW(b.Ib(),this.element)):(d="Your browser doesn't support changing the volume. $BEGIN_LINKLearn More$END_LINK".split(/\$(BEGIN|END)_LINK/),d=new zW(a,{I:"span",ca:["ytp-popup","ytp-generic-popup"],U:{tabindex:"0"},P:[d[0],{I:"a",U:{href:"https://support.google.com/youtube/?p=noaudio",target:c.G},ba:d[2]},d[4]]},100,!0),g.K(this,d),d.hide(),d.subscribe("show",(0,g.A)(b.Vo,b,d)),g.fV(a, equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: this.aa=dN(!1,a.privembed);this.protocol=0==this.fb.indexOf("http:")?"http":"https";this.D=OJ(a.BASE_YT_URL||"")||OJ(this.fb)||this.protocol+"://www.youtube.com/";c=a.el;b="detailpage";"adunit"==c?b=this.o?"embedded":"detailpage":"embedded"==c||this.Nb?b=eN(b,c,Fla):c&&(b="embedded");this.Z=b;zH();c=null;b=a.ps;var d=g.Ua(nN,b);!b||d&&!this.Nb||(c=b);this.playerStyle=c;this.K=(this.jc=g.Ua(nN,this.playerStyle))&&"play"!=this.playerStyle&&"jamboard"!=this.playerStyle;this.Bq=!this.K;c={};this.A=(c.c= equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: this.aa=dN(!1,a.privembed);this.protocol=0==this.fb.indexOf("http:")?"http":"https";this.D=OJ(a.BASE_YT_URL||"")||OJ(this.fb)||this.protocol+"://www.youtube.com/";c=a.el;b="detailpage";"adunit"==c?b=this.o?"embedded":"detailpage":"embedded"==c||this.Nb?b=eN(b,c,Hla):c&&(b="embedded");this.Z=b;zH();c=null;b=a.ps;var d=g.Va(nN,b);!b||d&&!this.Nb||(c=b);this.playerStyle=c;this.K=(this.jc=g.Va(nN,this.playerStyle))&&"play"!=this.playerStyle&&"jamboard"!=this.playerStyle;this.Aq=!this.K;c={};this.A=(c.c= equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: tr=function(a,b,c){if(null==a)return null;c=new g.tn((null!=c?c:"//www.youtube.com/")+"watch");var d=c.o;d.set("v",a);d.set("feature",b?"trueview-instream":"instream");yn(c,d);return c.toString()}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: tz=function(a){if(!a.T){var b=a.va(),c=b.G;if(mu(b)&&!P()&&!a.Pa.Hp()&&c){b=a.Ma.getCurrentTime();var d=a.Ma.getDuration(),e=new g.un("//s.youtube.com/s");g.Dn(e,"ns","yt");g.Dn(e,"el","adunit");g.Dn(e,"docid",c);g.Dn(e,"eurl",document.URL);g.Dn(e,"len",d.toFixed(2));g.Dn(e,"tv","1");g.Dn(e,"ps","trueview-instream");g.Dn(e,"st",b.toFixed(2));g.Dn(e,"et",b.toFixed(2));g.Dn(e,"rt",b.toFixed(2));wo(e.toString());a.T=!0}}}; equals www.youtube.com (Youtube)
Source: base[1].js.3.drString found in binary or memory: tz=function(a){if(!a.T){var b=a.va(),c=b.G;if(mu(b)&&!P()&&!a.Pa.Ip()&&c){b=a.Ma.getCurrentTime();var d=a.Ma.getDuration(),e=new g.tn("//s.youtube.com/s");g.Cn(e,"ns","yt");g.Cn(e,"el","adunit");g.Cn(e,"docid",c);g.Cn(e,"eurl",document.URL);g.Cn(e,"len",d.toFixed(2));g.Cn(e,"tv","1");g.Cn(e,"ps","trueview-instream");g.Cn(e,"st",b.toFixed(2));g.Cn(e,"et",b.toFixed(2));g.Cn(e,"rt",b.toFixed(2));vo(e.toString());a.T=!0}}}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: ur=function(a,b,c){if(null==a)return null;c=new g.un((null!=c?c:"//www.youtube.com/")+"watch");var d=c.o;d.set("v",a);d.set("feature",b?"trueview-instream":"instream");zn(c,d);return c.toString()}; equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: var U1={},pO=(U1.playready=["com.youtube.playready","com.microsoft.playready"],U1.widevine=["com.widevine.alpha"],U1);g.h=g.dO.prototype;g.h.getId=function(){return this.Ka}; equals www.youtube.com (Youtube)
Source: remote[1].js.3.drString found in binary or memory: var b={type:"getMdxSessionStatus"};a.o?a.o.sendMessage("urn:x-cast:com.google.youtube.mdx",b,g.z,(0,g.A)(function(){t7(this,"Failed to send message: getMdxSessionStatus.")},a)):t7(a,"Sending yt message without session: "+g.Ug(b))},oFa=function(a,b){g.TE(a.C); equals www.youtube.com (Youtube)
Source: remote[2].js.3.drString found in binary or memory: var b={type:"getMdxSessionStatus"};a.o?a.o.sendMessage("urn:x-cast:com.google.youtube.mdx",b,g.z,(0,g.A)(function(){t7(this,"Failed to send message: getMdxSessionStatus.")},a)):t7(a,"Sending yt message without session: "+g.Vg(b))},rFa=function(a,b){g.TE(a.C); equals www.youtube.com (Youtube)
Source: base[1].js0.3.drString found in binary or memory: void 0,g.cU(this,a.errorCode,b,OL(a.details))):this.C&&(this.C.onError(a.errorCode,OL(a.details)),b&&"manifest.net.connect"==a.errorCode&&(a="https://www.youtube.com/generate_204?cpn="+this.o.clientPlaybackNonce+"&t="+g.lH(),(new MS(a,"manifest",(0,g.A)(function(a){this.yb("pathprobe",a)},this),(0,g.A)(function(a){this.onError(a.errorCode,OL(a.details))},this.C))).send()))}}; equals www.youtube.com (Youtube)
Performs DNS lookupsShow sources
Source: unknownDNS traffic detected: queries for: xn--b1apdkbbqid.xn--p1ai
Posts data to webserverShow sources
Source: unknownHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.12.2Date: Mon, 11 Feb 2019 16:59:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveX-Powered-By: PHP/5.3.29Set-Cookie: cbfb422174e4a427c487f553fb6fbd4a=a5af02931786766df5c70925c2d8efef; path=/P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"Set-Cookie: virtuemart=a5af02931786766df5c70925c2d8efefSet-Cookie: zt_kaupi_tpl=zt_kaupi; expires=Sat, 01-Feb-2020 16:59:11 GMT; path=/Set-Cookie: s5_qc=e9b82e4d55c91c6abbf9dedf898172a0a4xnExpires: Mon, 1 Jan 2001 00:00:00 GMTLast-Modified: Mon, 11 Feb 2019 16:59:11 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheData Raw: 33 35 62 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54
Tries to download or post to a non-existing http route (HTTP/1.1 404 Not Found / 503 Service Unavailable)Show sources
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.12.2Date: Mon, 11 Feb 2019 16:59:12 GMTContent-Type: text/html; charset=utf-8Content-Length: 1916Connection: keep-aliveAccept-Ranges: bytesData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 74 69 74 6c 65 3e d0 9e d1 88 d0 b8 d0 b1 d0 ba d0 b0 20 34 30 34 20 2d 20 d0 97 d0 b0 d0 bf d1 80 d0 b0 d1 88 d0 b8 d0 b2 d0 b0 d0 b5 d0 bc d0 b0 d1 8f 20 d1 81 d1 82 d1 80 d0 b0 d0 bd d0 b8 d1 86 d0 b0 20 d0 bd d0 b0 20 d1 81 d0 b0 d0 b9 d1 82 d0 b5 20 d0 be d1 82 d1 81 d1 83 d1 82 d1 81
Urls found in memory or binary dataShow sources
Source: watch[1].js.3.drString found in binary or memory: http://127.0.0.1
Source: fetchscript[1].js0.3.drString found in binary or memory: http://dean.edwards.name/weblog/2006/06/again/
Source: fcode[1].js.3.drString found in binary or memory: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6
Source: kontakty[1].htm.3.drString found in binary or memory: http://fonts.googleapis.com/css?family=Yanone
Source: css[1].css.3.drString found in binary or memory: http://fonts.gstatic.com/s/yanonekaffeesatz/v9/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-w.woff)
Source: base[1].js.3.drString found in binary or memory: http://imasdk.googleapis.com/flash/sdkloader/flashinhtml.swf
Source: CYW7OZ1K.htm.3.drString found in binary or memory: http://img.gismeteo.ru/flash/City100.swf?city=37144
Source: CYW7OZ1K.htm.3.drString found in binary or memory: http://img.gismeteo.ru/flash/fcode.js
Source: mootools[1].js.3.dr, fetchscript[1].js.3.drString found in binary or memory: http://mad4milk.net
Source: main_conc[1].js.3.drString found in binary or memory: http://metallprofil.ru/
Source: main_conc[1].js.3.drString found in binary or memory: http://mosigra.ru/
Source: main_conc[1].js.3.drString found in binary or memory: http://mvideo.ru/
Source: CYW7OZ1K.htm.3.drString found in binary or memory: http://neoservice.org/galary.html
Source: system[1].css.3.drString found in binary or memory: http://openid.net/images/login-bg.gif)
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: http://pagead2.googlesyndication.com/pagead/gen_204
Source: kontakty[1].htm.3.drString found in binary or memory: http://redconnect.ru
Source: main[1].js1.3.drString found in binary or memory: http://redconnect.ru/?cp=f1
Source: main[1].js1.3.drString found in binary or memory: http://redconnect.ru/?cp=p1
Source: main[1].js1.3.drString found in binary or memory: http://redconnect.ru/?cp=w1
Source: main[2].js.3.drString found in binary or memory: http://redhelper.com
Source: main[2].js.3.drString found in binary or memory: http://redhelper.ru
Source: main_conc[1].js.3.drString found in binary or memory: http://redhelper.ru/
Source: main_conc[1].js.3.drString found in binary or memory: http://rzdz.ru/
Source: main_conc[1].js.3.drString found in binary or memory: http://samson-pharma.ru/
Source: main_conc[1].js.3.drString found in binary or memory: http://shop.esetnod32.ru/
Source: U332KZ1D.htm.3.drString found in binary or memory: http://sk.ru
Source: main_conc[1].js.3.drString found in binary or memory: http://stoloto.ru/
Source: main_conc[1].js.3.drString found in binary or memory: http://sunmar.ru/shop/
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: http://tpc.googlesyndication.com/pagead/js/loader13.html
Source: CYW7OZ1K.htm.3.drString found in binary or memory: http://www.ZooTemplate.com
Source: msapplication.xml.2.drString found in binary or memory: http://www.amazon.com/
Source: main[1].css.3.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: AC_QuickTime[1].js.3.drString found in binary or memory: http://www.apple.com/qtactivex/qtplugin.cab#version=
Source: AC_QuickTime[1].js.3.drString found in binary or memory: http://www.apple.com/quicktime/download/
Source: fetchscript[1].js0.3.drString found in binary or memory: http://www.devira.com
Source: U332KZ1D.htm.3.drString found in binary or memory: http://www.forexmarketgates.ru/
Source: vodosnab[1].jpg.3.drString found in binary or memory: http://www.gettyimages.com8BIM
Source: template[1].css0.3.drString found in binary or memory: http://www.gnu.org/copyleft/gpl.html
Source: fetchscript[1].js0.3.drString found in binary or memory: http://www.gnu.org/copyleft/lesser.html
Source: ga[1].js.3.drString found in binary or memory: http://www.google-analytics.com
Source: msapplication.xml1.2.drString found in binary or memory: http://www.google.com/
Source: base[1].js0.3.drString found in binary or memory: http://www.google.com/adsense/support
Source: main_conc[1].js.3.drString found in binary or memory: http://www.gpncard.ru/
Source: wmvplayer[1].js.3.drString found in binary or memory: http://www.jeroenwijering.com/?item=JW_WMV_Player
Source: template[1].css0.3.drString found in binary or memory: http://www.joomlaworks.gr
Source: msapplication.xml2.2.drString found in binary or memory: http://www.live.com/
Source: fcode[1].js.3.drString found in binary or memory: http://www.macromedia.com/go/getflashplayer
Source: datD67E.tmp.3.dr, datFF55.tmp.3.drString found in binary or memory: http://www.marksimonson.comhttp://www.ms-studio.com/FontSales/msslicenseagreement.html
Source: datD67E.tmp.3.dr, datFF55.tmp.3.drString found in binary or memory: http://www.marksimonson.comhttp://www.ms-studio.com/FontSales/msslicenseagreement.htmlCopyright
Source: datD67E.tmp.3.dr, datFF55.tmp.3.drString found in binary or memory: http://www.marksimonson.comhttp://www.ms-studio.com/FontSales/msslicenseagreement.htmlProxima
Source: msapplication.xml3.2.drString found in binary or memory: http://www.nytimes.com/
Source: msapplication.xml4.2.drString found in binary or memory: http://www.reddit.com/
Source: msapplication.xml5.2.drString found in binary or memory: http://www.twitter.com/
Source: fetchscript[1].js0.3.drString found in binary or memory: http://www.walterzorn.com
Source: fetchscript[1].js0.3.drString found in binary or memory: http://www.walterzorn.de
Source: msapplication.xml6.2.drString found in binary or memory: http://www.wikipedia.com/
Source: fetchscript[1].js.3.drString found in binary or memory: http://www.youngpup.net
Source: msapplication.xml7.2.drString found in binary or memory: http://www.youtube.com/
Source: video[1].htm.3.drString found in binary or memory: http://www.youtube.com/embed/1uZWcKTCtkI
Source: video[1].htm.3.drString found in binary or memory: http://www.youtube.com/embed/CeX3uvPxRQY
Source: video[1].htm.3.drString found in binary or memory: http://www.youtube.com/embed/XLgn4PBA6Uw
Source: video[1].htm.3.drString found in binary or memory: http://www.youtube.com/embed/kH8TIiFkqRw
Source: video[1].htm.3.drString found in binary or memory: http://www.youtube.com/embed/m_ifDocouTo
Source: video[1].htm.3.drString found in binary or memory: http://www.youtube.com/embed/yxnlhNp8_6Q
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: http://www.youtube.com/video/
Source: base[1].js.3.drString found in binary or memory: http://www.youtube.com/videoplayback
Source: 1uZWcKTCtkI[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=1uZWcKTCtkI
Source: 9EDo6zQJJGM[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=9EDo6zQJJGM
Source: CeX3uvPxRQY[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=CeX3uvPxRQY
Source: XLgn4PBA6Uw[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=XLgn4PBA6Uw
Source: kH8TIiFkqRw[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=kH8TIiFkqRw
Source: m_ifDocouTo[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=m_ifDocouTo
Source: yxnlhNp8_6Q[1].htm.3.drString found in binary or memory: http://www.youtube.com/watch?v=yxnlhNp8_6Q
Source: patterns[1].css.3.drString found in binary or memory: http://www.zootemplate.com
Source: magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.dr, magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/ceny.html
Source: magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/fetchscript.php?gzip=0&amp;subdir
Source: magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/category/resized/___________54d
Source: magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/category/resized/_____________5
Source: magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/category/resized/______________
Source: magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/ps_image/menu_logo.gif
Source: kontakty[1].htm.3.dr, CYW7OZ1K.htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/show_image_in_imgtag.php?filename=resized%
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/kontakty.html
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.dr, magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/magazin.html
Source: CYW7OZ1K.htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/modules/mod_jv_headline/assets/css/horizotal.css
Source: CYW7OZ1K.htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/modules/mod_jv_headline/assets/css/jv_boro.css
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/nashi-uslugi.html
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/js/ie_p
Source: kontakty[1].htm.3.dr, CYW7OZ1K.htm.3.dr, magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menu
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/stati-o-remonte.html
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/system/css/general.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/system/css/system.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/colors/
Source: kontakty[1].htm.3.dr, CYW7OZ1K.htm.3.dr, magazin[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/css3.php?url=http://xn--b1apdkbbqid.xn--p1ai/
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/default.css
Source: kontakty[1].htm.3.dr, CYW7OZ1K.htm.3.dr, magazin[1].htm.3.dr, video[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/fonts.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/ie6.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/ie7.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/modules.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/patterns.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/rainbow.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/template.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/typo.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.css
Source: kontakty[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.css
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.dr, video[1].htm.3.drString found in binary or memory: http://xn--b1apdkbbqid.xn--p1ai/video.html
Source: base[1].js0.3.drString found in binary or memory: http://youtube.com/drm/2012/10/10
Source: base[1].js0.3.drString found in binary or memory: http://youtube.com/streaming/metadata/segment/102015
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: http://youtube.com/streaming/otf/durations/112015
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: http://youtube.com/yt/2012/10/10
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://admin.youtube.com
Source: base[1].js.3.drString found in binary or memory: https://adssettings.google.com
Source: main_conc[1].js.3.drString found in binary or memory: https://broker.ru/
Source: U332KZ1D.htm.3.drString found in binary or memory: https://crm.redhelper.ru/clients/
Source: U332KZ1D.htm.3.drString found in binary or memory: https://crm.redhelper.ru/search?q=
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://docs.google.com/get_video_info
Source: base[1].js.3.drString found in binary or memory: https://imasdk.googleapis.com/flash/sdkloader/flashinhtml.swf
Source: U332KZ1D.htm.3.drString found in binary or memory: https://itunes.apple.com/app/id1027280528
Source: main_conc[1].js.3.drString found in binary or memory: https://lazurit.com/
Source: U332KZ1D.htm.3.drString found in binary or memory: https://play.google.com/store/apps/details?id=ru.redhelper.mobile&hl=ru
Source: U332KZ1D.htm.3.drString found in binary or memory: https://redhelper.nanotech42.com/
Source: main_conc[1].js.3.drString found in binary or memory: https://redhelper.ru/
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://redhelper.ru/?
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://redhelper.ru/?copy
Source: redhelper[1].xml.3.drString found in binary or memory: https://redhelper.ru/?copy&quot;
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://redhelper.ru/?copyRoot
Source: ~DF32190C8DDDA60A40.TMP.2.drString found in binary or memory: https://redhelper.ru/?copyUA-CPUAMD64
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://redhelper.ru/?copyt
Source: imagestore.dat.3.drString found in binary or memory: https://redhelper.ru/favicon.ico
Source: main_conc[1].js.3.drString found in binary or memory: https://redhelper.ru/my/
Source: main_conc[1].js.3.drString found in binary or memory: https://redhelper.ru/my/redhelper/balance
Source: ga[1].js.3.drString found in binary or memory: https://ssl.google-analytics.com
Source: ga[1].js.3.drString found in binary or memory: https://ssl.google-analytics.com/j/__utm.gif
Source: ga[1].js.3.drString found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://support.google.com/ads/answer/7029660#match
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://support.google.com/youtube/?p=missing_quality
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://support.google.com/youtube/?p=noaudio
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://support.google.com/youtube/?p=report_playback
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://support.google.com/youtube/answer/6276924
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://viacon.corp.google.com
Source: U332KZ1D.htm.3.drString found in binary or memory: https://vk.com/redhelper_ru
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://web.redhelper.ru/chat/?c=neoservice&skin=mac&version=3.1.539.1534932425235
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://web.redhelper.ru/chat/?c=neoservice&skin=mac&version=3.1.539.1534932425235#eyJ1cmwiOiJodHRwO
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://web.redhelper.ru/chat/?c=rhlp&skin=material&version=3.1.539.1534932425235
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://web.redhelper.ru/chat/?c=rhlp&skin=material&version=3.1.539.1534932425235#eyJ1cmwiOiJodHRwcz
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://web.redhelper.ru/chat/upload.html
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://web.redhelper.ru/connect/v2/connector.html?v=3.2.1.1529002248643&countryCode=CH&textPlacehol
Source: U332KZ1D.htm.3.drString found in binary or memory: https://web.redhelper.ru/nx/eula?c=rhlp&site=https://redhelper.ru
Source: kontakty[1].htm.3.drString found in binary or memory: https://web.redhelper.ru/service/main.js?c=neoservice
Source: U332KZ1D.htm.3.drString found in binary or memory: https://web.redhelper.ru/service/main.js?c=rhlp
Source: main_conc[1].js.3.drString found in binary or memory: https://wildberries.ru/
Source: ga[1].js.3.drString found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: ga[1].js.3.drString found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.google.com/settings/ads
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.googleapis.com/certificateprovisioning/v1/devicecertificates/create?key=AIzaSyB-5OLKTx2i
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.googleapis.com/urlshortener/v1/url?key=AIzaSyBbSB-E7SYd1iggX6r2b5C7ljvO6fVqaj0&shortUrl=
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.googleapis.com/youtube/v3/channels
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.googleapis.com/youtube/v3/videos
Source: remote[2].js.3.dr, remote[1].js.3.drString found in binary or memory: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.macromedia.com/go/getflashplayer
Source: watch[1].js.3.drString found in binary or memory: https://www.tns-counter.ru/V13a
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/1uZWcKTCtkI
Source: U332KZ1D.htm.3.dr, {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/CeX3uvPxRQY
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/XLgn4PBA6Uw
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/kH8TIiFkqRw
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/m_ifDocouTo
Source: {D85B0CC3-2E69-11E9-AAD9-C25F135D3C65}.dat.2.drString found in binary or memory: https://www.youtube.com/embed/yxnlhNp8_6Q
Source: base[1].js0.3.drString found in binary or memory: https://www.youtube.com/generate_204?cpn=
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://www.youtube.com/iframe_api
Source: 1uZWcKTCtkI[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=1uZWcKTCtkI
Source: 9EDo6zQJJGM[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=9EDo6zQJJGM
Source: CeX3uvPxRQY[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=CeX3uvPxRQY
Source: XLgn4PBA6Uw[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=XLgn4PBA6Uw
Source: kH8TIiFkqRw[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=kH8TIiFkqRw
Source: m_ifDocouTo[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=m_ifDocouTo
Source: yxnlhNp8_6Q[1].htm.3.drString found in binary or memory: https://www.youtube.com/watch?v=yxnlhNp8_6Q
Source: watch[1].js.3.drString found in binary or memory: https://yandexmetrica.com
Source: watch[1].js.3.drString found in binary or memory: https://yastatic.net/metrika-static-watch/assessor-compare.js
Source: watch[1].js.3.drString found in binary or memory: https://yastatic.net/metrika-static-watch/assessor-init.js
Source: watch[1].js.3.drString found in binary or memory: https://yastatic.net/q/global-notifications/cc/_lego-cc
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://youtu.be/
Source: base[1].js0.3.dr, base[1].js.3.drString found in binary or memory: https://youtube.com/api/drm/fps?ek=uninitialized
Uses HTTPSShow sources
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822

System Summary:

barindex
Classification labelShow sources
Source: classification engineClassification label: clean1.win@3/315@17/12
Creates files inside the user directoryShow sources
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\HighJump to behavior
Creates temporary filesShow sources
Source: C:\Program Files\internet explorer\iexplore.exeFile created: C:\Users\user\AppData\Local\Temp\~DF085F1F6BB9636F80.TMPJump to behavior
Reads ini filesShow sources
Source: C:\Program Files\internet explorer\iexplore.exeFile read: C:\Users\desktop.iniJump to behavior
Spawns processesShow sources
Source: unknownProcess created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: unknownProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1696 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exeProcess created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1696 CREDAT:17410 /prefetch:2Jump to behavior
Tries to open an application configuration file (.cfg)Show sources
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Windows\SysWOW64\Macromed\Flash\ss.cfgJump to behavior
Found graphical window changes (likely an installer)Show sources
Source: Window RecorderWindow detected: More than 3 window changes detected
Uses new MSVCR DllsShow sources
Source: C:\Program Files (x86)\Internet Explorer\iexplore.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_171\bin\msvcr100.dllJump to behavior

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
behaviorgraph top1 process2 2 Behavior Graph ID: 109776 URL: http://xn--b1apdkbbqid.xn--p1ai/ Startdate: 11/02/2019 Architecture: WINDOWS Score: 1 5 iexplore.exe 14 82 2->5         started        process3 7 iexplore.exe 7 427 5->7         started        dnsIp4 10 mc.yandex.ru 87.250.250.119, 443, 49829, 49830 YANDEXRU Russian Federation 7->10 12 vk.com 87.240.180.136, 443, 49833, 49834 VKONTAKTE-SPB-AShttpvkcomRU Russian Federation 7->12 14 23 other IPs or domains 7->14

Simulations

Behavior and APIs

No simulations

Antivirus Detection

Initial Sample

SourceDetectionScannerLabelLink
http://xn--b1apdkbbqid.xn--p1ai/0%virustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLinkDownload
xn--b1apdkbbqid.xn--p1ai0%virustotalBrowseDownload File
hb.bizmrg.com0%virustotalBrowseDownload File

URLs

SourceDetectionScannerLabelLinkDownload
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb34fcd97c4_140x140.jpg&newxsize=140&newysize=140&fileout=0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/kotly/0000000242v.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/modules/mod_jv_headline/assets/images/bg_featured_bottom.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/logo_int-60.gif0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/bg_member_login_bottom.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/7/vodosnab.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb2d382fb1c_140x140.jpg&newxsize=140&newysize=140&fileout=0%Avira URL CloudsafeDownload File
http://www.youngpup.net0%virustotalBrowseDownload File
http://www.youngpup.net0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/thumbs/80/com_content/118/thumbl_700x320.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/6/polypropylene-pipes.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/favicon.ico0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/indent1.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/thumbs/83/com_content/111/thumbs_270x141.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/default&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/kotly/27.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/phocagallery/Kotelnye/dscn4364.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/system/css/general.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/category/resized/_________________54df586740c69_150x150.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/modules.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/buderus.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/modules/mod_jv_headline/assets/images/bg_icon_slide_active.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/modules/mod_jv_headline/assets/images/jv_boro/preload.gif0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/giacomini_logo.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/thumbs/80/com_content/104/thumbl_700x320.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/plugins/content/jw_allvideos/tmpl/Classic/css/template.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/wilo.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/thumbs/83/com_content/105/thumbs_270x141.jpg0%Avira URL CloudsafeDownload File
http://www.walterzorn.de0%virustotalBrowseDownload File
http://www.walterzorn.de0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb338812eac_140x140.jpg&newxsize=140&newysize=140&fileout=0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/phocagallery/Kotelnye/dscn4280.jpg0%Avira URL CloudsafeDownload File
http://dean.edwards.name/weblog/2006/06/again/0%virustotalBrowseDownload File
http://dean.edwards.name/weblog/2006/06/again/0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai0%virustotalBrowseDownload File
http://xn--b1apdkbbqid.xn--p1ai0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/category/resized/___________54df603159681_150x150.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/colors/0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/776800-60.gif0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/media/system/js/mootools.js0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/orig_vaillant_logo-60.gif0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/bg-wapper.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/bg-slide-bottom.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/zt_kaupi_bg_footer.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/6/101.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/plugins/content/jw_allvideos/includes/js/quicktimeplayer/AC_QuickTime.js0%Avira URL CloudsafeDownload File
http://redconnect.ru/?cp=p10%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/ie7.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/css/default.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/nasosy/31.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/bg-user.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/shop_image/category/resized/_________________54df5be66521a_150x150.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/thumbs/83/com_content/110/thumbs_270x141.jpg0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/plugins/system/plg_ztools/libs/minify/?f=/templates/zt_kaupi/zt_menus/zt_megamenu/zt.megamenu.js,/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.js,/modules/mod_jv_headline/assets/js/horizotal.js,/modules/mod_jv_headline/assets/js/jv_boro.js0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/components/com_virtuemart/show_image_in_imgtag.php?filename=resized%2F_________________54eb32dd651cf_140x140.jpg&newxsize=140&newysize=140&fileout=0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/brands/logo.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/payment2.gif0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/zt_menus/zt_fancymenu/zt_fancymenu.css0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/templates/zt_kaupi/images/bg-body.png0%Avira URL CloudsafeDownload File
http://xn--b1apdkbbqid.xn--p1ai/images/stories/7/72944.jpg0%Avira URL CloudsafeDownload File

Yara Overview

Initial Sample

No yara matches

PCAP (Network Traffic)

No yara matches

Dropped Files

No yara matches

Memory Dumps

No yara matches

Unpacked PEs

No yara matches

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.