Overview

URL t.ks.ua
IP88.198.13.114
ASNAS24940 Hetzner Online GmbH
Location Germany
Report completed2017-11-28 18:10:29 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-11-28 2 t.ks.ua/ Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/js/js_9PoCIpaBdXzAfwjeoO2ibi_TtEs6jMROpVOwk (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/favicon_1.ico Malware
2017-11-28 2 www.t.ks.ua/ Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/js/js_URfWn4saN9E3ALH5gyoaI9cY8jCUptAbysGUa (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/js/js_1AMzlCDQxgGquc8G2iJdT1uuMI0-iSG_YUoWQ (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/js/js_BAhqE0nsQns6shJD8cBPNaX58HANh3tzWfxSl (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/125829e3f182f72de (...) Malware
2017-11-28 2 www.t.ks.ua/sites/all/modules/advpoll/nodejs.js Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/1595093.jpg?itok= (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/1511787408_article (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/0b98f628-c4fa-49f (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/20112017_56.jpg?i (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/712d98ec9f317fec74 (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/fd8339ae272f2735ff (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/23755131_189185534 (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/1511358279_363c91a (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/1509959209_231725 (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/1510576096_1_0.jpg (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/front_left/public/45_248.jpg?itok=5d (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_170x96/public/1511424580_17204 (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_55x45/public/44_91.jpg?itok=5v (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_55x45/public/011_1.jpg?itok=Ma (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_397.jpg?itok (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_439.jpg?itok (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_384.jpg?itok (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_380.jpg?itok (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/44_91.jpg?itok= (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_363.jpg?itok (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/011_1.jpg?itok= (...) Malware
2017-11-28 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_345.jpg?itok (...) Malware
2017-11-28 2 www.t.ks.ua/sites/all/themes/th/fonts/ArialNarrowRegular/ArialNarrowRegular.woff Malware
2017-11-28 2 www.t.ks.ua/sites/all/themes/th/fonts/ArialNarrowBold/ArialNarrowBold.woff Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 88.198.13.114

Date UQ / IDS / BL URL IP
2019-06-11 14:29:33 +0200
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2019-03-13 21:45:17 +0100
0 - 0 - 0 t.ks.ua 88.198.13.114
2018-11-21 15:59:53 +0100
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2018-08-10 12:32:09 +0200
0 - 0 - 0 www.t.ks.ua/sites/default/files/styles/my_lar (...) 88.198.13.114
2018-01-07 22:54:15 +0100
0 - 0 - 33 www.t.ks.ua/ 88.198.13.114
2017-12-05 12:38:07 +0100
0 - 0 - 12 www.t.ks.ua/v-avarii-po-doroge-na-more-bla-bl (...) 88.198.13.114
2017-11-06 00:39:27 +0100
0 - 0 - 37 www.t.ks.ua/ 88.198.13.114
2017-10-31 20:59:22 +0100
0 - 0 - 36 t.ks.ua/ 88.198.13.114
2017-10-31 08:16:40 +0100
0 - 0 - 37 t.ks.ua/ 88.198.13.114
2017-10-25 16:04:35 +0200
0 - 0 - 0 www.t.ks.ua/ 88.198.13.114

Last 10 reports on ASN: AS24940 Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2019-07-01 11:15:49 +0200
0 - 0 - 0 morskiemile.pl/ 88.198.46.46
2019-07-01 11:05:39 +0200
0 - 0 - 0 https://piranshop.ir/ 144.76.241.226
2019-07-01 06:10:34 +0200
0 - 5 - 0 ua.bizorg.su 136.243.18.232
2019-07-01 04:06:07 +0200
0 - 0 - 0 https://ofness.com/login/ 78.46.102.215
2019-07-01 03:01:20 +0200
0 - 0 - 0 onlinetvi.bloggersdelight.dk/2019/07/01/freeu (...) 138.201.204.196
2019-06-30 17:02:47 +0200
0 - 0 - 0 138.201.66.111 138.201.66.111
2019-06-30 14:17:39 +0200
0 - 0 - 0 https://www.oosterbaan-living.nl/ 78.46.99.89
2019-06-30 10:44:01 +0200
0 - 0 - 0 yu21uy.com 136.243.218.221
2019-06-30 08:38:29 +0200
0 - 0 - 0 https://blog.elcomsoft.com/2019/06/unusual-ip (...) 88.198.215.58
2019-06-30 01:33:48 +0200
0 - 0 - 0 https://ethnics.ru/Parker-vs-Alex-Leap-Fight- (...) 144.76.117.254

Last 10 reports on domain: t.ks.ua

Date UQ / IDS / BL URL IP
2019-06-11 14:29:33 +0200
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2019-03-13 21:45:17 +0100
0 - 0 - 0 t.ks.ua 88.198.13.114
2018-11-21 15:59:53 +0100
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2018-08-10 12:32:09 +0200
0 - 0 - 0 www.t.ks.ua/sites/default/files/styles/my_lar (...) 88.198.13.114
2018-01-07 22:54:15 +0100
0 - 0 - 33 www.t.ks.ua/ 88.198.13.114
2017-12-05 12:38:07 +0100
0 - 0 - 12 www.t.ks.ua/v-avarii-po-doroge-na-more-bla-bl (...) 88.198.13.114
2017-11-06 00:39:27 +0100
0 - 0 - 37 www.t.ks.ua/ 88.198.13.114
2017-10-31 20:59:22 +0100
0 - 0 - 36 t.ks.ua/ 88.198.13.114
2017-10-31 08:16:40 +0100
0 - 0 - 37 t.ks.ua/ 88.198.13.114
2017-10-25 16:04:35 +0200
0 - 0 - 0 www.t.ks.ua/ 88.198.13.114


JavaScript

Executed Scripts (57)


Executed Evals (2)

#1 JavaScript::Eval (size: 5613, repeated: 1) - SHA256: 2e1495a7979eeb16e1bf408bd283088d4288280ebfaeafe9097c584e68de61a0

                                        __da_info_params = {
    windowLoaded: 0,
    scrollTop: 0,
    scrolls: 0,
    distance: 0,
    startTime: null,
    prevEvent: null,
    prevEventTime: null
};
var events_arr = ['mousedown', 'mouseup', 'touchstart', 'touchend', 'touchcancel', 'click'];
var e_arr = ['md', 'mu', 'ts', 'te', 'tc', 'cl'];
var events_log = [];
__da_info_params.addClass = function(el, cls) {
    if (!this.hasClass(el, cls)) el.className += " " + cls
};
__da_info_params.hasClass = function(el, cls) {
    return el.className.match(new RegExp('(\\s|^)' + cls + '(\\s|$)'))
};
__da_info_params.on = function(el, evt, fn, bubble) {
    if ("addEventListener" in el) {
        try {
            el.addEventListener(evt, fn, bubble)
        } catch (e) {
            if (typeof fn == "object" && fn.handleEvent) {
                el.addEventListener(evt, function(e) {
                    fn.handleEvent.call(fn, e)
                }, bubble)
            } else {
                throw e
            }
        }
    } else if ("attachEvent" in el) {
        if (typeof fn == "object" && fn.handleEvent) {
            el.attachEvent("on" + evt, function() {
                fn.handleEvent.call(fn)
            })
        } else {
            el.attachEvent("on" + evt, fn)
        }
    }
};
events_arr.forEach(function(item, index) {
    __da_info_params.on(document, item, function(e) {
        if (e.type !== __da_info_params.prevEvent) {
            var time = new Date().getTime();
            var delta = (__da_info_params.prevEventTime) ? (time - __da_info_params.prevEventTime) : (time - __da_info_params.startTime);
            events_log.push(delta + '|' + e_arr[events_arr.indexOf(e.type)]);
            if (events_log.length > 10) {
                events_log.shift()
            }
            __da_info_params.prevEventTime = time;
            __da_info_params.prevEvent = e.type
        }
    }, false)
});
__da_info_params.on(window, 'load', function() {
    __da_info_params.startTime = new Date().getTime();
    __da_info_params.windowLoaded = 1;
    __da_info_params.scrollTop = document.documentElement.scrollTop || document.body.scrollTop;
    if (!__da_info_params.scrollTop) __da_info_params.scrollTop = 0
}, false);
__da_info_params.on(window, 'scroll', function() {
    var scrollTop = document.documentElement.scrollTop || document.body.scrollTop;
    __da_info_params.scrolls += Math.abs(__da_info_params.scrollTop - scrollTop);
    __da_info_params.scrollTop = scrollTop
}, false);
__da_info_params.on(document, 'mousemove', function() {
    __da_info_params.distance++
}, false);

function __da_info(el, event) {
    if (!el || el.type == 'click') el = this;
    var h = el.getAttribute('href');
    var n = (h.indexOf('?') > -1 ? '&' : '?') + 't' + 's' + '=';
    if (h.indexOf(n) < 0) {
        window["w"] = window;
        var params = '';
        var s = "\x77\x2e\x73\x63\x72\x65\x65\x6e\x2e\x77\x69\x64\x74\x68\x7c\x77\x2e\x6d\x6f\x7a\x49\x6e\x6e\x65\x72\x53\x63\x72\x65\x65\x6e\x58\x7c\x77\x2e\x65\x78\x74\x65\x72\x6e\x61\x6c\x7c\x77\x2e\x70\x61\x67\x65\x58\x4f\x66\x66\x73\x65\x74\x7c\x77\x2e\x64\x6f\x63\x75\x6d\x65\x6e\x74\x2e\x62\x6f\x64\x79\x2e\x73\x63\x72\x6f\x6c\x6c\x4c\x65\x66\x74\x7c\x77\x2e\x64\x65\x76\x69\x63\x65\x50\x69\x78\x65\x6c\x52\x61\x74\x69\x6f\x7c\x77\x2e\x64\x6f\x63\x75\x6d\x65\x6e\x74\x2e\x61\x6c\x6c\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x62\x74\x6f\x61\x7c\x77\x2e\x41\x63\x74\x69\x76\x65\x58\x4f\x62\x6a\x65\x63\x74\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x6e\x61\x76\x69\x67\x61\x74\x6f\x72\x2e\x75\x73\x65\x72\x50\x72\x6f\x66\x69\x6c\x65\x7c\x77\x2e\x53\x74\x6f\x72\x61\x67\x65\x7c\x77\x2e\x6f\x70\x65\x72\x61\x3f\x77\x2e\x6f\x70\x65\x72\x61\x2e\x62\x75\x69\x6c\x64\x4e\x75\x6d\x62\x65\x72\x28\x29\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x6f\x70\x65\x72\x61\x3f\x77\x2e\x6f\x70\x65\x72\x61\x2e\x76\x65\x72\x73\x69\x6f\x6e\x28\x29\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x63\x68\x72\x6f\x6d\x65\x7c\x77\x2e\x73\x69\x64\x65\x62\x61\x72\x7c\x77\x2e\x67\x6c\x6f\x62\x61\x6c\x53\x74\x6f\x72\x61\x67\x65\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x5f\x5f\x64\x61\x5f\x69\x6e\x66\x6f\x5f\x70\x61\x72\x61\x6d\x73\x2e\x73\x63\x72\x6f\x6c\x6c\x73\x7c\x5f\x5f\x64\x61\x5f\x69\x6e\x66\x6f\x5f\x70\x61\x72\x61\x6d\x73\x2e\x64\x69\x73\x74\x61\x6e\x63\x65\x7c\x5f\x5f\x64\x61\x5f\x69\x6e\x66\x6f\x5f\x70\x61\x72\x61\x6d\x73\x2e\x68\x61\x73\x43\x6c\x61\x73\x73\x28\x65\x6c\x2c\x20\x27\x44\x41\x2d\x4d\x4f\x56\x27\x29\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x6c\x6f\x63\x61\x6c\x53\x74\x6f\x72\x61\x67\x65";
        s = s.split(String.fromCharCode(124));
        var wBlock = 0,
            hBlock = 0,
            p;
        try {
            p = el.parentNode;
            var tc = 0;
            while (p !== null) {
                if (p.tagName.toLowerCase() == 'table') {
                    tc++;
                    if (tc == 2) {
                        var wBlock = !p.style.width || p.style.width.indexOf('%') > -1 ? p.parentNode.offsetWidth : parseInt(p.style.width);
                        var hBlock = !p.style.height || p.style.height.indexOf('%') > -1 ? p.parentNode.offsetHeight : parseInt(p.style.height);
                        break
                    }
                }
                p = p.parentNode
            }
        } catch (ex) {}
        s.push(wBlock);
        s.push(hBlock);
        var connection = navigator.connection || navigator.mozConnection || navigator.webkitConnection;
        s.push(connection ? '"' + connection.type + '"' : undefined);
        var coords = '0,0';
        if (event && wBlock && hBlock) {
            var leftPos = 0;
            var topPos = 0;
            var obj = p;
            while (obj != null) {
                leftPos += obj.offsetLeft;
                topPos += obj.offsetTop;
                obj = obj.offsetParent
            }
            var clientX = event.clientX + document.body.scrollLeft;
            var clientY = event.clientY + document.body.scrollTop;
            coords = '"' + parseInt(clientX - leftPos) + ',' + parseInt(clientY - topPos) + '"'
        }
        s.push(coords);
        s.push(__da_info_params.windowLoaded);
        for (var i = 0; i < s.length; i++) {
            var z = eval(s[i]);
            params += String.fromCharCode(97 + i) + (z === undefined ? '-' : (typeof z === "object" || typeof z === "function" ? 1 : z))
        }
        params += '&at=' + events_log.join('|');
        h += n + params;
        el.setAttribute('href', h)
    }
    return true
}

function __da_info_over(el) {
    __da_info_params.addClass(el, 'DA-MOV')
}(function() {
    var timerId = setInterval(function() {
        var links = document.getElementsByTagName('a');
        for (var i = 0; i < links.length; i++) {
            var url = links[i].getAttribute('data-url');
            if (!url || links[i].getAttribute('data-xurl')) {
                continue
            }
            links[i].setAttribute('data-xurl', links[i].getAttribute('href'));
            links[i].setAttribute('href', url);
            __da_info_params.on(links[i], 'mousedown', function() {
                this.setAttribute('href', this.getAttribute('data-xurl'))
            }, false)
        }
    }, 1000)
})();
                                    

#2 JavaScript::Eval (size: 286, repeated: 1) - SHA256: a36153bdb772ff70c9f6c2c467bc4c5a267e642cae2fbf1ebf89d819b5c889cf

                                        try {
    new Image().src = '//counter.yadro.ru/hit;All_da_nnn_dn_realty?r' + escape(document.referrer) + ((typeof(screen) == 'undefined') ? '' : ';s' + screen.width + '*' + screen.height + '*' + (screen.colorDepth ? screen.colorDepth : screen.pixelDepth)) + ';u' + escape(document.URL) + ';' + Math.random();
} catch (e) {}
                                    

Executed Writes (10)

#1 JavaScript::Write (size: 1768, repeated: 1) - SHA256: 15fbb2a5c4da148cb8017fc490c45f116339be78a50f7e3ee1f2b812faed2adb

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-3410491531423553"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20171113/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_slot="5488537826";google_ad_client="ca-pub-3410491531423553";google_adsbygoogle_status="done";google_ad_width=728;google_ad_height=90;google_ad_modifications={"plle":true,"eids":["156549041","156549041","21061122"],"loeids":["156549051"]};google_loader_used="aa";google_reactive_tag_first=false;google_ad_format="728x90";google_ad_unit_key="3230642478";google_ad_dom_fingerprint="807048394";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1511889394020;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjI1NDg4NTM3ODI2JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0zNDEwNDkxNTMxNDIzNTUzJTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E3MjglMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBOTAlMkMlMjJnb29nbGVfYWRfbW9kaWZpY2F0aW9ucyUyMiUzQSU3QiUyMnBsbGUlMjIlM0F0cnVlJTJDJTIyZWlkcyUyMiUzQSU1QiUyMjE1NjU0OTA0MSUyMiUyQyUyMjE1NjU0OTA0MSUyMiUyQyUyMjIxMDYxMTIyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMTU2NTQ5MDUxJTIyJTVEJTdEJTJDJTIyZ29vZ2xlX2xvYWRlcl91c2VkJTIyJTNBJTIyYWElMjIlMkMlMjJnb29nbGVfcmVhY3RpdmVfdGFnX2ZpcnN0JTIyJTNBZmFsc2UlMkMlMjJnb29nbGVfYWRfZm9ybWF0JTIyJTNBJTIyNzI4eDkwJTIyJTJDJTIyZ29vZ2xlX2FkX3VuaXRfa2V5JTIyJTNBJTIyMzIzMDY0MjQ3OCUyMiUyQyUyMmdvb2dsZV9hZF9kb21fZmluZ2VycHJpbnQlMjIlM0ElMjI4MDcwNDgzOTQlMjIlN0Q=";google_bpp=25;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js" > < /script></body > < /html>
                                    

#2 JavaScript::Write (size: 1570, repeated: 1) - SHA256: b176d169b6531ee05d12909a0feaab1f5b6e87b2c48133252341674d68fde85a

                                        < !doctype html > < html > < body > < script > google_ad_slot = "3872203828";
google_ad_client = "ca-pub-3410491531423553";
google_adsbygoogle_status = "done";
google_ad_width = 300;
google_ad_height = 600;
google_ad_modifications = {
    "plle": true,
    "eids": ["156549041", "156549041", "21061122"],
    "loeids": ["156549051"]
};
google_loader_used = "aa";
google_reactive_tag_first = false;
google_ad_format = "300x600";
google_ad_unit_key = "4137196353";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 2;
google_async_iframe_id = "aswift_1";
google_start_time = 1511889394404;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjIzODcyMjAzODI4JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0zNDEwNDkxNTMxNDIzNTUzJTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0EzMDAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBNjAwJTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIxNTY1NDkwNDElMjIlMkMlMjIxNTY1NDkwNDElMjIlMkMlMjIyMTA2MTEyMiUyMiU1RCUyQyUyMmxvZWlkcyUyMiUzQSU1QiUyMjE1NjU0OTA1MSUyMiU1RCU3RCUyQyUyMmdvb2dsZV9sb2FkZXJfdXNlZCUyMiUzQSUyMmFhJTIyJTJDJTIyZ29vZ2xlX3JlYWN0aXZlX3RhZ19maXJzdCUyMiUzQWZhbHNlJTJDJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjMwMHg2MDAlMjIlMkMlMjJnb29nbGVfYWRfdW5pdF9rZXklMjIlM0ElMjI0MTM3MTk2MzUzJTIyJTJDJTIyZ29vZ2xlX2FkX2RvbV9maW5nZXJwcmludCUyMiUzQSUyMjgwNzA0ODM5NCUyMiU3RA==";
google_bpp = 23;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20171113 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#3 JavaScript::Write (size: 1569, repeated: 1) - SHA256: 2e82a3eab17c2e0b48c52af76e772edd840a2b175d8f0ce493d904fbc2e3544f

                                        < !doctype html > < html > < body > < script > google_ad_slot = "9081132626";
google_ad_client = "ca-pub-3410491531423553";
google_adsbygoogle_status = "done";
google_ad_width = 980;
google_ad_height = 120;
google_ad_modifications = {
    "plle": true,
    "eids": ["156549041", "156549041", "21061122"],
    "loeids": ["156549051"]
};
google_loader_used = "aa";
google_reactive_tag_first = false;
google_ad_format = "980x120";
google_ad_unit_key = "3817973285";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 3;
google_async_iframe_id = "aswift_2";
google_start_time = 1511889394580;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjI5MDgxMTMyNjI2JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0zNDEwNDkxNTMxNDIzNTUzJTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E5ODAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBMTIwJTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIxNTY1NDkwNDElMjIlMkMlMjIxNTY1NDkwNDElMjIlMkMlMjIyMTA2MTEyMiUyMiU1RCUyQyUyMmxvZWlkcyUyMiUzQSU1QiUyMjE1NjU0OTA1MSUyMiU1RCU3RCUyQyUyMmdvb2dsZV9sb2FkZXJfdXNlZCUyMiUzQSUyMmFhJTIyJTJDJTIyZ29vZ2xlX3JlYWN0aXZlX3RhZ19maXJzdCUyMiUzQWZhbHNlJTJDJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjk4MHgxMjAlMjIlMkMlMjJnb29nbGVfYWRfdW5pdF9rZXklMjIlM0ElMjIzODE3OTczMjg1JTIyJTJDJTIyZ29vZ2xlX2FkX2RvbV9maW5nZXJwcmludCUyMiUzQSUyMjgwNzA0ODM5NCUyMiU3RA==";
google_bpp = 7;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20171113 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#4 JavaScript::Write (size: 254, repeated: 1) - SHA256: bad3725f5b59315ad6aa443064be9dabfb7d38510e917efa748a78f97c72ee84

                                        < a href = '//www.liveinternet.ru/click'
target = _blank > < img src = '//counter.yadro.ru/hit?t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.2415701974107951'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?>A5B8B5;59 70 A53>4=O'
border = '0'
width = '88'
height = '15' > < /a>
                                    

#5 JavaScript::Write (size: 1283, repeated: 1) - SHA256: ec99ba546f76c73a4550b874c25c1e6f01d11ba6ecae3ac005ebfd7093780033

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&amp;output=html&amp;h=90&amp;slotname=5488537826&amp;adk=3230642478&amp;adf=807048394&amp;w=728&amp;lmt=1511886754&amp;loeid=156549051&amp;format=728x90&amp;url=http%3A%2F%2Fwww.t.ks.ua%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1511889394020&amp;bpp=25&amp;fdt=33&amp;idt=243&amp;shv=r20171113&amp;cbv=r20170110&amp;saldr=aa&amp;correlator=7097762824940&amp;frm=20&amp;ga_vid=1649675695.1511889393&amp;ga_sid=1511889394&amp;ga_hid=1773231262&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=75&amp;ady=280&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=156549041%2C21061122&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=269"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#6 JavaScript::Write (size: 1308, repeated: 1) - SHA256: 6dbe15cccf8660e5c78849b299a788a43ad92e2e77bfe44350079c8827a155b0

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "300"
height = "600"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&amp;output=html&amp;h=600&amp;slotname=3872203828&amp;adk=4137196353&amp;adf=807048394&amp;w=300&amp;lmt=1511886754&amp;loeid=156549051&amp;format=300x600&amp;url=http%3A%2F%2Fwww.t.ks.ua%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1511889394404&amp;bpp=23&amp;fdt=26&amp;idt=125&amp;shv=r20171113&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=728x90&amp;correlator=7097762824940&amp;frm=20&amp;ga_vid=1649675695.1511889393&amp;ga_sid=1511889394&amp;ga_hid=1773231262&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=787&amp;ady=397&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=156549041%2C21061122&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=149"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#7 JavaScript::Write (size: 1319, repeated: 1) - SHA256: d5817e636f4149eec3c93c0a459f2558552efa77ea2c9c58ade18d97f90e8cff

                                        < iframe id = "google_ads_frame3"
name = "google_ads_frame3"
width = "980"
height = "120"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&amp;output=html&amp;h=120&amp;slotname=9081132626&amp;adk=3817973285&amp;adf=807048394&amp;w=980&amp;lmt=1511886754&amp;loeid=156549051&amp;format=980x120&amp;url=http%3A%2F%2Fwww.t.ks.ua%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1511889394580&amp;bpp=7&amp;fdt=41&amp;idt=301&amp;shv=r20171113&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=728x90%2C300x600&amp;correlator=7097762824940&amp;frm=20&amp;ga_vid=1649675695.1511889393&amp;ga_sid=1511889394&amp;ga_hid=1773231262&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=75&amp;ady=3099&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=156549041%2C21061122&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cbr%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=3&amp;dtd=359"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#8 JavaScript::Write (size: 156, repeated: 1) - SHA256: 6075762c6bed1ff311a0ed07453553cbe2e930be5a350207ec43e3155c6e0e46

                                        < script charset = "windows-1251"
type = "text/javascript"
src = "//code.directadvert.ru/data/180807.js?nnn=180807&div=DIV_DA_180807&t=0.900573605386761" > < /script>
                                    

#9 JavaScript::Write (size: 146, repeated: 1) - SHA256: 3749bc977ce0d29c80fe57040d6f3b67667f249a105bb02dd829ad038bbc4f78

                                        < script type = "text/javascript"
language = "javascript"
src = "http://c.bigmir.net/?o1&v16917773&s16916894&t0&c1&n597276&w0&m10&y1&d24&r1176" > < /script>
                                    

#10 JavaScript::Write (size: 1074, repeated: 1) - SHA256: 3db5b52ce1ac3143f27d8122e48ba528fd89b021545e84e0296cdc4483227664

                                        < table cellpadding = "0"
cellspacing = "0"
border = "0"
style = "display:inline;margin-right:4px;" > < tr > < td > < div style = "font-family:Tahoma;font-size:10px;padding:0px;margin:0px;" > < div style = "width:7px;float:left;background:url('http://i.bigmir.net/cnt/samples/default/b57_left.gif');height:17px;padding-top:2px;background-repeat:no-repeat;" > < /div><div style="float:left;background:url('http:/ / i.bigmir.net / cnt / samples /
    default / b57_center.gif ');text-align:left;height:17px;padding-top:2px;background-repeat:repeat-x;"><a href="http://www.bigmir.net/"; target="_blank" style="color:#0000ab;text-decoration:none;">bigmir<span style="color:#ff0000;">)</span>net</a>&nbsp;&nbsp;<span style="color:#71b27e;">E8BK</span>&nbsp;<span style="color:#12351d;font:10px Tahoma;">26258</span>&nbsp;<span style="color:#71b27e;">E>ABK</span>&nbsp;<span style="color:#12351d;font:10px Tahoma;">0</span></div><div style="width:7px;float: left;background:url('
http: //i.bigmir.net/cnt/samples/default/b57_right.gif');height:17px;padding-top:2px;background-repeat:no-repeat;"></div></div></td></tr></table>
                                    


HTTP Transactions (227)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.198.13.114
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 28 Nov 2017 17:16:31 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Location: http://www.t.ks.ua/
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:31 GMT
Content-Length: 351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   351
Md5:    448a907a8e6f543b1627d50a06747662
Sha1:   104757f140256383bf27dd1be9deb5f16fe44698
Sha256: f3059bb28934c7b42b7a535077cc343c352f03c201fc8feb0d3f184cff8db170

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/css/css_T124PwYz2PqhOtWB-2KXncRkcnWvpFV2QDPro1jKr7U.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:40 GMT
Etag: "d8052b-132e-55c78c7c3a319"
Accept-Ranges: bytes
Content-Length: 4910
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   4910
Md5:    52be67c72e861f68b6082915777af3fe
Sha1:   928d022bf0369cb2ab9ea02b78707e12fdb2788a
Sha256: 6348fd72a6a17db4f01ad985239f35b6dddf924e6af1935f29ef78103e5d1a60
                                        
                                            GET /sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:10:49 GMT
Etag: "d80529-8a9-55c78c4ad4329"
Accept-Ranges: bytes
Content-Length: 2217
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2217
Md5:    33785a199ae1f6968734504d91ee9a06
Sha1:   f82e3f4afea96f4a89dfaf3389f467488acce16f
Sha256: 19b6b1c8b0ffd1d96b08e55f73d7ab8a26b7f5cce39ae784acf72b50aa92465c
                                        
                                            GET /sites/default/files/css/css_D1kNZNAV0VRO4HpuNaBfKt_aTmfuASnJElOwNxyUzVw.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:13:11 GMT
Etag: "d805ec-88a-55c78cd239549"
Accept-Ranges: bytes
Content-Length: 2186
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2186
Md5:    fb1eee88ae9d4b48b27386a18241d899
Sha1:   67f6b60e2ed96c9699df0863d2aca2c0314822d4
Sha256: 114a489c116c8d2456aa025c58d679ab5ec7b70b00689ddabf9e432937004d20
                                        
                                            GET /sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:41 GMT
Etag: "d8052f-19cc-55c78c7cfdc01"
Accept-Ranges: bytes
Content-Length: 6604
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   6604
Md5:    f50ca3ff45e6a988318c447b00c21c4e
Sha1:   0d53e70ebed354234d0cf122dceb6b71dd5d3e6d
Sha256: ab1f676c386238f5c8b642c63d515e2ac6daa6d332ff24ff16fa2674787709c9
                                        
                                            GET /sites/default/files/js/js_9PoCIpaBdXzAfwjeoO2ibi_TtEs6jMROpVOwk-_WIBw.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:41 GMT
Etag: "d8053b-3036-55c78c7d1ef41"
Accept-Ranges: bytes
Content-Length: 12342
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   12342
Md5:    322073ada821c625a2b58711d76ad25b
Sha1:   d26f0f45b0d2ca95d6ae1be627562f55473c1e13
Sha256: faf11c64ef5623f926563b61fc8b1d0f91c7dd9047581fc3548e3afc2dc40ac5

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/favicon_1.ico HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 14 Jul 2013 22:00:00 GMT
Etag: "d6224c-57e-4e17fdd7e9800"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    ab76eb1befabb2c908daba608f511daf
Sha1:   e1cff00c069532c3ed02790c164bd3eb9e5d012d
Sha256: 6dcd58e2922af5d20389654f39c382dbb65da8b4322325aa19286208601733f6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
X-Powered-By: PHP/5.4.28
X-Drupal-Cache: HIT
Etag: "1511886754-0"
Content-Language: ru
Cache-Control: public, max-age=3600
Last-Modified: Tue, 28 Nov 2017 16:32:34 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   102076
Md5:    56cbecc7e6d2deb9dfaf46d4f54326a1
Sha1:   bc76f1873f026b74239bf57ef3fd9a1be758a245
Sha256: 0433311ab1e46b241272d248afe038e16c2521d6c5212e530bcebdaac147fdf4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_URfWn4saN9E3ALH5gyoaI9cY8jCUptAbysGUaQcq4g8.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:13:11 GMT
Etag: "d805ee-5456-55c78cd2886e9"
Accept-Ranges: bytes
Content-Length: 21590
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   21590
Md5:    326789707be92c76077f58932f602ac7
Sha1:   45e98132993c53d30d8701c38c5604afe5b4f566
Sha256: a646380167822429028d21e42b27aac39abf9233c5da73b33c195e33a026fe82

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_1AMzlCDQxgGquc8G2iJdT1uuMI0-iSG_YUoWQaJNnf8.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:42 GMT
Etag: "d80562-45d6-55c78c7d6e4c9"
Accept-Ranges: bytes
Content-Length: 17878
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   17878
Md5:    5c5e691c0e04bc3a1a182fb31c9022a5
Sha1:   b8715e82e287e6930fbe69393acc4b223729c0cc
Sha256: e62e11eb92269ab4ae62932ca58a16da734695e98bfceaf97aeb13c4a3737bd7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_BAhqE0nsQns6shJD8cBPNaX58HANh3tzWfxSlYIKGGs.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:41 GMT
Etag: "d80533-9899-55c78c7d0ed71"
Accept-Ranges: bytes
Content-Length: 39065
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   39065
Md5:    96ae3c9ddc3ca204048b52869c56d2f6
Sha1:   0f30edb386138f7108dda1270bf871bf1da1d127
Sha256: 3fd16f81d83a3b2becaf4b8722ea32c8222ddc5ab732bacba7fd0c644796830d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /static/css/informer2/gs_informerClient.min.css HTTP/1.1 
Host: www.gismeteo.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         185.134.202.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: old=1; Expires=Wed, 28-Nov-18 17:16:31 GMT; Domain=.www.gismeteo.ru; Path=/static/css/informer2/; Secure
Last-Modified: Wed, 14 Dec 2016 11:09:57 GMT
Etag: W/"58512885-2746"
Expires: Tue, 05 Dec 2017 17:16:31 GMT
Cache-Control: max-age=604800
Server: gis
X-DC: nord.router-ru-nord01
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2188
Md5:    ab10d547256624f9f1f1cb92d293587b
Sha1:   11ca12c9a0b94d67c3590dd3721ea545caf49a34
Sha256: 5a8268f0c2acc958c06c90a04d1b02a6fc4f7bd1987cac2eca44176c42c1d45b
                                        
                                            GET /sites/all/themes/th/img/logotip.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 17 Aug 2013 22:00:00 GMT
Etag: "d60944-271d-4e42bd4195800"
Accept-Ranges: bytes
Content-Length: 10013
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 333 x 120, 8-bit/color RGB, non-interlaced
Size:   10013
Md5:    d1411fbdf9adc4cf7fcc3b8c37f722df
Sha1:   fdbc493d28fa3cf4ed0972e8a824beae76e41032
Sha256: 5c9b8e57919ca9bf4d5a01086816a3d09be502bf96dc7f7f2ada4b4124bcd013
                                        
                                            GET /sites/all/modules/vscc/images/black_arrow_left.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60824-14b-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 331
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 12 x 18, 8-bit/color RGBA, non-interlaced
Size:   331
Md5:    c0348f3a8f4cc0fc9a86dccff27487bf
Sha1:   c71e87aeac5afaac5df358c28fff2a6cc6caf4b2
Sha256: ffcbd92c85ec2c0918bebfb7c7b933cc6ba176d292ad6979441b0a556aa3a159
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
If-Modified-Since: Fri, 03 Oct 2014 00:48:42 GMT

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 28 Nov 2017 16:48:58 GMT
Expires: Tue, 28 Nov 2017 18:48:58 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14597
Age: 1653
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14597
Md5:    6199bd5ef36ff16dd8c35a2abdb5991c
Sha1:   beb16561dd55ab5896b230c5a116a5d819e86b34
Sha256: a3d61ef9e80a01a794fd7c2769720f2fd0e15d0458236e8e0edd411560171879
                                        
                                            GET /sites/all/modules/vscc/images/black_pause.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60828-af1-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 2801
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 11 x 11, 8-bit/color RGBA, non-interlaced
Size:   2801
Md5:    bc1a8a752061da501668dae73a7b0e36
Sha1:   f14f3bddfa0039888211585875a67c33905ce12f
Sha256: c8cbb1868d0be7d157b07987cf4e819723e3eaae6efee620a0bbb7bb690a6ab3
                                        
                                            GET /sites/all/modules/vscc/images/black_arrow_right.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60826-14a-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 330
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 12 x 18, 8-bit/color RGBA, non-interlaced
Size:   330
Md5:    c48fbd10e4f79fa601524134f9257db8
Sha1:   a46b5f2bbebaf3396d720ab15c0fbe226b4d6169
Sha256: 2c05625feca447bee046d07a76b09f55c2a960b31348b5da736a0cf8d4b3c883
                                        
                                            GET /sites/default/files/styles/front_slide/public/125829e3f182f72de31a001abca7084c_0.jpg?itok=pVgTqbNe HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 28 Nov 2017 05:39:20 GMT
Etag: "d98f6f-7219-55f0470c8873c"
Accept-Ranges: bytes
Content-Length: 29209
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   29209
Md5:    859f14769d81eb135813ce54d0c61a60
Sha1:   8274390ce52127ea123411bd93b4b0ae87d155e4
Sha256: 32f10cadc52e471e127fecea9ef7b04563d4a1258ea73de306f7e9988dc4b417

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /js/api/openapi.js?74 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         87.240.165.80
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:31 GMT
Last-Modified: Fri, 24 Nov 2017 11:38:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5a1804a1-15c16"
Expires: Sat, 02 Dec 2017 17:16:31 GMT
Cache-Control: max-age=345600
X-Frontend: front508120
Access-Control-Expose-Headers: X-Frontend
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   26331
Md5:    f14babc6c2c9c423f551d5051ac5cf8d
Sha1:   e93d1ecca2f19ca61596e2ff81a2e5c7f7f1e585
Sha256: 78951cc4b3d73fbe41018f46420eadc6ea98f972afaedb859dd9deb2abe5136b
                                        
                                            GET /sites/all/modules/advpoll/nodejs.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 06 Feb 2013 23:00:00 GMT
Etag: "d40d1e-0-4d5164924fc00"
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_slide/public/1595093.jpg?itok=NSfoB9BZ HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 23 Nov 2017 14:22:44 GMT
Etag: "d98e75-83d5-55ea72b6c511b"
Accept-Ranges: bytes
Content-Length: 33749
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   33749
Md5:    696dcb19ea22c1948cba04ec91ced9e4
Sha1:   dbf3fe60539680a81014409a9d3bb16831b24354
Sha256: cb54f0bdf784d5dad72b0edb88cfac06df618e7511e737576ed507c310662c8e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 28 Nov 2017 17:16:31 GMT
Expires: Tue, 28 Nov 2017 17:16:31 GMT
Cache-Control: private, max-age=3600
Etag: 12776485510455936688
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 25030
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   25030
Md5:    a423860ceb2c8c77d8ebc0c53c42b973
Sha1:   7b7356f04ba4343658bcab5c173e0d4c1d01422c
Sha256: c510ba492b6ceb2602fcea7296eaff8c3ab3166b7f4297ae68dbf13c54e5869f
                                        
                                            GET /sites/default/files/styles/front_left/public/1511787408_articleimage_132331.jpg?itok=pnsEQT8N HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 27 Nov 2017 14:36:26 GMT
Etag: "d98f46-2345-55ef7d3c09a6d"
Accept-Ranges: bytes
Content-Length: 9029
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   9029
Md5:    71629d9e4e94fb06a59d10f77cc85133
Sha1:   2dfbfab41e4f744ce9e38454b2732118c407a7a8
Sha256: ae4808c4bfdedceaa1d903261c7bf29fdbda92c644560dbc853307e742ec2863

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /js/api/openapi.js?71 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         87.240.165.80
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:31 GMT
Last-Modified: Fri, 24 Nov 2017 11:38:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5a1804a1-15c16"
Expires: Sat, 02 Dec 2017 17:16:31 GMT
Cache-Control: max-age=345600
X-Frontend: front508121
Access-Control-Expose-Headers: X-Frontend
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   26331
Md5:    f14babc6c2c9c423f551d5051ac5cf8d
Sha1:   e93d1ecca2f19ca61596e2ff81a2e5c7f7f1e585
Sha256: 78951cc4b3d73fbe41018f46420eadc6ea98f972afaedb859dd9deb2abe5136b
                                        
                                            GET /sites/default/files/styles/front_slide/public/1510236512_4.jpg?itok=KjoNYoaV HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 09 Nov 2017 14:49:53 GMT
Etag: "d98a81-93ef-55d8deab65775"
Accept-Ranges: bytes
Content-Length: 37871
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   37871
Md5:    b68c90fb0aab4d907b1daf20884a6d26
Sha1:   55daa36951df72b664ab92eae9716e2c74d7de4f
Sha256: 5762ef418435535ac6c1b7ab5334f0b62937dc6ab2a0801cf8f5acc3954e5169
                                        
                                            GET /sites/default/files/styles/front_slide/public/0b98f628-c4fa-49fb-be68-8fe8395f544b_w1023_r1_s.jpg?itok=yaWpuKlY HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 12 Nov 2017 23:09:12 GMT
Etag: "d98b56-71e6-55dd13dfb17b6"
Accept-Ranges: bytes
Content-Length: 29158
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   29158
Md5:    b518a458eca1e0e1757783b5b6ef4ca1
Sha1:   1d7c0c91a021acd7068a530d7a6614a8af9bf2f0
Sha256: 1bbc2aa6d9ed55536670a2bea2c9403d95c5285aca6823cdf3154aa966266a5c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/1511609772_marmaris.jpg?itok=ntOelbO4 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 26 Nov 2017 07:01:46 GMT
Etag: "d98f0a-3336-55edd5bf278bb"
Accept-Ranges: bytes
Content-Length: 13110
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   13110
Md5:    cf6a55531ac89bcd30b8e72e24e06907
Sha1:   6368ae3ea5bf0d748bbca4e0331b4ce36814f9c0
Sha256: fcc542af02186f544a5fcdd51497def8c1f1ccb2e07ab2bca766ec0931d0967e
                                        
                                            GET /sites/default/files/styles/front_slide/public/20112017_56.jpg?itok=h89iYrcT HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 21 Nov 2017 03:27:20 GMT
Etag: "d98da3-9330-55e75c7d6c545"
Accept-Ranges: bytes
Content-Length: 37680
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   37680
Md5:    f60dc3e74129e72bf52c3261cc8725c5
Sha1:   b96e025b401fdcc5940d8042a2db19764ccd4a25
Sha256: 04145cc9daaf37baef542726459766f9dd8f4565e1699d3d8f4cd54f9e243834

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_slide/public/331893.jpg?itok=XqnYZhzI HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 16 Nov 2017 16:43:35 GMT
Etag: "d98caf-8134-55e1c5239c018"
Accept-Ranges: bytes
Content-Length: 33076
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   33076
Md5:    926048c0e2d48cf0d80529b7646f46ec
Sha1:   1855284f0b5807340f1d234e0b9974976fe89abf
Sha256: 42bfbf303c38cb3ca3199c252d7aa51725ba213a58f5222a740d87bb5835fc51
                                        
                                            GET /sites/default/files/styles/front_left/public/712d98ec9f317fec74395872572e87e9.jpg?itok=q7Z-AzbF HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 24 Nov 2017 04:37:03 GMT
Etag: "d98eae-19cf-55eb31ab03c3c"
Accept-Ranges: bytes
Content-Length: 6607
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   6607
Md5:    2f3e5a818f1405097ed8c547edd20c7f
Sha1:   360e0e2ad12125911a1894094a2c12b19972b390
Sha256: 663fec7dc0632dc4612bd5a005d01411d78bab32b4d616652f432df96e73d402

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/fd8339ae272f2735ffc5fab3b5d30c37.jpg?itok=eFrXpAHU HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 23 Nov 2017 14:56:41 GMT
Etag: "d98e8b-12fd-55ea7a4d3f3d3"
Accept-Ranges: bytes
Content-Length: 4861
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   4861
Md5:    e5a0fd3fe82b71af9dce4da6af0f33b9
Sha1:   ad96b49e89d33cfcf74165438609cea1bbda55da
Sha256: 37897b727453ad466352dbcbc90dbd3795b4f5a190fa26dab170c18bbe98cca9

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/23755131_1891855347793307_5814540725566890625_n.jpg?itok=AD7SVDyq HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 23 Nov 2017 14:45:27 GMT
Etag: "d98e83-1faf-55ea77cab8aab"
Accept-Ranges: bytes
Content-Length: 8111
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   8111
Md5:    007965a179b16e7baf6cd05f2cde90ea
Sha1:   a1d063ec4a844b848a843e0b7a767eb56f61e5dc
Sha256: 34de0dfdb906cda48c90ba7a9ac022b35d8de42250d8c09095d20f538b6b8c5e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/1511358279_363c91afef630ca57b08bac9f7942b065a155769d7df8.jpg?itok=3dey3AGu HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 23 Nov 2017 05:14:53 GMT
Etag: "d98e43-1fdc-55e9f842672f5"
Accept-Ranges: bytes
Content-Length: 8156
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   8156
Md5:    f5dd6f0e50649591f9690b0d81ea23b3
Sha1:   a7dec5d5190bdf88e39cb8dca87d92247a511035
Sha256: 27a2fac4cfd384ace27f14c3af310c629c64820fc1cb61b6a3b9295213cdb18c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_slide/public/1509959209_23172519_810849769095365_5721020588415210687_n_0.jpg?itok=iUDD9-gf HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 06 Nov 2017 13:42:59 GMT
Etag: "d989a4-1130b-55d50a1fa1f30"
Accept-Ranges: bytes
Content-Length: 70411
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   70411
Md5:    e5d55a36d86c26b6db53b59abc8d1368
Sha1:   de406ac6138e9d026ba0bac8a7f5abaef85bb3d0
Sha256: 8890fe1caa8c4daf6c0f006e16ce423debedf7ec85c8d59056c51a2d680b4618

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/0987654.jpg?itok=ef814SwV HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 22 Nov 2017 13:56:03 GMT
Etag: "d98e20-2762-55e92ae1fbf95"
Accept-Ranges: bytes
Content-Length: 10082
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   10082
Md5:    997315abd47feb1a7af155e385f3e192
Sha1:   84d60cfc14a63d62b7e96f9b3f5d873551798abc
Sha256: 9f20f19b2896b65d5de3e061d04e96c6302f5c7e7b0b0ae71c845a0b749d8f6b
                                        
                                            GET /sites/default/files/styles/front_left/public/1510576096_1_0.jpg?itok=8z3KWiGj HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 22 Nov 2017 15:15:18 GMT
Etag: "d98e30-1a36-55e93c98e6b1c"
Accept-Ranges: bytes
Content-Length: 6710
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   6710
Md5:    abb89922058743ba384078f9c1aca7a0
Sha1:   e92db051d30e11b23b757940e176ea0617d4479c
Sha256: 2e8371f6be048926180180693087c3311f550b33992b1a4c79228ca94742f9cb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/45_248.jpg?itok=5d-DDRhO HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 20 Nov 2017 13:40:20 GMT
Etag: "d98d5c-1e6a-55e6a3a3f1261"
Accept-Ranges: bytes
Content-Length: 7786
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   7786
Md5:    a2ae04d9a30c63fee01c6c36e2083278
Sha1:   f814a386528e6802236fb961100364802dff5490
Sha256: b0c1d72fd74de28732b7f73fb84a13b3e533b2ccb1bef6d77e41c2433bb8c014

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/28112017_03.jpg?itok=ZP4RXsZI HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 28 Nov 2017 13:32:13 GMT
Etag: "d98f78-1459-55f0b0bf12c7b"
Accept-Ranges: bytes
Content-Length: 5209
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5209
Md5:    07d59448810495d4371a58d6bbf56de7
Sha1:   096ffde055af9f7115fc414521c84cd4a1f8bd21
Sha256: b540ea2a615fe497b408328e06dc46cd89b6c612f277c5539248225af36004d9
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/1511424580_1720491.jpg?itok=5A-9zZVJ HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 23 Nov 2017 15:09:45 GMT
Etag: "d98e8f-10c2-55ea7d38c728b"
Accept-Ranges: bytes
Content-Length: 4290
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   4290
Md5:    2f0c75cc1bd04dccd287b8527023eda8
Sha1:   28adee65070d3efb8232336f3c48cfe3af239a33
Sha256: 4c348afbb5ec949ad7adff21de242dd77ff0c60654d245030982b7baec5774ea

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/1-310.jpg?itok=31WNmZGK HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 28 Nov 2017 13:47:38 GMT
Etag: "d98f84-a60-55f0b43179ccb"
Accept-Ranges: bytes
Content-Length: 2656
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   2656
Md5:    18aeb4548a2978d12a284f22307ef1c0
Sha1:   43075617d7ff286f1c1a59743800243359792307
Sha256: 70f8abde793b739831340ae075b60cc33f1a9d7c9f671827be955ce40a580c09
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/60e74ec91f44356c323e07326cf85e8d.jpg?itok=BBzzvB_c HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 23 Nov 2017 14:07:03 GMT
Etag: "d98e5e-1435-55ea6f35aa9f3"
Accept-Ranges: bytes
Content-Length: 5173
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5173
Md5:    ea2b5b0103e106e0069fda99c29d83d6
Sha1:   3834563aa501dfaf6082b448ebc36cd8039c312f
Sha256: d6f38ae0c916459e3b5da5df4d15b5a112436f56676b3251a0ed53ff667e5fb1
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/y7TixWYEdss.jpg?itok=M9uCnHQl HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 05 Jan 2016 17:19:40 GMT
Etag: "d8e11c-2082-5289971624019"
Accept-Ranges: bytes
Content-Length: 8322
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   8322
Md5:    aee142f473630acba6afc9734fb2cd5b
Sha1:   a31fd95f9db4234387b7df88fb6b9bb90f302d07
Sha256: e9dd606efbc39ffa7acfd913d34ee563b74061c0e219f976e716a333470e04bd

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/GUrkWCzhq-k.jpg?itok=qCr8egjt HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 09 Nov 2015 00:10:15 GMT
Etag: "d8d1c5-13af-524106ae95e61"
Accept-Ranges: bytes
Content-Length: 5039
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5039
Md5:    c877ada99ea20ed999f197dcb11087ff
Sha1:   0081357b86cbdc320d38be22d23ccfe80c275b16
Sha256: 2171dde8facd62ebb45e4102ddea81d1d20cb8dfa364925641c82d2e842f3c6c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/O7xamIEbg2w.jpg?itok=a27RWyF2 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 25 Aug 2015 21:14:34 GMT
Etag: "d8be37-1c24-51e2938862d0d"
Accept-Ranges: bytes
Content-Length: 7204
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   7204
Md5:    0f35cc6511da5ffad1aadb315d370bfa
Sha1:   7d5c16c4c26eeb1dba35037b2d42d88ac627c04f
Sha256: 2ac94e93dcddc561c391b7f0832712a82d62c7ae802036027aee8f086f0068c1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/kA3yTM2wwzY.jpg?itok=H_-zGk5a HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 09 Nov 2015 00:06:41 GMT
Etag: "d8d1c4-1730-524105e26fef9"
Accept-Ranges: bytes
Content-Length: 5936
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5936
Md5:    b130fad3a54a0bf4001775eaa14d43cf
Sha1:   c94068aa8caf81f934558a07e3107166d91a18ff
Sha256: 2f9fca8509df0ba4a28606b724fedcfcc6c8a7b4b6fe7170ceb95f259a60ea17

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /img/t.gif HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:32 GMT
Content-Length: 43
Last-Modified: Thu, 10 Feb 2011 13:06:12 GMT
Connection: keep-alive
Etag: "4d53e2c4-2b"
Expires: Wed, 28 Nov 2018 17:16:32 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /js3.php?title=4&wind=2&cities=303027883,303024376,303010679&lang=ru HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
Expires: 0
Cache-Control: must-revalidate, post-check=0, pre-check=0
Pragma: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   637
Md5:    a4cf07fcb6c7ed2692e10120d106a778
Sha1:   3acf9d404273cef3e6b3f057a7e37b0f64a43c8a
Sha256: 698ffbb8c7ef09378f4f4d762db02ee2dc467ced84463da713129767e62f73f9
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_439.jpg?itok=SsVAbZZR HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 07 Dec 2016 00:57:12 GMT
Etag: "daa87a-67b-5430700541996"
Accept-Ranges: bytes
Content-Length: 1659
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1659
Md5:    7d4f0deff8cd9875c6559d60cc915222
Sha1:   a0d2a992b6963e5d8a3ad86d959340e46fd9cbf3
Sha256: 8b63238b3e135382da1c033c279c4a8be606b963704b4055d0d4ecf7aba118cc
                                        
                                            GET /sites/default/files/2015/300x300_vukyp.gif HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 09 Nov 2017 13:42:14 GMT
Etag: "de09be-cffb-55d8cf8cd5b26"
Accept-Ranges: bytes
Content-Length: 53243
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300
Size:   53243
Md5:    62061119f4132cb8b71368ea93a07f8c
Sha1:   d3a59772164df9df75666c85028e1d206af3cde0
Sha256: cd74f220408e5acd9c875e9ee296d67735f32dc1e6e91e35ac084c0a82fe87a6
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_397.jpg?itok=lrCZcDdP HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 10 May 2016 20:09:28 GMT
Etag: "da8deb-676-5328280a030eb"
Accept-Ranges: bytes
Content-Length: 1654
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1654
Md5:    9807bc41e5c5ba78b0aabb65fe5b284c
Sha1:   d0cf521855de1369e9a908fa7fb2a7bdf0e9f20b
Sha256: d1cb70a104b0f0ca1007def3ffb60f993b99e0fd80c394348c3d24c3b67598fc
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_384.jpg?itok=rHmrgmYp HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 21 Feb 2016 11:43:43 GMT
Etag: "da8397-6be-52c463a6f7c57"
Accept-Ranges: bytes
Content-Length: 1726
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1726
Md5:    c121d48393919b30f6e4e0b99dd8cd3e
Sha1:   852174b31929fcd6f7807415519ed5501bd78e04
Sha256: 6e6804197a3ed7a8529b7d1edce5a9bebaee0b6b54058d09aa4dc20e6cd2b111
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/44_91.jpg?itok=5v3cDyZp HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 29 Apr 2016 01:41:57 GMT
Etag: "da8c4e-68d-53195bf8b8a6d"
Accept-Ranges: bytes
Content-Length: 1677
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1677
Md5:    63b518f4db73bb0a016ac6e7d1d7a315
Sha1:   78a38c31e27947ef58c774075a465e4c0df1b5e3
Sha256: 8a2c43b0490173e30a81e61c67309544ac3b6f56044ad1b591b99f013effadd4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_380.jpg?itok=eaYUifhK HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 30 Jan 2016 15:10:11 GMT
Etag: "da80ec-5f6-52a8e8c4cb91e"
Accept-Ranges: bytes
Content-Length: 1526
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1526
Md5:    8e35171924dc330b3ca1fb5007cb7682
Sha1:   34b7b24bf0709145810b69b442c6c6138d9110d8
Sha256: 35b3221283722d0a2400fc65d96da4b3ffa9c9a20c4abf88c216cce72d273a6a
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_363.jpg?itok=EAV_tqYx HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Nov 2015 03:08:18 GMT
Etag: "da78b1-5dd-52554c51cb8ac"
Accept-Ranges: bytes
Content-Length: 1501
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1501
Md5:    533fbe4a2ac5429ec20314abcdc021f0
Sha1:   0c09fdc2616df9f1e6887f47f3e1c67ccbb92238
Sha256: 7d91e88491d65ab9564b725289be8b57c6a1b557676fbb16a43fd545d315743e
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/011_1.jpg?itok=Ma1WPhhR HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 18 Oct 2015 05:49:29 GMT
Etag: "da72ba-662-5225a97a2796a"
Accept-Ranges: bytes
Content-Length: 1634
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1634
Md5:    05b68bc0e30c06fdcaa712899fc2d086
Sha1:   9ea421b22575d3f0c48ba3fae02a8f52d3d0f082
Sha256: d7672a8caa7807739b616d5d617d61be4b201326b612b64926150163380e93b4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_345.jpg?itok=ItuSu6o2 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 20 Sep 2015 22:57:56 GMT
Etag: "da6ee7-6bf-52035b215ea2a"
Accept-Ranges: bytes
Content-Length: 1727
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1727
Md5:    f94cdc552fcae558550566dbdbf2afee
Sha1:   ac6d3f3bdaef8a7eafba8db070de45b1b14bda02
Sha256: 431283f5a411ce4c2045eb0b6a3c7ea2f13b38c05db2b7236bf1d7c014d88f55
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_397.jpg?itok=bN6P_0Q7 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 10 May 2016 20:09:28 GMT
Etag: "da8dec-3e86-5328280a0d4fb"
Accept-Ranges: bytes
Content-Length: 16006
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   16006
Md5:    3745fbad7a10dbea17658005f40abd02
Sha1:   1c6d6bfa34e08bc6f6229c41e478110bd1062bca
Sha256: 376db00b6213492fac0d3e34ff7c474865bff42fbba8570064ff309390467142

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_439.jpg?itok=41UoVq5G HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 07 Dec 2016 00:57:12 GMT
Etag: "daa87b-3fc8-5430700555dce"
Accept-Ranges: bytes
Content-Length: 16328
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   16328
Md5:    e98b36df9a6b41c55ba5da1a6ab0eda3
Sha1:   365b2212d942b9bebb0ef0dd3d6e3f18d62a2706
Sha256: 12e479e89f0d51df38bf8b853a64f82abc7585f87ad472a17e4d05eade363e35

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_384.jpg?itok=VFAvPWqG HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 21 Feb 2016 11:43:43 GMT
Etag: "da8396-300c-52c463a6eebcf"
Accept-Ranges: bytes
Content-Length: 12300
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   12300
Md5:    0a8cd933f43ee09be862e080560864d5
Sha1:   3a340777e5d310039e7a3bc15a8fc512149d186e
Sha256: f56310dd7ae9aa7d6f5682c9f6408364542823d22bce884ec3005db1432b876c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_380.jpg?itok=Pqdpuu3d HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 30 Jan 2016 15:10:11 GMT
Etag: "da80ed-2a22-52a8e8c581f16"
Accept-Ranges: bytes
Content-Length: 10786
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   10786
Md5:    166722d70a863108dfe5314bff3a2f9a
Sha1:   7094df10a430017c7eaf384bc80268ffdc95a099
Sha256: c3b9260854b0831bf9eff2f3ac18c1f452dfba5521479fe77e5305e768c54923

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /show.cgi?adp=180807&div=DIV_DA_180807 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru nid=w6EQhFodme8BkBPRGeyhAg==; expires=Wed, 28-Nov-18 17:16:31 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   663
Md5:    aae31d05ea1a54928916a1c672c8ca21
Sha1:   d42469422e1a423d791bb83b4d5c8a1fb0554b4e
Sha256: dff5d5e0c84ce4f10f04d998ccce4b5741a0443995ec7c9bb39776fd27b880fd
                                        
                                            GET /show.cgi?adp=180809&div=DIV_DA_180809 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru nid=w6EQhFodme8DuxPVIlmEAg==; expires=Wed, 28-Nov-18 17:16:31 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   661
Md5:    46de21941d1aabd569d0ffb879f284bb
Sha1:   2af49b5bd81ed31deb2c212db6f212c6d3924841
Sha256: 842650eedfc671c31ecf9bfb3c3638432082514adf5f6fe6f1902fa08ad2ce10
                                        
                                            GET /show.cgi?adp=181195&div=DIV_DA_181195 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru nid=w6EQhFodme8BcBPQGArHAg==; expires=Wed, 28-Nov-18 17:16:31 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   663
Md5:    fcf8a4dd27c59581cab644d06b8e57bf
Sha1:   65431dec61ef09a4e9ee426f8f76ce57a825737d
Sha256: 26d40456a496567ef007a491ecf5fc3a83bb021bfe24861fd9a055f3b8d7fad2
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/44_91.jpg?itok=f_Z5S3oH HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 29 Apr 2016 01:41:57 GMT
Etag: "da8c4c-2eb0-53195bf8b3095"
Accept-Ranges: bytes
Content-Length: 11952
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   11952
Md5:    7f4c6dd519854c8a7d2d1d3841c6c845
Sha1:   b5185e63b961de942199b382feac3e4ef038acc8
Sha256: ba508af3e7ed1aa8df99046b3737595f165e13650e75fa053744e50b637daefb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /show.cgi?adp=181076&div=DIV_DA_181076 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru nid=w6EQhFodme8DuxPVIlmHAg==; expires=Wed, 28-Nov-18 17:16:31 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   663
Md5:    ea79e1122ebcad362c1ebec8b3d86b36
Sha1:   3af21576fcd377f9ecf3c848cf27bb0242e3cf73
Sha256: 11292e1ff4fee1f093e64c560660c2f6239c1e60b955244e7cfdabafed311d5f
                                        
                                            GET /show.cgi?adp=181074&div=DIV_DA_181074 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru nid=w6EQhFodme8DuxPVIlmGAg==; expires=Wed, 28-Nov-18 17:16:31 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   662
Md5:    62ccac2e329657262552a375571bbaa6
Sha1:   3cb00d84af19b5d4bf5e6fee23ede2926fd9ab96
Sha256: 477b56d28fa8314aa39b0a8431a65b13e65d9b47d7b88c3e1f271dacb9cac7f9
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_363.jpg?itok=UheByNC3 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Nov 2015 03:08:18 GMT
Etag: "da78b2-283c-52554c51d54ec"
Accept-Ranges: bytes
Content-Length: 10300
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   10300
Md5:    f4e7e55b7ae9aeac986dcb1f3c474194
Sha1:   7e7aaac51d81889558b786324ef8202b3ae0cd72
Sha256: e3a958c2b8646b2e7e9b641c041e0c7937fd3c91bf07f9617b701044819ecc7b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/011_1.jpg?itok=A6e1k4Al HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 18 Oct 2015 05:49:30 GMT
Etag: "da72bb-3ec3-5225a97a9b112"
Accept-Ranges: bytes
Content-Length: 16067
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   16067
Md5:    2a74dc26d117b0facea9ffb5d5a97ebb
Sha1:   6cb9eb23aa8cfd5ff526b4071672d2cc4626a68d
Sha256: 00d3a69dc19dd35810d1ebd7ae7190cacedeb7eeddbbf4ba15d963a8d7d5c9a0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/themes/th/img/footer-logo.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60940-1c26-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 7206
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 217 x 70, 8-bit/color RGBA, non-interlaced
Size:   7206
Md5:    51f4dd092f2980673fd64744b3906d24
Sha1:   09b9a464d63ff9ce9a631bdbc8248d5c0f270aeb
Sha256: b1625e8390ccfdeffcb799b1da43065bae55f34d6eb40fb91d9a1c1e0e828fe7
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_345.jpg?itok=zTeCNjNj HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 20 Sep 2015 22:57:56 GMT
Etag: "da6eea-3475-52035b217bb02"
Accept-Ranges: bytes
Content-Length: 13429
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:33 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   13429
Md5:    dee39d4c9aaa4800ba55fa292c93e28c
Sha1:   ca151e04d4c58327dc8c5f98be616e25fd6f73ca
Sha256: e838976981dfcc478f3e1f2b9c57cfdc047426d94a2b4a819da5079f5cf8f267

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /show.cgi?adp=221528&div=DIV_DA_221528 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:31 GMT; path=/; domain=directadvert.ru nid=w6EQhFodme8BkBPRGeylAg==; expires=Wed, 28-Nov-18 17:16:31 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   663
Md5:    70980e0ee12a6200c66c2dfab509191e
Sha1:   455b46213c1a48b5fc8a3a2c589a4217de139484
Sha256: 19181fc21892828851adf8914542190bf0e450752a2ab03df0581fb188df9a4b
                                        
                                            GET /r/collect?v=1&_v=j66&aip=1&a=1773231262&t=pageview&_s=1&dl=http%3A%2F%2Fwww.t.ks.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%81%D0%BE%D0%B1%D1%8B%D1%82%D0%B8%D1%8F%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B0%20%7C%20%D0%A2%D0%B8%D0%BF%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=YEBAAEQ~&jid=1104501689&gjid=1614737372&cid=1649675695.1511889393&tid=UA-367178-54&_gid=892045596.1511889393&_r=1&z=1433430384 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 28 Nov 2017 17:16:32 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /sites/default/files/2015/image001.gif HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 28 Nov 2017 17:16:32 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 09 Nov 2017 13:40:34 GMT
Etag: "de09bd-3378e-55d8cf2d19e26"
Accept-Ranges: bytes
Content-Length: 210830
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:32 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300
Size:   210830
Md5:    c226eb1f08c21c30a7e81431953fb8f1
Sha1:   176e545bcf566f1506a759f4ff200583380a0e56
Sha256: e479261a8274438176e1a2c51e80a88fa1f63659875bb96fe6473a3b435359ba
                                        
                                            GET /ru_RU/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 9e142566cdd3ad50a3c57fff0d76385c
Etag: "b6b3f5245dd9ffdb393adeff1d5bf57a"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-XSS-Protection: 0
Timing-Allow-Origin: *
X-Frame-Options: DENY
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
Expires: Tue, 28 Nov 2017 17:17:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: yKETNoQx/ZhmFoUfPAjKNA==
X-FB-Debug: L5aQc0tgz7QXY0KgXbO8VHSQe1s2j7CLN++7HHbDPSHpUTj2JnjqwBkvKcc8oH9nAOUy0q8ZnzIKH2MbeidN4w==
Date: Tue, 28 Nov 2017 17:16:33 GMT
Connection: keep-alive
Content-Length: 64348


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   64348
Md5:    c8a113368431fd986616851f3c08ca34
Sha1:   adac05cc33d3660a26828c979a699143a21c8140
Sha256: 8e6a81c049566b8b9bd1cf7a9189432e3fc709975f82f53236eadc873f4dc967
                                        
                                            GET /show.cgi?adp=181068&div=DIV_DA_181068 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 05-Dec-2017 17:16:32 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 05-Dec-2017 17:16:32 GMT; path=/; domain=directadvert.ru nid=w6EQhFodmfAC2BPUHVHLAg==; expires=Wed, 28-Nov-18 17:16:32 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   665
Md5:    82c6d4570384c9a9bf249f3da0d896f4
Sha1:   4bcd20d148fe73d34767cf93ced9f3a7249507b4
Sha256: b8bfd5f4a872a48f6824c9e0b1099c4b45804576f189a2e6a6c1430d953bb253
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 28 Nov 2017 17:16:33 GMT
Etag: "5a1d2edb-1d7"
Expires: Thu, 30 Nov 2017 17:16:33 GMT
Last-Modified: Tue, 28 Nov 2017 09:39:39 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    85a73f4e1981299072d45c193832c2b6
Sha1:   7959062cad32756f9c92ac9f4e5a0e75df9c47d8
Sha256: 97e42b99900005e12348fc6fb58ae2b4510ce7d0272eaa1afdfe9dc17031eade
                                        
                                            GET /sites/all/themes/th/img/main-left-shad.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60945-5bf-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1471
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 15 x 130, 8-bit/color RGBA, non-interlaced
Size:   1471
Md5:    6505411acfbc2c3fe1ada0c8acd44d53
Sha1:   a724a45dfd3ae74d66ca5e573104d5d69403ba89
Sha256: b3b26e980e53bf3cf9f39c82499895655be04e1ed6878df061b9ee2798cda6fb
                                        
                                            GET /sites/all/themes/th/img/main-right-shad.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60946-5b6-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1462
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 15 x 130, 8-bit/color RGBA, non-interlaced
Size:   1462
Md5:    68453c65d070bb772ba3c738f8efb0b4
Sha1:   b50e8bba08041a6c60c79518cce3a57143402d84
Sha256: b03a1047c66dc91f3f70763444c4d3f9e1f557a921227973c717fd04a0bd53ca
                                        
                                            GET /sites/all/themes/th/img/probki.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60959-1077-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 4215
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 39 x 38, 8-bit/color RGBA, non-interlaced
Size:   4215
Md5:    7ae2735af7c39ede39f48c0468f91884
Sha1:   0d82fc3b19601f5b426abeedd18c1946176c198b
Sha256: 947ca0f88f43f687ca85ad8d1501106bbe5f57231030860a623426c452cc3345
                                        
                                            GET /sites/all/themes/th/img/face.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d6093f-425-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1061
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 36 x 37, 8-bit/color RGBA, non-interlaced
Size:   1061
Md5:    00d3de0fc43824d0e9720be2b8b49bec
Sha1:   5937ffd81f6bcd2b33a7c4c31831981161e02e40
Sha256: e057baed453831c4bd7defeec717638c716d33d737f8098e6221bcf940fa14a0
                                        
                                            GET /sites/all/themes/th/img/vk.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 29 Dec 2014 10:29:31 GMT
Etag: "d60969-eb5-50b58598f9c39"
Accept-Ranges: bytes
Content-Length: 3765
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 36 x 37, 8-bit/color RGBA, non-interlaced
Size:   3765
Md5:    71e816ff87b90f101486ec8048327bdf
Sha1:   1a592dc6e43c3b81e00779691b3f879439af15ac
Sha256: 27adb05fc944d50891d76cb0dab7fda9d7bcb66ab255d0e8bb256c7b001b58ad
                                        
                                            GET /sites/all/themes/th/img/odnoklas.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 29 Dec 2014 10:17:48 GMT
Etag: "d63c59-84c-50b582fadafb9"
Accept-Ranges: bytes
Content-Length: 2124
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 36 x 37, 8-bit/color RGBA, non-interlaced
Size:   2124
Md5:    d83f1191b0c27230c9f1e25ea47ce805
Sha1:   34ed489e84f1d3d568210322fcff25c9022e2428
Sha256: fe14709dc74d872c8d88ba7c50f269bdbf332c5dad3dc1fc42f3d4650b87266f
                                        
                                            GET /sites/all/themes/th/img/rssnews.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 17 Aug 2013 22:00:00 GMT
Etag: "d6095c-b32-4e42bd4195800"
Accept-Ranges: bytes
Content-Length: 2866
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 37 x 37, 8-bit/color RGBA, non-interlaced
Size:   2866
Md5:    52131d473b917a6a8b4d5418f64542cc
Sha1:   7e9c146791473694c068f24102bbf8af16f96d05
Sha256: 1c30400c5452045392ba04abfc8e81d6f953d9644931573ea47fdf5ad30208ad
                                        
                                            GET /sites/all/themes/th/img/tochka.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60960-40c-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1036
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 4 x 4, 8-bit/color RGBA, non-interlaced
Size:   1036
Md5:    1c5f555c20c23726fa596fdc0689f819
Sha1:   36aa1bad69abf25c29cc09c1849d0b165e17de5e
Sha256: bf287eb93845fd7f4d5cf252d74b9e1d17e6972d788985fdf07b2abebb24e3a7
                                        
                                            GET /sites/all/themes/th/img/topmenu-bg.jpg HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60963-6dd-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1757
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   1757
Md5:    a81889ef26fd5386b5f4583b16b51db7
Sha1:   e9288eb9597ef6e300b3d4e99a3d0edd98404704
Sha256: 00f3a02f4c79111cafa881fb62511e5a0e1d680c62dc8a3825ede71db82b74d2
                                        
                                            GET /sites/all/themes/th/img/searcsubmit.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d6095d-4f7-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1271
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 29 x 28, 8-bit/color RGB, non-interlaced
Size:   1271
Md5:    2da385f7e28cde768f9c3b74cc75e15f
Sha1:   259e9c2f9df792466bb3d8d410627c3fff610d86
Sha256: b88abf722571d5f7cb117ee6c53c62021e4246e83332294bfb779f0b28af5420
                                        
                                            GET /sites/all/themes/th/img/topmenu-li.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60965-430-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1072
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 1 x 32, 8-bit/color RGBA, non-interlaced
Size:   1072
Md5:    515834eeb7076f16b0019739aec5ad73
Sha1:   8d834f66e334f04c717a1153545ad7e2f486dd62
Sha256: eb1e60c08ba2778150714534c8316aeeb18f854a4d7a7233af4250a35d410aac
                                        
                                            GET /sites/all/themes/th/fonts/ArialNarrowRegular/ArialNarrowRegular.woff HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 30 Dec 2014 22:53:52 GMT
Etag: "dc249f-10888-50b76dd6b215e"
Accept-Ranges: bytes
Content-Length: 67720
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   67720
Md5:    4f778e0e643bc0192e8af66c1f952621
Sha1:   baa8d826d28a9724cff0c12060b6e415ee39d8b2
Sha256: c2bcd72da59138ee5adf1c88652d15550cb50edd12913cdad5e15ae448579a8b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 28 Nov 2017 17:16:33 GMT
Etag: "5a1d5382-1d7"
Expires: Thu, 30 Nov 2017 17:16:33 GMT
Last-Modified: Tue, 28 Nov 2017 12:16:02 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0e6ae835091445313e817f62a615853c
Sha1:   4983bb13e7af5bba22d39a6958cdee76f512f80d
Sha256: d95408ac5f289386219a741fc672cc7e40402167c880968f460782ac0818ca50
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Expires: Sat, 02 Dec 2017 17:16:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    2e9eb05918c9ee26da00daa735bf705e
Sha1:   fc5122a34500a8d5cf8128ba65335fee39880b3a
Sha256: 23c2f14f45bd912e07e16ee0e8e50c5ec65a7282ea00eda4c262958b6e34f170
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Expires: Sat, 02 Dec 2017 17:16:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:33 GMT
Expires: Sat, 02 Dec 2017 17:16:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c56f103559fb171b36c1acfeff36c019
Sha1:   4cf6a997b8bda2fe57519ae99edf9c54e10c138c
Sha256: 88aa119504015af2cd1cd44b0753bfb79adbb1eb3fffdf10ba6d6a23f1b7798b
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=540640, public, no-transform, must-revalidate
Last-Modified: Mon, 27 Nov 2017 23:23:24 GMT
Expires: Mon, 4 Dec 2017 23:23:24 GMT
Date: Tue, 28 Nov 2017 17:16:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    7737d4262461890127770c12fd0c6110
Sha1:   9d26b26c72e7be81263075fefc06160096c0c5f7
Sha256: 078c3d323b3b64d0aa265e14329d3d1948a3fa0fdb47e29f6f4b6eac4e2c13d9
                                        
                                            GET /common/scribe_endpoint.php?c=jssdk_error&m=%7B%22error%22%3A%22LOAD%22%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%22120%22%2C%22script%22%3A%22http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%22%2C%22stack%22%3A%22a(%5Bobject%20Object%5D%2C(function%20(e%2C%20f)%20%7Bif%20(Object.prototype.hasOwnProperty.call(c%2C%20e))%20%7Breturn%20c%5Be%5D%3B%7Dif%20(!Object.prototype.hasOwnProperty.call(b%2C%20e))%20%7Bif%20(f)%20%7Breturn%20null%3B%7Dthrow%20new%20Error(%22Module%20%22%20%2B%20e%20%2B%20%22%20has%20not%20been%20defined%22)%3B%7Dvar%20g%20%3D%20b%5Be%5D%2C%20h%20%3D%20g.deps%2C%20i%20%3D%20g.factory.length%2C%20j%2C%20k%20%3D%20%5B%5D%3Bfor%20(var%20l%20%3D%200%3B%20l%20%3C%20i%3B%20l%2B%2B)%20%7Bswitch%20(h%5Bl%5D)%20%7Bcase%20%22module%22%3Aj%20%3D%20g%3Bbreak%3Bcase%20%22exports%22%3Aj%20%3D%20g.exports%3Bbreak%3Bcase%20%22global%22%3Aj%20%3D%20a%3Bbreak%3Bcase%20%22require%22%3Aj%20%3D%20require%3Bbreak%3Bcase%20%22requireDynamic%22%3Aj%20%3D%20null%3Bbreak%3Bcase%20%22requireLazy%22%3Aj%20%3D%20null%3Bbreak%3Bdefault%3Aj%20%3D%20require.call(null%2C%20h%5Bl%5D)%3B%7Dk.push(j)%3B%7Dg.factory.apply(a%2C%20k)%3Bc%5Be%5D%20%3D%20g.exports%3Breturn%20g.exports%3B%7D)%2Cnull%2Cnull%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A120%0A(%22GraphBatchConstants%22)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A24%0A(%22ChunkedRequest%22)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A24%0A(%22ApiClient%22)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A24%0A(%22sdk.api%22)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A24%0A(%22legacy%3Afb.api%22)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A24%0A(%22legacy%3Afb.api%22%2C%5Bobject%20Array%5D%2Ca%2C3)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A24%0A()%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A127%0A(%5Bobject%20XPCCrossOriginWrapper%5D%2C%5Bobject%20XPCCrossOriginWrapper%5D)%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A191%0A%40http%3A%2F%2Fconnect.facebook.net%2Fru_RU%2Fall.js%23xfbml%3D1%26appId%3D27928787079%3A191%0A%22%2C%22revision%22%3A%223482146%22%2C%22namespace%22%3A%22FB%22%2C%22message%22%3A%22Object.freeze%20is%20not%20a%20function%22%7D%7D HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.36
HTTP/1.1 200 OK
Content-Type: image/png
                                        
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Frame-Options: DENY
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.facebook.com
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Pragma: no-cache
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: OPTIONS
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Content-Encoding: gzip
X-FB-Debug: 47ge7sxQN0rhPkF61YDe6vNxMGVPM2DegXAOoUSmppIpADXsNw0knBe3M0wlhiivfGgKA9NCXKm8GLIR58NpOw==
Date: Tue, 28 Nov 2017 17:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   89
Md5:    f95c92e80e3cdd0590860ea9166aa1a0
Sha1:   a4e043184f1adb92ee36303d3ddea3ceb205d4c3
Sha256: 2fd64089d372311187f83b43732a1336d92374f503fbfffd8ced1f2d38c51bb6
                                        
                                            GET /adsid/integrator.js?domain=www.t.ks.ua HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /adsid/integrator.js?domain=www.t.ks.ua HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /pagead/js/r20171113/r20170110/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 28 Nov 2017 17:16:34 GMT
Expires: Tue, 28 Nov 2017 17:16:34 GMT
Cache-Control: private, max-age=1209600
Etag: 9903024058478159295
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67605
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67605
Md5:    5d1d8e54568dda8a25c5f5eb9989d1c5
Sha1:   0ec0ecee99d71ab7a201308da1f51348e55e4a4b
Sha256: 551fccc36f19585daa10eb882367ecedee6b09f04629a46d9997dd0389053bb7
                                        
                                            GET /sites/all/themes/th/img/bullets.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 18 Mar 2014 03:42:00 GMT
Etag: "d60939-11f-4f4d9518b3200"
Accept-Ranges: bytes
Content-Length: 287
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:34 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 11 x 22, 8-bit/color RGBA, non-interlaced
Size:   287
Md5:    5b3fb19576e7c2aa6f22d0a896409ad1
Sha1:   f377ebdcad597e0eea81e0efa12be2ac00753c4f
Sha256: 908a0d9ffee148e5a49f4142c450551a84d833d390054da49bf5d9994fe71edb
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Expires: Sat, 02 Dec 2017 17:16:34 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    9aedf4d282a8efb312ed77f59a3e1b69
Sha1:   b8e1615a4abd7be6cf837862bd35a55b58db7387
Sha256: 2c93f89a03a3f1cfc5eda00d214b50ae7501e1a4f48d4b4a070527b360d3abf3
                                        
                                            GET /sites/all/themes/th/img/opros-bg.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d6094b-3f4-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1012
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:35 GMT
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 1 x 1, 8-bit/color RGBA, non-interlaced
Size:   1012
Md5:    31b29f522cc8bcd24fc3b2a53df04189
Sha1:   ce9aaff1d2edc23aeae85254619f6f2c27fe862b
Sha256: 13befa2f33acefd58d15c4dd1762f8122e470a161a3eab28edf6978ee2352f56
                                        
                                            GET /pub-config/r20160913/ca-pub-3410491531423553.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Tue, 28 Nov 2017 10:48:32 GMT
Expires: Tue, 28 Nov 2017 22:48:32 GMT
Last-Modified: Mon, 27 Nov 2017 21:59:27 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=43200
Age: 23282
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /css/informers.css?v=3 HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:34 GMT
Last-Modified: Tue, 16 Sep 2014 12:54:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5418331c-3c0f"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2029
Md5:    e9d0434d93a0fa1cb2d670b94dbd51fb
Sha1:   6ee9341c94843cdf31f0628e2a9403f48852bf75
Sha256: 34508d32021ed73e4095f664eba15db2d58f10d9d4fe4af2f2daf32eaff0a4cb
                                        
                                            GET /sites/all/themes/th/img/bottom-bg.jpg HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1; b=b

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60938-664-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1636
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:35 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   1636
Md5:    338afdd662eea536b450918c1b1d36a0
Sha1:   1838216e07e8885c1fc5b1ed46643fa67e2dde5c
Sha256: 569dc2c59277c648031d7cc1355b436d6a97002cd7fe809681fa6c09bc23ee5a
                                        
                                            GET /informer/inf2?color=blue&rnd=1511889394564 HTTP/1.1 
Host: kurs.com.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         104.20.191.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 28 Nov 2017 17:16:34 GMT
Content-Length: 185
Connection: keep-alive
Set-Cookie: __cfduid=d24429e6c1287fb5f36f95ffc30a5d96f1511889394; expires=Wed, 28-Nov-18 17:16:34 GMT; path=/; domain=.kurs.com.ua; HttpOnly
Location: https://kurs.com.ua/informer/inf2?color=blue&rnd=1511889394564
Expires: Thu, 28 Dec 2017 17:16:35 GMT
Cache-Control: max-age=2592000
Server: cloudflare-nginx
CF-RAY: 3c4ef9ccc7aa4261-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   185
Md5:    6e7f8aa3bd099765db3fb3b2084fc77d
Sha1:   0993ec635e68bc34d29f6af4c63c08df0a8a06f4
Sha256: 101948f8635e8dffee80941a9c4d1e34c9beaac9b95920086c79d72c82afbae1
                                        
                                            GET /sites/all/themes/th/fonts/ArialNarrowBold/ArialNarrowBold.woff HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1649675695.1511889393; _gid=GA1.3.892045596.1511889393; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 30 Dec 2014 22:53:49 GMT
Etag: "dc2341-10624-50b76dd457ca6"
Accept-Ranges: bytes
Content-Length: 67108
Cache-Control: max-age=1209600
Expires: Tue, 12 Dec 2017 17:16:35 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   67108
Md5:    e5403ddbc708fc3c4bad6b93ff23b5f3
Sha1:   d65b86a0408a0657c0b882fda916d46c737b9cf5
Sha256: ce3f68519605dc553a385f4b5feccce75768e72baa7c3f29a1f1efbec7c32f55

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /?o1&v16917773&s16916894&t0&c1&n597276&w0&m10&y1&d24&r1176 HTTP/1.1 
Host: c.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.68.8
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   134
Md5:    0383e85b11eb037264822d32cf34f5b6
Sha1:   2b35431396f84b9eb751fc837dcad3e35c31a6ab
Sha256: 51addfc13d18fc1098bb917f9ff0860136d2da8c28a40a22aabd6f33b0ecdbc2
                                        
                                            GET /img/logo-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 2444
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-98c"
Expires: Wed, 28 Nov 2018 17:16:35 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 93 x 23, 8-bit/color RGBA, non-interlaced
Size:   2444
Md5:    577f2a97826cc211955c5c80b7c17998
Sha1:   7fb4510abd846ff8b2c57006f544d775f8d1a01f
Sha256: 812b13056e0a955622e120865d2231dc2933ca37bb8aac942279cc41ec1d1d27
                                        
                                            GET /img/frc-t1.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 168
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-a8"
Expires: Wed, 28 Nov 2018 17:16:35 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 4, 8-bit/color RGBA, non-interlaced
Size:   168
Md5:    18edee194d93a00d95ab1e697671bfe2
Sha1:   acacc80a65b7cc2003253302a68114c8aad447d1
Sha256: 07531f638ff8480af382b964ee68d940250303fc0651aa31ae0670e43fb434b6
                                        
                                            GET /pagead/js/r20171113/r20170110/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 28 Nov 2017 07:22:20 GMT
Expires: Tue, 12 Dec 2017 07:22:20 GMT
Etag: 14067721879039205164
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 29589
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 35655
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29589
Md5:    69abc46630003f406aa4005a9068ad9f
Sha1:   14f8ddf583e85276427104367c695dbcf107de42
Sha256: dd2f65553870c2f94bc64698cbf7c63583bb8c2bdb3fb9e0a7fb64255508b735
                                        
                                            GET /img/flc-t1.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 167
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-a7"
Expires: Wed, 28 Nov 2018 17:16:35 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 4, 8-bit/color RGBA, non-interlaced
Size:   167
Md5:    e79184fb5501a6fe9a4ddf041e867a3f
Sha1:   b6b7c6f5b06e72916f846f8189f283b3978a31ac
Sha256: 0ce777967d0e103cfcc1c12282103c3a7502400ad2fe769a866a2e2158956a2f
                                        
                                            GET /img/term-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 454
Last-Modified: Tue, 08 Feb 2011 14:13:40 GMT
Connection: keep-alive
Etag: "4d514f94-1c6"
Expires: Wed, 28 Nov 2018 17:16:35 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 11 x 31, 8-bit colormap, non-interlaced
Size:   454
Md5:    7666b938fe0a65a30e8286c8058c3743
Sha1:   b90cea78a2ee5b019103fa2533043a24d3379913
Sha256: 79d7fe2f02f73e59b3ddd141a186e815624fb6a844196c57081268c2d0758266
                                        
                                            GET /img/s-informers-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 36708
Last-Modified: Tue, 08 Feb 2011 14:13:40 GMT
Connection: keep-alive
Etag: "4d514f94-8f64"
Expires: Wed, 28 Nov 2018 17:16:35 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 387 x 324, 8-bit colormap, non-interlaced
Size:   36708
Md5:    e38f8e70a77d7ea204803c4984b5eb52
Sha1:   dfcaff384de0ebd18144bd0210d326da42c064c7
Sha256: 5f8a60a18e784c16174ab8616abd0a28fde829f0abb2362f9a917210b25033c5
                                        
                                            GET /img/hlc-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 181
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-b5"
Expires: Wed, 28 Nov 2018 17:16:35 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 23, 8-bit/color RGBA, non-interlaced
Size:   181
Md5:    8cfbaf9b79a228a1fd79e023ce43fadd
Sha1:   deeac840fbe37d4602c0166a83e25c8fa008276e
Sha256: c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
                                        
                                            GET /pagead/html/r20171113/r20170110/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Tue, 28 Nov 2017 01:42:54 GMT
Expires: Tue, 12 Dec 2017 01:42:54 GMT
Etag: 1606340084474353950
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6793
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 56021
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6793
Md5:    b39f70164150f65acc6dd7bdf718d2bf
Sha1:   a4e19d0a569180d2df6e7904ad23db2b3dae3fef
Sha256: 471c43d7388186e24d2b7466fdf4c3c138bc5194322089bcb88872618d0b999e
                                        
                                            GET /hit?t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.2415701974107951 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.212.196.103
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 28 Nov 2017 17:16:30 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit?q;t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.2415701974107951
Content-Length: 32
Expires: Sun, 27 Nov 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1Q7Pdk3DbTve1Q7Pdk002UHT; path=/; expires=Tue, 27 Nov 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /hit;All_da_nnn_dn_realty?r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.39538890620146416 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.212.196.103
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 28 Nov 2017 17:16:30 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.39538890620146416
Content-Length: 32
Expires: Sun, 27 Nov 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1Q7Pdk3DbTve1Q7Pdk002UHS; path=/; expires=Tue, 27 Nov 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /cnt/samples/default/b57_center.gif HTTP/1.1 
Host: i.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.71.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 146
Last-Modified: Tue, 23 Jan 2007 13:14:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Etag: "45b60a33-92"
Expires: Fri, 01 Dec 2017 17:16:35 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 17
Size:   146
Md5:    df49900d91c7e7e2d62ade83ac459335
Sha1:   e3f9a4da722b4d0399fcf19ae82c4605fdca40d7
Sha256: 91084dabad218b0e62e313c102d801e7fec5d134a770524e46667a7b94db0d4d
                                        
                                            GET /cnt/samples/default/b57_left.gif HTTP/1.1 
Host: i.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.71.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 319
Last-Modified: Tue, 23 Jan 2007 13:14:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Etag: "45b60a33-13f"
Expires: Fri, 01 Dec 2017 17:16:35 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 7 x 17
Size:   319
Md5:    0d4e2c2b81f9bcc55503213e76d663cc
Sha1:   5df71fd127df928d0edffbd424a1b3d8991ae416
Sha256: ebae1af4a0fb8c6db224686c85f213adcaf37212e49c10edd4a722a06266913a
                                        
                                            GET /news/js/info.min.js?t=1511889391 HTTP/1.1 
Host: st.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm3=1; dadcm46=1; nid=w6EQhFodmfAC2BPUHVHLAg==

                                         
                                         176.99.0.101
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:35 GMT
Last-Modified: Thu, 27 Apr 2017 11:03:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5901d014-12c2"
Expires: Tue, 12 Dec 2017 17:16:35 GMT
Cache-Control: max-age=1209600
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2486
Md5:    5ebaa3313a62ac6b129dfab1780b7688
Sha1:   e23a583f722dda6c265edb4f9b1f5d3de69b8c0b
Sha256: 8b01583772a2e66f78ba0db52d735082059a69a324f1e2126ee4802b5da3d042
                                        
                                            GET /hit?q;t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.2415701974107951 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: FTID=1Q7Pdk3DbTve1Q7Pdk002UHT

                                         
                                         88.212.196.103
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 28 Nov 2017 17:16:30 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 484
Expires: Sun, 27 Nov 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=18A_fj3Clxve1Q7Pdk002UHf; path=/; expires=Tue, 27 Nov 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 15
Size:   484
Md5:    15a2711f01f2577101f436d407da8adf
Sha1:   3e25837557ab902051514b7b9246a3384b75d9dd
Sha256: f1d59560d9b11d278702f3ebf978713f7a8613bb9904d3270538f98f73c8426c
                                        
                                            GET /cnt/samples/default/b57_right.gif HTTP/1.1 
Host: i.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.71.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 314
Last-Modified: Tue, 23 Jan 2007 13:14:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Etag: "45b60a33-13a"
Expires: Fri, 01 Dec 2017 17:16:35 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 7 x 17
Size:   314
Md5:    c47e826215f5dad5640c6dfc2bd349dd
Sha1:   fe39b2b692b9a25b7de8660c297a5577b90855e8
Sha256: 1c4f8dd4d6014e189cfb9a8c41ddf3f1d1dab4bdd68c872334a63a291a5604ca
                                        
                                            GET /hit;All_da_nnn_dn_realty?q;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.39538890620146416 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: FTID=1Q7Pdk3DbTve1Q7Pdk002UHS

                                         
                                         88.212.196.103
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 28 Nov 2017 17:16:30 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 43
Expires: Sun, 27 Nov 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=18A_fj3Clxve1Q7Pdk002UHv; path=/; expires=Tue, 27 Nov 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    fc94fb0c3ed8a8f909dbc7630a0987ff
Sha1:   56d45f8a17f5078a20af9962c992ca4678450765
Sha256: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: Apache
Last-Modified: Mon, 27 Nov 2017 01:44:54 GMT
Expires: Mon, 04 Dec 2017 01:44:54 GMT
Etag: 4489D5A668A58D5F5FEAF8DD923854AACC462281
Cache-Control: max-age=461898,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp17
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    94863681aa593ccdfaf329e47b59e3bb
Sha1:   4489d5a668a58d5f5feaf8dd923854aacc462281
Sha256: 0fe2835b781919aaaded422a7cb0c677ceb8b2850266d53dfbcdc209d27030f8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: Apache
Last-Modified: Sun, 26 Nov 2017 10:16:14 GMT
Expires: Sun, 03 Dec 2017 10:16:14 GMT
Etag: B64AD81B45378E5E7BCF83F621D79301B0896B58
Cache-Control: max-age=406178,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp17
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    dddf08537643fde4ecdd1f8348769d95
Sha1:   b64ad81b45378e5e7bcf83f621d79301b0896b58
Sha256: 8e3a73db4c7c3f9be8e591c0e5272a6b70fb0d643d50004a92fa3287bf4582ba
                                        
                                            GET /data/180807.js?nnn=180807&div=DIV_DA_180807&t=0.900573605386761 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm3=1; dadcm46=1; nid=w6EQhFodmfAC2BPUHVHLAg==

                                         
                                         195.161.16.132
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: s=7429300:7029860:6960131; expires=Tue, 05-Dec-2017 17:16:34 GMT; path=/; domain=directadvert.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2339
Md5:    dabb774b8666e9c354ace0046e1ec34e
Sha1:   7803de9e5a417ef54133373945d4c26d0dda505c
Sha256: c59917a9e2c2d032007b63e83d653d63fa5ad6c2f8b997bc28d02d571f12fc13
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: Apache
Last-Modified: Sun, 26 Nov 2017 10:16:14 GMT
Expires: Sun, 03 Dec 2017 10:16:14 GMT
Etag: 2A9E8B2100C90E14E261E39CD6FE50035BB82FF2
Cache-Control: max-age=406178,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp26
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    9d36e0f2d9746c3637f2ef32165cb7bc
Sha1:   2a9e8b2100c90e14e261e39cd6fe50035bb82ff2
Sha256: 6ab03aef445e3b569981c7f9405a867aaed6d3cb11cafd5e61d7172e80c2a960
                                        
                                            GET /cdn/images/100x100/75/4597875.jpg HTTP/1.1 
Host: cdn.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm3=1; dadcm46=1; nid=w6EQhFodmfAC2BPUHVHLAg==; s=7429300:7029860:6960131

                                         
                                         195.161.16.136
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 6494
Last-Modified: Mon, 20 Nov 2017 09:44:01 GMT
Connection: keep-alive
Etag: "5a12a3e1-195e"
Expires: Thu, 28 Dec 2017 17:16:35 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   6494
Md5:    557619c14b48764f307ca462526e01d3
Sha1:   45390562ebf4fa37ab9ab9e268b72e53763170a8
Sha256: c8d48915e678b3fe2a12a22d4abe9e5a78a9717d8dad8f2e82ae14c37382f1fc
                                        
                                            GET /cdn/images/100x100/39/4185339.jpg HTTP/1.1 
Host: cdn.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm3=1; dadcm46=1; nid=w6EQhFodmfAC2BPUHVHLAg==; s=7429300:7029860:6960131

                                         
                                         195.161.16.136
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 6319
Last-Modified: Tue, 13 Jun 2017 09:11:02 GMT
Connection: keep-alive
Etag: "593fac26-18af"
Expires: Thu, 28 Dec 2017 17:16:35 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   6319
Md5:    fb396afdffc9181190e2425bc1b0dca7
Sha1:   b4e6d53f8ffcc3f2ba331c37e2edafa0d23da7e1
Sha256: a87f17b4b4f19314ca9bb06ef5065340d8926275629e3f5f3e3b08f529004a2e
                                        
                                            GET /cdn/images/100x100/71/4112371.jpg HTTP/1.1 
Host: cdn.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm3=1; dadcm46=1; nid=w6EQhFodmfAC2BPUHVHLAg==; s=7429300:7029860:6960131

                                         
                                         195.161.16.136
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.1
Date: Tue, 28 Nov 2017 17:16:35 GMT
Content-Length: 4745
Last-Modified: Thu, 11 May 2017 12:43:01 GMT
Connection: keep-alive
Etag: "59145c55-1289"
Expires: Thu, 28 Dec 2017 17:16:35 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   4745
Md5:    c0a8815245d4d2f67bce6cb9c11cef86
Sha1:   ce26bc98f867d1505b74fdf18027f0b355c07b68
Sha256: d24c5e43b2bad554216f413ffe2da9f043417341a16e5600e6306c60688f2381
                                        
                                            GET /t/lb156315.js?rt=93958660017 HTTP/1.1 
Host: c.luxup.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         109.248.237.36
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.8.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Last-Modified: Tue, 28 Nov 2017 17:03:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5a1d96f8-f295"
Expires: Tue, 28 Nov 2017 17:17:36 GMT
Cache-Control: max-age=60
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   25292
Md5:    215b1e42aa5e3bb161031de6f1a56785
Sha1:   fceec5078403f6ba253057a6a6bbe7513a02a0a7
Sha256: 4244505b1d7e0eaea14b0494a6dcf7c0ebb5dc79fe9b77e5e1a9200d1fa94de9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:36 GMT
Server: Apache
Last-Modified: Tue, 28 Nov 2017 16:19:05 GMT
Expires: Tue, 05 Dec 2017 16:19:05 GMT
Etag: EDE141AB2B04467C7D3BA43EA57A7B3E89AFED94
Cache-Control: max-age=600748,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp17
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    7262275706b179d4b186a67a13d7e028
Sha1:   ede141ab2b04467c7d3ba43ea57a7b3e89afed94
Sha256: 053a428cbf8aa87787bccc44b173a430d82188bb6700a8bf5d9ccfa4878980ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:36 GMT
Server: Apache
Last-Modified: Sun, 26 Nov 2017 10:16:14 GMT
Expires: Sun, 03 Dec 2017 10:16:14 GMT
Etag: E415A8E04EC6AF2A33F7134A3EBD62545BE84696
Cache-Control: max-age=406177,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp26
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    a77789c19b025a885117ec5767314d73
Sha1:   e415a8e04ec6af2a33f7134a3ebd62545be84696
Sha256: ce21bb5f8c121e4d5b1e30d5449b0c7da5836b758ef33be70d1994b6a9f3f476
                                        
                                            GET /pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&slotname=5488537826&adk=3230642478&adf=807048394&w=728&lmt=1511886754&loeid=156549051&format=728x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1511889394020&bpp=25&fdt=33&idt=243&shv=r20171113&cbv=r20170110&saldr=aa&correlator=7097762824940&frm=20&ga_vid=1649675695.1511889393&ga_sid=1511889394&ga_hid=1773231262&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=75&ady=280&biw=1159&bih=754&abxe=1&eid=156549041%2C21061122&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=269 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 28-Nov-2017 17:31:35 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 28 Nov 2017 17:16:35 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   369
Md5:    dce9a0c2c078500a969c0e01c048e7b7
Sha1:   af81b6f9920a795a658527f2fe400d51509ab42c
Sha256: 1666b9e29087ea86185df4202ebb93c6a125d2b16b10e12d3141fa0ad23bb716
                                        
                                            GET /pagead/ads?client=ca-pub-3410491531423553&output=html&h=600&slotname=3872203828&adk=4137196353&adf=807048394&w=300&lmt=1511886754&loeid=156549051&format=300x600&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1511889394404&bpp=23&fdt=26&idt=125&shv=r20171113&cbv=r20170110&saldr=aa&prev_fmts=728x90&correlator=7097762824940&frm=20&ga_vid=1649675695.1511889393&ga_sid=1511889394&ga_hid=1773231262&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=787&ady=397&biw=1159&bih=754&abxe=1&eid=156549041%2C21061122&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=149 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 28 Nov 2017 17:16:35 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 28-Nov-2017 17:31:35 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 28 Nov 2017 17:16:35 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   371
Md5:    81ef69094f26e6b3fcb3393579628c00
Sha1:   c7b9dd93649f03bc52197ea6e28c697234d23b57
Sha256: fb9d0eb972a3f14ddf851eb9ffed81f7c8caa94c6be82e0c06a6747f07573805
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         72.167.239.239
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:36 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=120133, public, no-transform, must-revalidate
Last-Modified: Tue, 28 Nov 2017 16:24:12 GMT
Expires: Thu, 30 Nov 2017 04:24:12 GMT
Etag: "97c577201ea79d5b05df2cb8ecfc5eb98435e42f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1776
Connection: close


--- Additional Info ---
Magic:  data
Size:   1776
Md5:    0eb6a9be441d99496fa203c55b4609c2
Sha1:   97c577201ea79d5b05df2cb8ecfc5eb98435e42f
Sha256: addd3eba312493b1b4c8eaffb8006dbe5b36bf430a8bd19c1eaacb64cd1151c2
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodme8BkBPRGeyhAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8BkBPRGeyhAg==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=5e8677c0-069f-495c-a92f-a6322219c009; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net c=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: gp.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1415
Content-Transfer-Encoding: binary
Cache-Control: max-age=384478, public, no-transform, must-revalidate
Last-Modified: Sun, 26 Nov 2017 04:03:34 GMT
Expires: Sun, 3 Dec 2017 04:03:34 GMT
Date: Tue, 28 Nov 2017 17:16:36 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1602
Md5:    d7fe44d4780b7034e463479fa68cc6d7
Sha1:   60a429334737d1fe88f847569bec972f5a59d0af
Sha256: b9a7552ecf2aab789b610c46780b44f79af864d39e6b0731bd918ac4dd551844
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodme8BkBPRGeylAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8BkBPRGeylAg==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=60215660-dcd1-4d6e-b810-754ae5142d12; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net c=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8BkBPRGeyhAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: tuuid=5e8677c0-069f-495c-a92f-a6322219c009; tuuid_last_update=1511889396; c=1511889396

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: //a.company-target.com/bidswitch_match?bidswitch_ssp_id=yengo&bsw_custom_parameter=1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=5e8677c0-069f-495c-a92f-a6322219c009; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /images/upload.gif HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         87.240.165.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 230
Last-Modified: Sat, 07 Jan 2017 23:21:10 GMT
Connection: keep-alive
Etag: "587177e6-e6"
Expires: Tue, 05 Dec 2017 17:16:36 GMT
Cache-Control: max-age=604800
Strict-Transport-Security: max-age=0
X-Frontend: front508122
Access-Control-Expose-Headers: X-Frontend
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 8
Size:   230
Md5:    59cd625f8c2ce03663123d59416378a1
Sha1:   b8d103133aadcdbe532e5642ddce9159b7385e4e
Sha256: 0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
                                        
                                            GET /ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8BkBPRGeylAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: tuuid=60215660-dcd1-4d6e-b810-754ae5142d12; tuuid_last_update=1511889396; c=1511889396

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: //a.company-target.com/bidswitch_match?bidswitch_ssp_id=yengo&bsw_custom_parameter=1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=60215660-dcd1-4d6e-b810-754ae5142d12; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodme8DuxPVIlmGAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:36 GMT embryo=4vrJyFqt1hwNphNQwO2AyZc2ZnbAOCAsMbT310g5CFxLRg5bcbo9c6oFMZPHUYzjgASsYRDp5wFXvZ1AX-BXYVX31pMYJlNwQ8Ob*O*exCh7O0o8AJfBZmWyu-KjC7G7KPCmqTUVV1CqvkbCNq*wi**cI39luuu43ggtS6Fe*jx6PDQ3nHcnhlHeX*wBGypN-AjtF9bMG8r*NZZsmoG7TdrUCz2WQbMnyFMWs5jOnVncgacMFq3LgKPJuoWvWWUh1z3hQyBMBPs; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT uuts=4vrJyGMZPmsbk8JidnRGijvjvLrHU4Si; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodme8DuxPVIlmHAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:36 GMT embryo=4vrJyNTlOxUErxpZyeSJwJ4-b3-JMSklOL3*3kEwAVWhff01GT5OugFx480lMCYoS89nqtsiLMqcdlaLlDucqp48HVjT7Zi7iAhQMyRVD*ObkKfjViefoYS2zDB38cIuvWUzPKCAwsU-K9NXozolHnoJturwL34tS5243jTLb6nvqaGiCeKyE8RLynmUjr-YaZ14gkNZjl9roAP5DxQu2E9BnqgD1CayXcaDJg1bCMxJFDKZgzheFTZcLxA6zPC0SKizP02MXxo; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT uuts=4vrJyGMZPmsbk8JidnRGijvjvLrHU4Si; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodme8DuxPVIlmGAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 43
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 108
Content-Type: application/ocsp-request

                                         
                                         72.167.239.239
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 28 Nov 2017 17:16:37 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=120002, public, no-transform, must-revalidate
Last-Modified: Tue, 28 Nov 2017 16:21:55 GMT
Expires: Thu, 30 Nov 2017 04:21:55 GMT
Etag: "3fb559bb6c6ea2bff62e14a24c133f1c6c4ec29a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1777
Connection: close


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    f6adeec73bf9fad38d000533fd239b29
Sha1:   3fb559bb6c6ea2bff62e14a24c133f1c6c4ec29a
Sha256: 82e592b3583be9ea02e8f9e68e358932b95f0945bcd91aa363aecdd56b38d599
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodme8BkBPRGeylAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:36 GMT embryo=4vrJyM5BIpeGLZjbS2YLQhy97f1Ls6un0EslxA-bxjeM-HNm0n3DIDDEkqmCHVn7mBy0eQjx-xlPpYVYR*hPeU3vzosAPktoW9uD4PeG3DBe*wHuRVzVfaJcvc5jZgEou2M1OqaGxMM5LdVRpTwjGHwPsOz2KXgrTZu*2DLNaa-pr6ekD*S0FcJNzH*SiLneIL*NH1ls7IMhtU8n33DWoTY459F6rV-LJL-6X3QicbUwbUvg*kEnbA7QK76ET*KirWR-kwflS6c; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT uuts=4vrJyGMZPmsbk8JidnRGijvjvLrHU4Si; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodmfAC2BPUHVHLAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=w6EQhFodmfAC2BPUHVHLAg==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=27778da9-cab0-4496-8173-9e6e51b2ad69; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net c=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodme8BcBPQGArHAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8BcBPQGArHAg==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=0879d048-3e71-4112-b3c5-295644bb6fa6; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net c=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodmfAC2BPUHVHLAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:36 GMT embryo=4vrJyEZnCaS1HqvoeFU4cS*O3s54gJiU43gW9zzo9QQ*RuxTHqWKRReTf-vzxSbggwevYhPq5AJUvp5DXPNUYlb01ZAbJVBzQMCY**ydxyuiflKBAsH1rO7mKhP3JD4*8ARJMx6Lgud0iBo7UUFRTpRyI2SbmpBU4hMBz8In*bZF2w7uYptVncI4IV-eg3D0WflEvJsMMSQ8fp*KEMClJ8nl6qi4iLnmyoO-btPE4yF2XikIG25MvYtvM6lgl6WzIO91CAJ93XHZr4EJdEaGqA; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT uuts=4vrJyGMZPmsbk8JidnRGijvjvLrHU4Si; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodme8DuxPVIlmHAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8DuxPVIlmHAg==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=4e2f17b1-ca41-452f-8880-a586568db8a9; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net c=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodme8DuxPVIlmEAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:36 GMT embryo=4vrJyCxns7*uBbDzY04jajSVxdVjm4OP*GMN7Cfz7h*K7*mv3ZYh7wAsHaYwmClXNLAY1aRdU7XjCSn060Tj1eFDYieskufE93cvTFsqcJy7YcG1CHW-qgWgJ2GTaANE1w9ZVsrqqK9VQbk9yVBPdBBj3ICaRRRHIffStF6hBcOFw8vIY4jYea4hoBP*5NWyA-cS6Ckz5DUBymmTZX5EsiUr9MJpvkzYN6zpTGcxYqYjfljz6VI0f1w2RXpQpprez3VZAgEUBnM; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT uuts=4vrJyGMZPmsbk8JidnRGijvjvLrHU4Si; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /sync?ssp=yengo&user_id=w6EQhFodme8DuxPVIlmEAg== HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.189.195.106
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=w6EQhFodme8DuxPVIlmEAg==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=5ee73305-3828-4989-8fd5-09c3fb84e95a; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net tuuid_last_update=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net c=1511889396; path=/; expires=Wed, 28-Nov-2018 17:16:36 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodme8BkBPRGeyhAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:36 GMT embryo=4vrJyHaeso*eNYDDU34TWgSl9eVTq7O-oidkRNuqm8-TDK7AVO3beU5XXuaBbO03VNB4tcQ9M9WDaUmUiySDtYEjAkfM8oeklxdPLDtKEPxgTUc5lzkGjjmC85e95WUOnUUTHICg4uUfC-N3gxoFPloplsrQD14Na72Y-hTrT4nPiYGCKcKSM*Rr6lm0rp-4BpmrOX9KyqUHk2kB*VbwhxAewfdci3ntApnceVIEV5MWS23G3GcBSij2DZiiacSEAFdxMIo3rxg; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT uuts=4vrJyGMZPmsbk8JidnRGijvjvLrHU4Si; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:36 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /pagead/ads?client=ca-pub-3410491531423553&output=html&h=120&slotname=9081132626&adk=3817973285&adf=807048394&w=980&lmt=1511886754&loeid=156549051&format=980x120&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1511889394580&bpp=7&fdt=41&idt=301&shv=r20171113&cbv=r20170110&saldr=aa&prev_fmts=728x90%2C300x600&correlator=7097762824940&frm=20&ga_vid=1649675695.1511889393&ga_sid=1511889394&ga_hid=1773231262&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=75&ady=3099&biw=1159&bih=754&abxe=1&eid=156549041%2C21061122&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&dtd=359 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.201.162
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 28 Nov 2017 17:16:36 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 28-Nov-2017 17:31:36 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 28 Nov 2017 17:16:36 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   369
Md5:    ab2dff8f29ef936d65cb5e0fe6bcdab9
Sha1:   e2b9d14deba8d2936bb60cacd5c543e18087381f
Sha256: f37ac86a69b9df0b0535932f39cf04cd806ca3a87ef90cdfc3cd58b41bcd8a6f
                                        
                                            GET /sync2.204?pid=117&anket_id=w6EQhFodme8BcBPQGArHAg== HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.149.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 28 Nov 2017 16:16:37 GMT embryo=4vrJyPqp-mt60WQnt5r3vli6tPG8zfu4z1Q62xDE2Shn*CdH1qKs9Z7mIXV47lhnBIAo5ZRtY4VYh0rjnl5JFSGDoudsUicEE9bEMqB1WXsiea-uUVZPT4UZKviYpl0vvGQyPaGBw8Q*KtJWojskH3sIt*vxLn8sSpy53zXKbqjuqKCjCOOzEsVKy3iVj77Z7KN*98ApEc*HxeRi1pxQRtHfADadSrgsw1gduJPFllLXiqwHHabAi91MLTDu4bqSkkb4NtqVvA4; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:37 GMT uuts=4vrJyPW-n73NRRS0oKKQXDGoANM8sS3h; domain=.rambler.ru; path=/; expires=Sun, 27 May 2018 17:16:37 GMT
X-Passed: 1bal2
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /widget_community.php?app=3320676&width=494px&_ver=1&gid=35521171&mode=0&color1=&color2=&color3=&class_name=&height=250&url=http%3A%2F%2Fwww.t.ks.ua%2F&referrer=&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%81%D0%BE%D0%B1%D1%8B%D1%82%D0%B8%D1%8F%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B0%20%7C%20%D0%A2%D0%B8%D0%BF%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD&16003a15bd0 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         87.240.165.80
HTTP/1.1 200 OK
Content-Type: text/html; charset=windows-1251
                                        
Server: nginx
Date: Tue, 28 Nov 2017 17:16:36 GMT
Content-Length: 3222
Connection: keep-alive
X-Powered-By: PHP/3.14186
Set-Cookie: remixlang=3; expires=Tue, 20 Nov 2018 13:53:34 GMT; path=/; domain=.vk.com remixstid=161313970_938d63bfaf063e9458; expires=Tue, 20 Nov 2018 11:49:53 GMT; path=/; domain=.vk.com
Pragma: no-cache
Cache-Control: no-store
Content-Encoding: gzip
Strict-Transport-Security: max-age=0
X-Frontend: front508122
Access-Control-Expose-Headers: X-Frontend


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3222
Md5:    7f884c8b7cd2a784153d7a39fbef9154
Sha1:   65198b53299eb1adda2337fe59b3060248e8f991
Sha256: 7716ecbd63e03b95bb6976faa88264771274d5ac985ce86cae683ea54a6b93b2
                                        
                                            GET /informer/inf2?color=blue&rnd=1511889394564 HTTP/1.1 
Host: old.kurs.com.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: __cfduid=d24429e6c1287fb5f36f95ffc30a5d96f1511889394

                                         
                                         104.20.191.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 28 Nov 2017 17:16:37 GMT