Overview

URL t.ks.ua/
IP88.198.13.114
ASNAS24940 Hetzner Online GmbH
Location Germany
Report completed2017-10-31 08:16:40 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-31 2 t.ks.ua/ Malware
2017-10-31 2 www.t.ks.ua/ Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/favicon_1.ico Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/js/js_9PoCIpaBdXzAfwjeoO2ibi_TtEs6jMROpVOwk (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/js/js_1AMzlCDQxgGquc8G2iJdT1uuMI0-iSG_YUoWQ (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/js/js_URfWn4saN9E3ALH5gyoaI9cY8jCUptAbysGUa (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/js/js_BAhqE0nsQns6shJD8cBPNaX58HANh3tzWfxSl (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/dsc00762.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/aa92bafb54ae1692d (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/22528265_72167449 (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/tae3me-bah0.jpg?i (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/22523752_17910389 (...) Malware
2017-10-31 2 www.t.ks.ua/sites/all/modules/advpoll/nodejs.js Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/373875453_1.jpg?it (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/1508936256_1.jpg?i (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/1508753238_139295. (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/euswi9zhlho.jpg?it (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/20102017_41.jpg?it (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/my_video_thumbnail/public/video_embe (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/1509101154_2288326 (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_55x45/public/44_91.jpg?itok=5v (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_left/public/a75c6a6fed40d36277 (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/front_slide/public/1d53af58976f7f8f9 (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_55x45/public/011_1.jpg?itok=Ma (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_439.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_397.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_380.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_384.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/44_91.jpg?itok= (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_363.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/11_345.jpg?itok (...) Malware
2017-10-31 2 www.t.ks.ua/sites/all/themes/th/fonts/ArialNarrowRegular/ArialNarrowRegular.woff Malware
2017-10-31 2 www.t.ks.ua/sites/default/files/styles/thumb_268x191/public/011_1.jpg?itok= (...) Malware
2017-10-31 2 www.t.ks.ua/sites/all/themes/th/fonts/ArialNarrowBold/ArialNarrowBold.woff Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 88.198.13.114

Date UQ / IDS / BL URL IP
2019-06-11 14:29:33 +0200
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2019-03-13 21:45:17 +0100
0 - 0 - 0 t.ks.ua 88.198.13.114
2018-11-21 15:59:53 +0100
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2018-08-10 12:32:09 +0200
0 - 0 - 0 www.t.ks.ua/sites/default/files/styles/my_lar (...) 88.198.13.114
2018-01-07 22:54:15 +0100
0 - 0 - 33 www.t.ks.ua/ 88.198.13.114
2017-12-05 12:38:07 +0100
0 - 0 - 12 www.t.ks.ua/v-avarii-po-doroge-na-more-bla-bl (...) 88.198.13.114
2017-11-28 18:10:29 +0100
0 - 0 - 37 t.ks.ua 88.198.13.114
2017-11-06 00:39:27 +0100
0 - 0 - 37 www.t.ks.ua/ 88.198.13.114
2017-10-31 20:59:22 +0100
0 - 0 - 36 t.ks.ua/ 88.198.13.114
2017-10-25 16:04:35 +0200
0 - 0 - 0 www.t.ks.ua/ 88.198.13.114

Last 10 reports on ASN: AS24940 Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2019-07-01 11:15:49 +0200
0 - 0 - 0 morskiemile.pl/ 88.198.46.46
2019-07-01 11:05:39 +0200
0 - 0 - 0 https://piranshop.ir/ 144.76.241.226
2019-07-01 06:10:34 +0200
0 - 5 - 0 ua.bizorg.su 136.243.18.232
2019-07-01 04:06:07 +0200
0 - 0 - 0 https://ofness.com/login/ 78.46.102.215
2019-07-01 03:01:20 +0200
0 - 0 - 0 onlinetvi.bloggersdelight.dk/2019/07/01/freeu (...) 138.201.204.196
2019-06-30 17:02:47 +0200
0 - 0 - 0 138.201.66.111 138.201.66.111
2019-06-30 14:17:39 +0200
0 - 0 - 0 https://www.oosterbaan-living.nl/ 78.46.99.89
2019-06-30 10:44:01 +0200
0 - 0 - 0 yu21uy.com 136.243.218.221
2019-06-30 08:38:29 +0200
0 - 0 - 0 https://blog.elcomsoft.com/2019/06/unusual-ip (...) 88.198.215.58
2019-06-30 01:33:48 +0200
0 - 0 - 0 https://ethnics.ru/Parker-vs-Alex-Leap-Fight- (...) 144.76.117.254

Last 10 reports on domain: t.ks.ua

Date UQ / IDS / BL URL IP
2019-06-11 14:29:33 +0200
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2019-03-13 21:45:17 +0100
0 - 0 - 0 t.ks.ua 88.198.13.114
2018-11-21 15:59:53 +0100
0 - 0 - 0 www.t.ks.ua 88.198.13.114
2018-08-10 12:32:09 +0200
0 - 0 - 0 www.t.ks.ua/sites/default/files/styles/my_lar (...) 88.198.13.114
2018-01-07 22:54:15 +0100
0 - 0 - 33 www.t.ks.ua/ 88.198.13.114
2017-12-05 12:38:07 +0100
0 - 0 - 12 www.t.ks.ua/v-avarii-po-doroge-na-more-bla-bl (...) 88.198.13.114
2017-11-28 18:10:29 +0100
0 - 0 - 37 t.ks.ua 88.198.13.114
2017-11-06 00:39:27 +0100
0 - 0 - 37 www.t.ks.ua/ 88.198.13.114
2017-10-31 20:59:22 +0100
0 - 0 - 36 t.ks.ua/ 88.198.13.114
2017-10-25 16:04:35 +0200
0 - 0 - 0 www.t.ks.ua/ 88.198.13.114


JavaScript

Executed Scripts (70)


Executed Evals (2)

#1 JavaScript::Eval (size: 5613, repeated: 1) - SHA256: 2e1495a7979eeb16e1bf408bd283088d4288280ebfaeafe9097c584e68de61a0

                                        __da_info_params = {
    windowLoaded: 0,
    scrollTop: 0,
    scrolls: 0,
    distance: 0,
    startTime: null,
    prevEvent: null,
    prevEventTime: null
};
var events_arr = ['mousedown', 'mouseup', 'touchstart', 'touchend', 'touchcancel', 'click'];
var e_arr = ['md', 'mu', 'ts', 'te', 'tc', 'cl'];
var events_log = [];
__da_info_params.addClass = function(el, cls) {
    if (!this.hasClass(el, cls)) el.className += " " + cls
};
__da_info_params.hasClass = function(el, cls) {
    return el.className.match(new RegExp('(\\s|^)' + cls + '(\\s|$)'))
};
__da_info_params.on = function(el, evt, fn, bubble) {
    if ("addEventListener" in el) {
        try {
            el.addEventListener(evt, fn, bubble)
        } catch (e) {
            if (typeof fn == "object" && fn.handleEvent) {
                el.addEventListener(evt, function(e) {
                    fn.handleEvent.call(fn, e)
                }, bubble)
            } else {
                throw e
            }
        }
    } else if ("attachEvent" in el) {
        if (typeof fn == "object" && fn.handleEvent) {
            el.attachEvent("on" + evt, function() {
                fn.handleEvent.call(fn)
            })
        } else {
            el.attachEvent("on" + evt, fn)
        }
    }
};
events_arr.forEach(function(item, index) {
    __da_info_params.on(document, item, function(e) {
        if (e.type !== __da_info_params.prevEvent) {
            var time = new Date().getTime();
            var delta = (__da_info_params.prevEventTime) ? (time - __da_info_params.prevEventTime) : (time - __da_info_params.startTime);
            events_log.push(delta + '|' + e_arr[events_arr.indexOf(e.type)]);
            if (events_log.length > 10) {
                events_log.shift()
            }
            __da_info_params.prevEventTime = time;
            __da_info_params.prevEvent = e.type
        }
    }, false)
});
__da_info_params.on(window, 'load', function() {
    __da_info_params.startTime = new Date().getTime();
    __da_info_params.windowLoaded = 1;
    __da_info_params.scrollTop = document.documentElement.scrollTop || document.body.scrollTop;
    if (!__da_info_params.scrollTop) __da_info_params.scrollTop = 0
}, false);
__da_info_params.on(window, 'scroll', function() {
    var scrollTop = document.documentElement.scrollTop || document.body.scrollTop;
    __da_info_params.scrolls += Math.abs(__da_info_params.scrollTop - scrollTop);
    __da_info_params.scrollTop = scrollTop
}, false);
__da_info_params.on(document, 'mousemove', function() {
    __da_info_params.distance++
}, false);

function __da_info(el, event) {
    if (!el || el.type == 'click') el = this;
    var h = el.getAttribute('href');
    var n = (h.indexOf('?') > -1 ? '&' : '?') + 't' + 's' + '=';
    if (h.indexOf(n) < 0) {
        window["w"] = window;
        var params = '';
        var s = "\x77\x2e\x73\x63\x72\x65\x65\x6e\x2e\x77\x69\x64\x74\x68\x7c\x77\x2e\x6d\x6f\x7a\x49\x6e\x6e\x65\x72\x53\x63\x72\x65\x65\x6e\x58\x7c\x77\x2e\x65\x78\x74\x65\x72\x6e\x61\x6c\x7c\x77\x2e\x70\x61\x67\x65\x58\x4f\x66\x66\x73\x65\x74\x7c\x77\x2e\x64\x6f\x63\x75\x6d\x65\x6e\x74\x2e\x62\x6f\x64\x79\x2e\x73\x63\x72\x6f\x6c\x6c\x4c\x65\x66\x74\x7c\x77\x2e\x64\x65\x76\x69\x63\x65\x50\x69\x78\x65\x6c\x52\x61\x74\x69\x6f\x7c\x77\x2e\x64\x6f\x63\x75\x6d\x65\x6e\x74\x2e\x61\x6c\x6c\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x62\x74\x6f\x61\x7c\x77\x2e\x41\x63\x74\x69\x76\x65\x58\x4f\x62\x6a\x65\x63\x74\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x6e\x61\x76\x69\x67\x61\x74\x6f\x72\x2e\x75\x73\x65\x72\x50\x72\x6f\x66\x69\x6c\x65\x7c\x77\x2e\x53\x74\x6f\x72\x61\x67\x65\x7c\x77\x2e\x6f\x70\x65\x72\x61\x3f\x77\x2e\x6f\x70\x65\x72\x61\x2e\x62\x75\x69\x6c\x64\x4e\x75\x6d\x62\x65\x72\x28\x29\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x6f\x70\x65\x72\x61\x3f\x77\x2e\x6f\x70\x65\x72\x61\x2e\x76\x65\x72\x73\x69\x6f\x6e\x28\x29\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x63\x68\x72\x6f\x6d\x65\x7c\x77\x2e\x73\x69\x64\x65\x62\x61\x72\x7c\x77\x2e\x67\x6c\x6f\x62\x61\x6c\x53\x74\x6f\x72\x61\x67\x65\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x5f\x5f\x64\x61\x5f\x69\x6e\x66\x6f\x5f\x70\x61\x72\x61\x6d\x73\x2e\x73\x63\x72\x6f\x6c\x6c\x73\x7c\x5f\x5f\x64\x61\x5f\x69\x6e\x66\x6f\x5f\x70\x61\x72\x61\x6d\x73\x2e\x64\x69\x73\x74\x61\x6e\x63\x65\x7c\x5f\x5f\x64\x61\x5f\x69\x6e\x66\x6f\x5f\x70\x61\x72\x61\x6d\x73\x2e\x68\x61\x73\x43\x6c\x61\x73\x73\x28\x65\x6c\x2c\x20\x27\x44\x41\x2d\x4d\x4f\x56\x27\x29\x3f\x31\x3a\x75\x6e\x64\x65\x66\x69\x6e\x65\x64\x7c\x77\x2e\x6c\x6f\x63\x61\x6c\x53\x74\x6f\x72\x61\x67\x65";
        s = s.split(String.fromCharCode(124));
        var wBlock = 0,
            hBlock = 0,
            p;
        try {
            p = el.parentNode;
            var tc = 0;
            while (p !== null) {
                if (p.tagName.toLowerCase() == 'table') {
                    tc++;
                    if (tc == 2) {
                        var wBlock = !p.style.width || p.style.width.indexOf('%') > -1 ? p.parentNode.offsetWidth : parseInt(p.style.width);
                        var hBlock = !p.style.height || p.style.height.indexOf('%') > -1 ? p.parentNode.offsetHeight : parseInt(p.style.height);
                        break
                    }
                }
                p = p.parentNode
            }
        } catch (ex) {}
        s.push(wBlock);
        s.push(hBlock);
        var connection = navigator.connection || navigator.mozConnection || navigator.webkitConnection;
        s.push(connection ? '"' + connection.type + '"' : undefined);
        var coords = '0,0';
        if (event && wBlock && hBlock) {
            var leftPos = 0;
            var topPos = 0;
            var obj = p;
            while (obj != null) {
                leftPos += obj.offsetLeft;
                topPos += obj.offsetTop;
                obj = obj.offsetParent
            }
            var clientX = event.clientX + document.body.scrollLeft;
            var clientY = event.clientY + document.body.scrollTop;
            coords = '"' + parseInt(clientX - leftPos) + ',' + parseInt(clientY - topPos) + '"'
        }
        s.push(coords);
        s.push(__da_info_params.windowLoaded);
        for (var i = 0; i < s.length; i++) {
            var z = eval(s[i]);
            params += String.fromCharCode(97 + i) + (z === undefined ? '-' : (typeof z === "object" || typeof z === "function" ? 1 : z))
        }
        params += '&at=' + events_log.join('|');
        h += n + params;
        el.setAttribute('href', h)
    }
    return true
}

function __da_info_over(el) {
    __da_info_params.addClass(el, 'DA-MOV')
}(function() {
    var timerId = setInterval(function() {
        var links = document.getElementsByTagName('a');
        for (var i = 0; i < links.length; i++) {
            var url = links[i].getAttribute('data-url');
            if (!url || links[i].getAttribute('data-xurl')) {
                continue
            }
            links[i].setAttribute('data-xurl', links[i].getAttribute('href'));
            links[i].setAttribute('href', url);
            __da_info_params.on(links[i], 'mousedown', function() {
                this.setAttribute('href', this.getAttribute('data-xurl'))
            }, false)
        }
    }, 1000)
})();
                                    

#2 JavaScript::Eval (size: 286, repeated: 1) - SHA256: a36153bdb772ff70c9f6c2c467bc4c5a267e642cae2fbf1ebf89d819b5c889cf

                                        try {
    new Image().src = '//counter.yadro.ru/hit;All_da_nnn_dn_realty?r' + escape(document.referrer) + ((typeof(screen) == 'undefined') ? '' : ';s' + screen.width + '*' + screen.height + '*' + (screen.colorDepth ? screen.colorDepth : screen.pixelDepth)) + ';u' + escape(document.URL) + ';' + Math.random();
} catch (e) {}
                                    

Executed Writes (10)

#1 JavaScript::Write (size: 1761, repeated: 1) - SHA256: 9498487105016ecaad558b59cbf719b585d58f4913cd2913e99bc58ad1b7bf69

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-3410491531423553"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20171025/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_slot="5488537826";google_ad_client="ca-pub-3410491531423553";google_adsbygoogle_status="done";google_ad_width=728;google_ad_height=90;google_ad_modifications={"plle":true,"eids":["10583695","38893301","21061122"],"loeids":["38893311"]};google_loader_used="aa";google_reactive_tag_first=false;google_ad_format="728x90";google_ad_unit_key="3230642478";google_ad_dom_fingerprint="807048394";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1509434564784;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjI1NDg4NTM3ODI2JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0zNDEwNDkxNTMxNDIzNTUzJTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E3MjglMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBOTAlMkMlMjJnb29nbGVfYWRfbW9kaWZpY2F0aW9ucyUyMiUzQSU3QiUyMnBsbGUlMjIlM0F0cnVlJTJDJTIyZWlkcyUyMiUzQSU1QiUyMjEwNTgzNjk1JTIyJTJDJTIyMzg4OTMzMDElMjIlMkMlMjIyMTA2MTEyMiUyMiU1RCUyQyUyMmxvZWlkcyUyMiUzQSU1QiUyMjM4ODkzMzExJTIyJTVEJTdEJTJDJTIyZ29vZ2xlX2xvYWRlcl91c2VkJTIyJTNBJTIyYWElMjIlMkMlMjJnb29nbGVfcmVhY3RpdmVfdGFnX2ZpcnN0JTIyJTNBZmFsc2UlMkMlMjJnb29nbGVfYWRfZm9ybWF0JTIyJTNBJTIyNzI4eDkwJTIyJTJDJTIyZ29vZ2xlX2FkX3VuaXRfa2V5JTIyJTNBJTIyMzIzMDY0MjQ3OCUyMiUyQyUyMmdvb2dsZV9hZF9kb21fZmluZ2VycHJpbnQlMjIlM0ElMjI4MDcwNDgzOTQlMjIlN0Q=";google_bpp=57;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20171025/r20170110/show_ads_impl.js" > < /script></body > < /html>
                                    

#2 JavaScript::Write (size: 1563, repeated: 1) - SHA256: 4d89ab89f4f85265d9eac40f338c7958a5fa8fe930a9a3a263bc14860873e26d

                                        < !doctype html > < html > < body > < script > google_ad_slot = "3872203828";
google_ad_client = "ca-pub-3410491531423553";
google_adsbygoogle_status = "done";
google_ad_width = 300;
google_ad_height = 600;
google_ad_modifications = {
    "plle": true,
    "eids": ["10583695", "38893301", "21061122"],
    "loeids": ["38893311"]
};
google_loader_used = "aa";
google_reactive_tag_first = false;
google_ad_format = "300x600";
google_ad_unit_key = "4137196353";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 2;
google_async_iframe_id = "aswift_1";
google_start_time = 1509434565343;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjIzODcyMjAzODI4JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0zNDEwNDkxNTMxNDIzNTUzJTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0EzMDAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBNjAwJTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIxMDU4MzY5NSUyMiUyQyUyMjM4ODkzMzAxJTIyJTJDJTIyMjEwNjExMjIlMjIlNUQlMkMlMjJsb2VpZHMlMjIlM0ElNUIlMjIzODg5MzMxMSUyMiU1RCU3RCUyQyUyMmdvb2dsZV9sb2FkZXJfdXNlZCUyMiUzQSUyMmFhJTIyJTJDJTIyZ29vZ2xlX3JlYWN0aXZlX3RhZ19maXJzdCUyMiUzQWZhbHNlJTJDJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjMwMHg2MDAlMjIlMkMlMjJnb29nbGVfYWRfdW5pdF9rZXklMjIlM0ElMjI0MTM3MTk2MzUzJTIyJTJDJTIyZ29vZ2xlX2FkX2RvbV9maW5nZXJwcmludCUyMiUzQSUyMjgwNzA0ODM5NCUyMiU3RA==";
google_bpp = 52;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20171025 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#3 JavaScript::Write (size: 1562, repeated: 1) - SHA256: 45c9264d5c715d30d605e9f001fdf65f19d2c1e68e150ce82eef8357c3203253

                                        < !doctype html > < html > < body > < script > google_ad_slot = "9081132626";
google_ad_client = "ca-pub-3410491531423553";
google_adsbygoogle_status = "done";
google_ad_width = 980;
google_ad_height = 120;
google_ad_modifications = {
    "plle": true,
    "eids": ["10583695", "38893301", "21061122"],
    "loeids": ["38893311"]
};
google_loader_used = "aa";
google_reactive_tag_first = false;
google_ad_format = "980x120";
google_ad_unit_key = "3817973285";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 3;
google_async_iframe_id = "aswift_2";
google_start_time = 1509434565588;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX3Nsb3QlMjIlM0ElMjI5MDgxMTMyNjI2JTIyJTJDJTIyZ29vZ2xlX2FkX2NsaWVudCUyMiUzQSUyMmNhLXB1Yi0zNDEwNDkxNTMxNDIzNTUzJTIyJTJDJTIyZ29vZ2xlX2Fkc2J5Z29vZ2xlX3N0YXR1cyUyMiUzQSUyMmRvbmUlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E5ODAlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBMTIwJTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIxMDU4MzY5NSUyMiUyQyUyMjM4ODkzMzAxJTIyJTJDJTIyMjEwNjExMjIlMjIlNUQlMkMlMjJsb2VpZHMlMjIlM0ElNUIlMjIzODg5MzMxMSUyMiU1RCU3RCUyQyUyMmdvb2dsZV9sb2FkZXJfdXNlZCUyMiUzQSUyMmFhJTIyJTJDJTIyZ29vZ2xlX3JlYWN0aXZlX3RhZ19maXJzdCUyMiUzQWZhbHNlJTJDJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjk4MHgxMjAlMjIlMkMlMjJnb29nbGVfYWRfdW5pdF9rZXklMjIlM0ElMjIzODE3OTczMjg1JTIyJTJDJTIyZ29vZ2xlX2FkX2RvbV9maW5nZXJwcmludCUyMiUzQSUyMjgwNzA0ODM5NCUyMiU3RA==";
google_bpp = 8;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20171025 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#4 JavaScript::Write (size: 254, repeated: 1) - SHA256: 5e21b9ba267be9640f5c276891b7dde7875eb214d8954146def64c93da176f62

                                        < a href = '//www.liveinternet.ru/click'
target = _blank > < img src = '//counter.yadro.ru/hit?t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.0194198490862999'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?>A5B8B5;59 70 A53>4=O'
border = '0'
width = '88'
height = '15' > < /a>
                                    

#5 JavaScript::Write (size: 1314, repeated: 1) - SHA256: 589aed94b1b9b8fe110ad94815ec647b2a7f5bf7de9c7d70b56c9c9ab849604a

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&amp;output=html&amp;h=90&amp;slotname=5488537826&amp;adk=3230642478&amp;adf=807048394&amp;w=728&amp;lmt=1509434213&amp;loeid=38893311&amp;format=728x90&amp;url=http%3A%2F%2Fwww.t.ks.ua%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1509434564784&amp;bpp=57&amp;fdt=65&amp;idt=341&amp;shv=r20171025&amp;cbv=r20170110&amp;saldr=aa&amp;correlator=7409377489602&amp;frm=20&amp;ga_vid=1198844969.1509434563&amp;ga_sid=1509434565&amp;ga_hid=594507657&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=75&amp;ady=280&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=10583695%2C38893301%2C21061122%2C828064251%2C21061084&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=385"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#6 JavaScript::Write (size: 1339, repeated: 1) - SHA256: 91ad1606031334abec3d13fb6c2e0522e007cb733389220cd7cadeac4f1a7e37

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "300"
height = "600"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&amp;output=html&amp;h=600&amp;slotname=3872203828&amp;adk=4137196353&amp;adf=807048394&amp;w=300&amp;lmt=1509434213&amp;loeid=38893311&amp;format=300x600&amp;url=http%3A%2F%2Fwww.t.ks.ua%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1509434565343&amp;bpp=52&amp;fdt=59&amp;idt=186&amp;shv=r20171025&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=728x90&amp;correlator=7409377489602&amp;frm=20&amp;ga_vid=1198844969.1509434563&amp;ga_sid=1509434565&amp;ga_hid=594507657&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=787&amp;ady=397&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=10583695%2C38893301%2C21061122%2C828064251%2C21061084&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=218"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#7 JavaScript::Write (size: 1350, repeated: 1) - SHA256: 8acc28626db5e15fd4d81d4df6ce9fbce6af5e706785d1245b4b08d5949e1d33

                                        < iframe id = "google_ads_frame3"
name = "google_ads_frame3"
width = "980"
height = "120"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3410491531423553&amp;output=html&amp;h=120&amp;slotname=9081132626&amp;adk=3817973285&amp;adf=807048394&amp;w=980&amp;lmt=1509434213&amp;loeid=38893311&amp;format=980x120&amp;url=http%3A%2F%2Fwww.t.ks.ua%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1509434565588&amp;bpp=8&amp;fdt=45&amp;idt=345&amp;shv=r20171025&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=728x90%2C300x600&amp;correlator=7409377489602&amp;frm=20&amp;ga_vid=1198844969.1509434563&amp;ga_sid=1509434565&amp;ga_hid=594507657&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=75&amp;ady=3148&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=10583695%2C38893301%2C21061122%2C828064251%2C21061084&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cbr%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=3&amp;dtd=404"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#8 JavaScript::Write (size: 157, repeated: 1) - SHA256: 107ec6d666d435c713c42b515194e92d7442435b46ae086aa8974640894bb12a

                                        < script charset = "windows-1251"
type = "text/javascript"
src = "//code.directadvert.ru/data/180807.js?nnn=180807&div=DIV_DA_180807&t=0.0233263724789978" > < /script>
                                    

#9 JavaScript::Write (size: 146, repeated: 1) - SHA256: c54a20030f3560788b2788f9c2af90ccd870b7034eeda2ef7a905b925c175c20

                                        < script type = "text/javascript"
language = "javascript"
src = "http://c.bigmir.net/?o1&v16917773&s16916894&t0&c1&n389835&w0&m10&y1&d24&r1176" > < /script>
                                    

#10 JavaScript::Write (size: 1073, repeated: 1) - SHA256: 948657d68109e8fd6012a3b7255219e5ccad4dda63b03c06f91800655e7f9b8c

                                        < table cellpadding = "0"
cellspacing = "0"
border = "0"
style = "display:inline;margin-right:4px;" > < tr > < td > < div style = "font-family:Tahoma;font-size:10px;padding:0px;margin:0px;" > < div style = "width:7px;float:left;background:url('http://i.bigmir.net/cnt/samples/default/b57_left.gif');height:17px;padding-top:2px;background-repeat:no-repeat;" > < /div><div style="float:left;background:url('http:/ / i.bigmir.net / cnt / samples /
    default / b57_center.gif ');text-align:left;height:17px;padding-top:2px;background-repeat:repeat-x;"><a href="http://www.bigmir.net/"; target="_blank" style="color:#0000ab;text-decoration:none;">bigmir<span style="color:#ff0000;">)</span>net</a>&nbsp;&nbsp;<span style="color:#71b27e;">E8BK</span>&nbsp;<span style="color:#12351d;font:10px Tahoma;">6445</span>&nbsp;<span style="color:#71b27e;">E>ABK</span>&nbsp;<span style="color:#12351d;font:10px Tahoma;">0</span></div><div style="width:7px;float: left;background:url('
http: //i.bigmir.net/cnt/samples/default/b57_right.gif');height:17px;padding-top:2px;background-repeat:no-repeat;"></div></div></td></tr></table>
                                    


HTTP Transactions (227)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.198.13.114
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 31 Oct 2017 07:22:41 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Location: http://www.t.ks.ua/
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:41 GMT
Content-Length: 351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   351
Md5:    448a907a8e6f543b1627d50a06747662
Sha1:   104757f140256383bf27dd1be9deb5f16fe44698
Sha256: f3059bb28934c7b42b7a535077cc343c352f03c201fc8feb0d3f184cff8db170

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
X-Powered-By: PHP/5.4.28
X-Drupal-Cache: HIT
Etag: "1509434213-0"
Content-Language: ru
Cache-Control: public, max-age=3600
Last-Modified: Tue, 31 Oct 2017 07:16:53 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   101862
Md5:    5ca199a33d2d85567e52b0c32c951177
Sha1:   ff4ead3c390eb09c0261ae3731b947fb431d8f7c
Sha256: 2b70f49917afc09b6490e4f22b070f761c6a6222ff65d372748f5b6be01db8ac

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:10:49 GMT
Etag: "d80529-8a9-55c78c4ad4329"
Accept-Ranges: bytes
Content-Length: 2217
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2217
Md5:    33785a199ae1f6968734504d91ee9a06
Sha1:   f82e3f4afea96f4a89dfaf3389f467488acce16f
Sha256: 19b6b1c8b0ffd1d96b08e55f73d7ab8a26b7f5cce39ae784acf72b50aa92465c
                                        
                                            GET /static/css/informer2/gs_informerClient.min.css HTTP/1.1 
Host: www.gismeteo.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         185.134.202.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 31 Oct 2017 07:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: old=1; Expires=Wed, 31-Oct-18 07:22:41 GMT; Domain=.www.gismeteo.ru; Path=/static/css/informer2/; Secure
Last-Modified: Wed, 14 Dec 2016 11:09:57 GMT
Etag: W/"58512885-2746"
Expires: Tue, 07 Nov 2017 07:22:41 GMT
Cache-Control: max-age=604800
Server: gis
X-DC: nord.gis207
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2188
Md5:    ab10d547256624f9f1f1cb92d293587b
Sha1:   11ca12c9a0b94d67c3590dd3721ea545caf49a34
Sha256: 5a8268f0c2acc958c06c90a04d1b02a6fc4f7bd1987cac2eca44176c42c1d45b
                                        
                                            GET /sites/default/files/favicon_1.ico HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 14 Jul 2013 22:00:00 GMT
Etag: "d6224c-57e-4e17fdd7e9800"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    ab76eb1befabb2c908daba608f511daf
Sha1:   e1cff00c069532c3ed02790c164bd3eb9e5d012d
Sha256: 6dcd58e2922af5d20389654f39c382dbb65da8b4322325aa19286208601733f6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:41 GMT
Etag: "d8052f-19cc-55c78c7cfdc01"
Accept-Ranges: bytes
Content-Length: 6604
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   6604
Md5:    f50ca3ff45e6a988318c447b00c21c4e
Sha1:   0d53e70ebed354234d0cf122dceb6b71dd5d3e6d
Sha256: ab1f676c386238f5c8b642c63d515e2ac6daa6d332ff24ff16fa2674787709c9
                                        
                                            GET /sites/default/files/css/css_T124PwYz2PqhOtWB-2KXncRkcnWvpFV2QDPro1jKr7U.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:40 GMT
Etag: "d8052b-132e-55c78c7c3a319"
Accept-Ranges: bytes
Content-Length: 4910
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   4910
Md5:    52be67c72e861f68b6082915777af3fe
Sha1:   928d022bf0369cb2ab9ea02b78707e12fdb2788a
Sha256: 6348fd72a6a17db4f01ad985239f35b6dddf924e6af1935f29ef78103e5d1a60
                                        
                                            GET /sites/default/files/css/css_D1kNZNAV0VRO4HpuNaBfKt_aTmfuASnJElOwNxyUzVw.css HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:13:11 GMT
Etag: "d805ec-88a-55c78cd239549"
Accept-Ranges: bytes
Content-Length: 2186
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   2186
Md5:    fb1eee88ae9d4b48b27386a18241d899
Sha1:   67f6b60e2ed96c9699df0863d2aca2c0314822d4
Sha256: 114a489c116c8d2456aa025c58d679ab5ec7b70b00689ddabf9e432937004d20
                                        
                                            GET /sites/default/files/js/js_9PoCIpaBdXzAfwjeoO2ibi_TtEs6jMROpVOwk-_WIBw.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:41 GMT
Etag: "d8053b-3036-55c78c7d1ef41"
Accept-Ranges: bytes
Content-Length: 12342
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   12342
Md5:    322073ada821c625a2b58711d76ad25b
Sha1:   d26f0f45b0d2ca95d6ae1be627562f55473c1e13
Sha256: faf11c64ef5623f926563b61fc8b1d0f91c7dd9047581fc3548e3afc2dc40ac5

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/themes/th/img/logotip.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 17 Aug 2013 22:00:00 GMT
Etag: "d60944-271d-4e42bd4195800"
Accept-Ranges: bytes
Content-Length: 10013
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 333 x 120, 8-bit/color RGB, non-interlaced
Size:   10013
Md5:    d1411fbdf9adc4cf7fcc3b8c37f722df
Sha1:   fdbc493d28fa3cf4ed0972e8a824beae76e41032
Sha256: 5c9b8e57919ca9bf4d5a01086816a3d09be502bf96dc7f7f2ada4b4124bcd013
                                        
                                            GET /sites/all/modules/vscc/images/black_arrow_left.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60824-14b-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 331
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 12 x 18, 8-bit/color RGBA, non-interlaced
Size:   331
Md5:    c0348f3a8f4cc0fc9a86dccff27487bf
Sha1:   c71e87aeac5afaac5df358c28fff2a6cc6caf4b2
Sha256: ffcbd92c85ec2c0918bebfb7c7b933cc6ba176d292ad6979441b0a556aa3a159
                                        
                                            GET /sites/default/files/js/js_1AMzlCDQxgGquc8G2iJdT1uuMI0-iSG_YUoWQaJNnf8.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:42 GMT
Etag: "d80562-45d6-55c78c7d6e4c9"
Accept-Ranges: bytes
Content-Length: 17878
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   17878
Md5:    5c5e691c0e04bc3a1a182fb31c9022a5
Sha1:   b8715e82e287e6930fbe69393acc4b223729c0cc
Sha256: e62e11eb92269ab4ae62932ca58a16da734695e98bfceaf97aeb13c4a3737bd7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/modules/vscc/images/black_pause.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60828-af1-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 2801
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 11 x 11, 8-bit/color RGBA, non-interlaced
Size:   2801
Md5:    bc1a8a752061da501668dae73a7b0e36
Sha1:   f14f3bddfa0039888211585875a67c33905ce12f
Sha256: c8cbb1868d0be7d157b07987cf4e819723e3eaae6efee620a0bbb7bb690a6ab3
                                        
                                            GET /sites/default/files/js/js_URfWn4saN9E3ALH5gyoaI9cY8jCUptAbysGUaQcq4g8.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:13:11 GMT
Etag: "d805ee-5456-55c78cd2886e9"
Accept-Ranges: bytes
Content-Length: 21590
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   21590
Md5:    326789707be92c76077f58932f602ac7
Sha1:   45e98132993c53d30d8701c38c5604afe5b4f566
Sha256: a646380167822429028d21e42b27aac39abf9233c5da73b33c195e33a026fe82

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/js/js_BAhqE0nsQns6shJD8cBPNaX58HANh3tzWfxSlYIKGGs.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 20:11:41 GMT
Etag: "d80533-9899-55c78c7d0ed71"
Accept-Ranges: bytes
Content-Length: 39065
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   39065
Md5:    96ae3c9ddc3ca204048b52869c56d2f6
Sha1:   0f30edb386138f7108dda1270bf871bf1da1d127
Sha256: 3fd16f81d83a3b2becaf4b8722ea32c8222ddc5ab732bacba7fd0c644796830d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/modules/vscc/images/black_arrow_right.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60826-14a-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 330
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 12 x 18, 8-bit/color RGBA, non-interlaced
Size:   330
Md5:    c48fbd10e4f79fa601524134f9257db8
Sha1:   a46b5f2bbebaf3396d720ab15c0fbe226b4d6169
Sha256: 2c05625feca447bee046d07a76b09f55c2a960b31348b5da736a0cf8d4b3c883
                                        
                                            GET /js/api/openapi.js?74 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         95.213.11.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:42 GMT
Last-Modified: Wed, 11 Oct 2017 15:15:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"59de359b-15c15"
Expires: Sat, 04 Nov 2017 07:22:42 GMT
Cache-Control: max-age=345600
X-Frontend: front213009
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   26343
Md5:    e197b208a1e785953c0bea8760c1879d
Sha1:   c863a51e61cd502ba86e7c2bf7c6677338eae337
Sha256: 22075aa0e02a9884eea2db4b35a0caa45cdf912dda7f368ff470e52723e06dc4
                                        
                                            GET /sites/default/files/styles/front_slide/public/dsc00762.jpg?itok=FUYwLAVj HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 23 Oct 2017 14:10:11 GMT
Etag: "d9864a-6abf-55c376170ccf2"
Accept-Ranges: bytes
Content-Length: 27327
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   27327
Md5:    9eba8ca6668778fe1d28a03a1d744353
Sha1:   97f71fad22945904ae31c1791765c658d8a33801
Sha256: 7b9bc0e2ce2a5eed4cd7b947310688eb4af057f4ce7469512aaac371ab7e04bf

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_slide/public/1485427801_1373352137_383673927_0.jpg?itok=2_JpbXr7 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 13:55:10 GMT
Etag: "d98725-a6ad-55c73854be5ba"
Accept-Ranges: bytes
Content-Length: 42669
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   42669
Md5:    d63157d18724c14c924cab45a633f03c
Sha1:   db41612191a3833f7af3c25c5884b5d8ef1762c5
Sha256: ec602e769284e315b8b71f3d95f2428e5bb672c2f0b900ab112cc2fe23608578
                                        
                                            GET /sites/default/files/styles/front_slide/public/aa92bafb54ae1692d0c84cf124a47e2a.jpg?itok=Du21n346 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 31 Oct 2017 05:04:53 GMT
Etag: "d987d7-96a6-55cd0b206076b"
Accept-Ranges: bytes
Content-Length: 38566
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   38566
Md5:    918ad3a9ceeada34a90285ef18e1e968
Sha1:   75f7f89cbf70a8fe92d78d4fc227c66c4c2c5694
Sha256: 03d6e41c16d694c88fa264a7436459484b134024d63f48520fea3ad62094d850

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /js/api/openapi.js?71 HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         95.213.11.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:42 GMT
Last-Modified: Wed, 11 Oct 2017 15:15:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"59de359b-15c15"
Expires: Sat, 04 Nov 2017 07:22:42 GMT
Cache-Control: max-age=345600
X-Frontend: front213006
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   26343
Md5:    e197b208a1e785953c0bea8760c1879d
Sha1:   c863a51e61cd502ba86e7c2bf7c6677338eae337
Sha256: 22075aa0e02a9884eea2db4b35a0caa45cdf912dda7f368ff470e52723e06dc4
                                        
                                            GET /img/t.gif HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:42 GMT
Content-Length: 43
Last-Modified: Thu, 10 Feb 2011 13:06:12 GMT
Connection: keep-alive
Etag: "4d53e2c4-2b"
Expires: Wed, 31 Oct 2018 07:22:42 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /js3.php?title=4&wind=2&cities=303027883,303024376,303010679&lang=ru HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
Expires: 0
Cache-Control: must-revalidate, post-check=0, pre-check=0
Pragma: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   640
Md5:    e4abf2f9b68ac45859a1e79a1eadb07d
Sha1:   8d6471ec875bf8a1d994077116df410ccd573ebc
Sha256: 545d2bdb165c996b17a8d4b93f924941d7a17a91fc327e9f2399a208dfa68a8f
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 31 Oct 2017 07:22:42 GMT
Expires: Tue, 31 Oct 2017 07:22:42 GMT
Cache-Control: private, max-age=3600
Etag: 5188841715880737079
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 24587
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   24587
Md5:    8c67cf1d79abdeba10290638ae1ed4f1
Sha1:   38f69c5e5c8eb3dd0e29d45f7fa9f5f56518ddcd
Sha256: 884d821869a0027c62feab00a9f16d4435da03b5615c7fc9a00ba43369b46873
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
If-Modified-Since: Fri, 03 Oct 2014 00:48:42 GMT

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 31 Oct 2017 05:52:07 GMT
Expires: Tue, 31 Oct 2017 07:52:07 GMT
Last-Modified: Fri, 20 Oct 2017 23:46:20 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14635
Cache-Control: public, max-age=7200
Age: 5435


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14635
Md5:    babff30a99e3dcaace32247777578260
Sha1:   6181b85ed6bffce1b3d00d23143ff914246d57c5
Sha256: 2731dd23151f162075a96330ae714823901e764fc7bf92a87168e5371aa4c099
                                        
                                            GET /ru_RU/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 489e36792453033a7f7590e77d762cf6
Etag: "6009a474bbb1dda072d3f4a067974a93"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; preload; includeSubDomains
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
X-XSS-Protection: 0
X-Frame-Options: DENY
Timing-Allow-Origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
Expires: Tue, 31 Oct 2017 07:23:06 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: CYGSbuk8JbfqFGXk7JumaQ==
X-FB-Debug: dOtLj5Jyy/q4g14F4pNGtYrMLbthcJufYXiMhB4RtMx4XLzJQOhA1zHwc2CPyUBNSQIgBvVNL2Si/s1LGZeu3w==
Date: Tue, 31 Oct 2017 07:22:42 GMT
Connection: keep-alive
Content-Length: 62322


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   62322
Md5:    0981926ee93c25b7ea1465e4ec9ba669
Sha1:   2e6422ffd7b40ae1822d6739db4d380f97cc9805
Sha256: 93e6fcf9a95a8532962583abac68f00b2656ba812d9fd9a518df0fcf83c23f91
                                        
                                            GET /sites/default/files/styles/front_slide/public/22528265_721674498029444_7629722480775178628_n.jpg?itok=tf1vPZc- HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 20 Oct 2017 15:31:13 GMT
Etag: "d985bc-9882-55bfc29b2b3c3"
Accept-Ranges: bytes
Content-Length: 39042
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   39042
Md5:    8f786ab693aac568b82beef41f974903
Sha1:   d029eb59b869ff299b03dde6422df0fe2c55e682
Sha256: 6fcf40a2addcc4692f3865d4b000aed7eaf1c9532b3d7c861f6170c2ab2d50aa

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_slide/public/tae3me-bah0.jpg?itok=MG1MEaKq HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 19 Oct 2017 04:26:08 GMT
Etag: "d98549-d009-55bdec155e9f5"
Accept-Ranges: bytes
Content-Length: 53257
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   53257
Md5:    7292e05e25cf9e880f8901c50b71b45f
Sha1:   dc960b0675603cf926d891b864031ce65ecd9eef
Sha256: d845579244e3ca8e29929395cca10b9b1ed20a643a7bca31977badcd21cfe523

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_slide/public/22523752_1791038991194342_794429655_n59e443cb2fe06.jpg?itok=Hk-Isaiz HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 16 Oct 2017 17:40:21 GMT
Etag: "d98486-8f10-55bad80260b5b"
Accept-Ranges: bytes
Content-Length: 36624
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   36624
Md5:    a6b2817f6a9629a523d43dff44de6822
Sha1:   d410f9d9cda4e37746d5b4017c7a117965adcfca
Sha256: 0dece44cb585263c53dd03d5e1e91e6a21c33f589b73cbd1ceab7067f79dea7c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/modules/advpoll/nodejs.js HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 06 Feb 2013 23:00:00 GMT
Etag: "d40d1e-0-4d5164924fc00"
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/373875453_1.jpg?itok=2CiMgy5- HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 03:29:22 GMT
Etag: "d986ee-1d04-55c6ac73a3be4"
Accept-Ranges: bytes
Content-Length: 7428
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   7428
Md5:    914edd012889ea34b1fbf9921ad2ac84
Sha1:   d49c14942b3b7ca0cb0677846f4e118fa3d93ef6
Sha256: 4336c6c631c5b471b8607aef6865a81d9f829f4b66618b535581c7d04fc7eec6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /show.cgi?adp=180807&div=DIV_DA_180807 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm46=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru dadcm3=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMIAKiYvDU8nAg==; expires=Wed, 31-Oct-18 07:22:42 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   659
Md5:    77a29fa0813af5aba3923d69ca5c61e3
Sha1:   86f9f4671f0b88228ed028dceadda3004a80c421
Sha256: 7cc4ca0eb8f79a33b1df8cea7513b672f767389f67a214600c19eac65838a9b2
                                        
                                            GET /show.cgi?adp=180809&div=DIV_DA_180809 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMIBXCYwFElLAg==; expires=Wed, 31-Oct-18 07:22:42 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   656
Md5:    9c7637c7908dca4786c84c1d8100fded
Sha1:   631bdefab6bf2c17344000fa7f723502b9763de1
Sha256: 956d61749297bf6de6fbf18b09259393c23ca031a2273ade9c92c2eb2d9d42b7
                                        
                                            GET /show.cgi?adp=181195&div=DIV_DA_181195 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMIBXCYwFElMAg==; expires=Wed, 31-Oct-18 07:22:42 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   655
Md5:    0140e238757a29449c00c17543229b96
Sha1:   e8d370e4cff353149d162daaaea806e331722d1a
Sha256: c33d7a735865967a1b1785bd28f76b5d7941fc6472bcb814af8230e9ba1b8a12
                                        
                                            GET /sites/default/files/styles/front_left/public/1508936256_1.jpg?itok=WEMZilhX HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Oct 2017 13:19:28 GMT
Etag: "d986ce-1e90-55c5ee7c6500f"
Accept-Ranges: bytes
Content-Length: 7824
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   7824
Md5:    5acddedc7b85688ad456b3b6ebb78cd5
Sha1:   f6134295c9c52fbd45dbb8fe8283256289cc3bb6
Sha256: 27c86b6370f7e8acc0985cc130028537767dcac56c6e9dd4bdc388238b0e14c3

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /show.cgi?adp=181074&div=DIV_DA_181074 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMIB6CYyHG1aAg==; expires=Wed, 31-Oct-18 07:22:42 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   672
Md5:    37b303afe99b95dfa82dce068664e872
Sha1:   e8577d18c09ad42cb261fe8a3092f99f6cb70dcd
Sha256: 05a22423a5631bf872eec5db2c14d4ceed199973229e93ed2e804270d977a1b1
                                        
                                            GET /sites/default/files/styles/front_left/public/tn_202866_12516c54e127.jpg?itok=cXKocNZ6 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Oct 2017 12:10:26 GMT
Etag: "d986c3-1b26-55c5df0e4be80"
Accept-Ranges: bytes
Content-Length: 6950
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   6950
Md5:    47a6a974c19f7e8bdd1d553f4d2520be
Sha1:   48a0e737bf76daa2f666da31be0f605beb66802b
Sha256: c23f723edbfe5cbbc94439808dde00c289fc44ca21a18246a78a5a9e1719af4d
                                        
                                            GET /show.cgi?adp=221528&div=DIV_DA_221528 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm3=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru dadcm46=1; expires=Tue, 07-Nov-2017 07:22:42 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMIAKiYvDU8oAg==; expires=Wed, 31-Oct-18 07:22:42 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   654
Md5:    e3699a8f0a6e0e7b4c8c1e83178b7aaa
Sha1:   5731c29dcd43a7ab60ac50b0f1b2a8c6c63d5bd6
Sha256: 21b5d617eea47b363ab6cadd5e509ae2afb6fb851da1d48e60861c0efdcc8caf
                                        
                                            GET /sites/default/files/styles/front_left/public/0ef5wl5s53i_1.jpg?itok=nwb7pUVd HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Oct 2017 04:18:41 GMT
Etag: "d986ad-179b-55c5759c64b29"
Accept-Ranges: bytes
Content-Length: 6043
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   6043
Md5:    0ad091e9ef9abc37a20c8da2d2136879
Sha1:   d6f3f6496eacf4af90994a6d1b62b8257bcba59e
Sha256: 838e366b8d8003db8c8ae9146a4357480d1b53a3f9c6617679fc141885a56f98
                                        
                                            GET /sites/default/files/styles/front_left/public/1508753238_139295.jpg?itok=8gSPgoF_ HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 23 Oct 2017 14:10:11 GMT
Etag: "d9864b-301f-55c3761725f4a"
Accept-Ranges: bytes
Content-Length: 12319
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   12319
Md5:    2d4c574fc1fcf4bfb10442e9076fe334
Sha1:   bb1ff9485257c4bb430a1fc4039a00a3338675ca
Sha256: 5590fdd0d0551a8ed745334ef03a0b7e0f41e336bb7131e2368b6297500fc246

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/euswi9zhlho.jpg?itok=TpR8d7XP HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 23 Oct 2017 03:50:26 GMT
Etag: "d98616-2631-55c2eb90fc3c4"
Accept-Ranges: bytes
Content-Length: 9777
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   9777
Md5:    8b9aef968b2443590912b5b5f3414b9a
Sha1:   3435c026dbcf9da09e55cf6c89088a62aee8d0d3
Sha256: 25de6f91542c6f1c7f18477b95d3a44bb9cbe19429c26fad24d6825f5e95fb7f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/front_left/public/20102017_41.jpg?itok=6sxIvWA5 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 20 Oct 2017 12:49:21 GMT
Etag: "d985ae-30dc-55bf9e6d62e0c"
Accept-Ranges: bytes
Content-Length: 12508
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   12508
Md5:    b39134b1cd8e8576cd55b8057bb0e7a4
Sha1:   ee99e7e5931b0424fa1a787243ca4889f522f839
Sha256: 6e375d42f68281c1c4fdc313e1daebf71de0bd5ee0439b16e5ed638ecacf20f1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/2015/300x300_10_17.gif HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 06 Oct 2017 08:05:05 GMT
Etag: "de091d-1047c-55adc4c78f9ee"
Accept-Ranges: bytes
Content-Length: 66684
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300
Size:   66684
Md5:    1d851165c921509662fd0a19c951b853
Sha1:   5c7db894e921e236381cc73592826dab686dafab
Sha256: 002ba4210fb98a66b94070c8691ad2d071e8fa6cdc7a33fbcde5d40a7c66e17f
                                        
                                            GET /sites/default/files/2015/5555_0.gif HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 06 Oct 2017 15:41:29 GMT
Etag: "de091e-e694-55ae2acac5c2d"
Accept-Ranges: bytes
Content-Length: 59028
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300
Size:   59028
Md5:    643f59df177a6b82377560fd7b9ffcda
Sha1:   40be3cb88db21bcae33210c82a31cf82102a0622
Sha256: f2b0f6c31cb3f76a9da18fb4317af706f687d4fa185a8a19af0e0f924f0e1766
                                        
                                            GET /sites/default/files/2015/56.gif HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 20 Sep 2017 21:29:06 GMT
Etag: "de08db-88de-559a5aa672ae2"
Accept-Ranges: bytes
Content-Length: 35038
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300
Size:   35038
Md5:    52daebb755e6e0409da3475d04540aaf
Sha1:   6e8437a6cabe5f00a3b02d911d3cc97616388531
Sha256: 3a24fa1cddf6be3b4a746e769e6e27e40c42b5daed6e8809e0206eb0844234da
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/1509180089_1509178823_22855633_1542830722468361_503812583_n.jpg?itok=WDqSLohI HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 28 Oct 2017 15:59:13 GMT
Etag: "d98754-14e6-55c9d7c9a7be1"
Accept-Ranges: bytes
Content-Length: 5350
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5350
Md5:    b25d896fb2c5662596077c671314455d
Sha1:   718546e1a02c026437e4672402804eb077344b2e
Sha256: cf72bf5fc22b9a55015420eddd0697dda3af47c9028038dcd6416efd2e7e25b2
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/650887cfb1a77b3013f51fbafc16861c.jpg?itok=nZrOAmcr HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 28 Oct 2017 16:25:12 GMT
Etag: "d98757-d2b-55c9dd9808319"
Accept-Ranges: bytes
Content-Length: 3371
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   3371
Md5:    017040e1e7dac049d4d191f4d0a1e0ed
Sha1:   24eeec7dad79c2568ef21739de41b12eb7850939
Sha256: 63dc3340f0fa1dabf7a25889a8ce969abbc0ef08557bceaa7aeffba57d30170f
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/01102017_89.jpg?itok=auZz7Q_Q HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 31 Oct 2017 04:55:41 GMT
Etag: "d987ce-f76-55cd0911b87d3"
Accept-Ranges: bytes
Content-Length: 3958
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   3958
Md5:    117264ae45c1da1cb63b8c8b896db9a5
Sha1:   beaa2f22d279c2096421e4b9766ae335ec79a231
Sha256: 11b3f97d7e7d29f1f2c7c8ba3f15789cccd77f29b1b8dac51cc6f26e264e3ff9
                                        
                                            GET /sites/default/files/styles/thumb_170x96/public/3a44cf23807f9edf2a13645085607095.jpg?itok=pHkBl9nZ HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Thu, 26 Oct 2017 03:42:07 GMT
Etag: "d986fb-bbb-55c6af4d50dcc"
Accept-Ranges: bytes
Content-Length: 3003
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   3003
Md5:    18706869124c28deb2d1e6a1397304f6
Sha1:   b1074a9660460946c4eefa1b9f68dbde974aa269
Sha256: 8e3eb2b4223b63a9044de26c006af2f09c602ae72b72a030cc607092145bc5b7
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/y7TixWYEdss.jpg?itok=M9uCnHQl HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 05 Jan 2016 17:19:40 GMT
Etag: "d8e11c-2082-5289971624019"
Accept-Ranges: bytes
Content-Length: 8322
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   8322
Md5:    aee142f473630acba6afc9734fb2cd5b
Sha1:   a31fd95f9db4234387b7df88fb6b9bb90f302d07
Sha256: e9dd606efbc39ffa7acfd913d34ee563b74061c0e219f976e716a333470e04bd

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/GUrkWCzhq-k.jpg?itok=qCr8egjt HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 09 Nov 2015 00:10:15 GMT
Etag: "d8d1c5-13af-524106ae95e61"
Accept-Ranges: bytes
Content-Length: 5039
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5039
Md5:    c877ada99ea20ed999f197dcb11087ff
Sha1:   0081357b86cbdc320d38be22d23ccfe80c275b16
Sha256: 2171dde8facd62ebb45e4102ddea81d1d20cb8dfa364925641c82d2e842f3c6c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/O7xamIEbg2w.jpg?itok=a27RWyF2 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 25 Aug 2015 21:14:34 GMT
Etag: "d8be37-1c24-51e2938862d0d"
Accept-Ranges: bytes
Content-Length: 7204
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   7204
Md5:    0f35cc6511da5ffad1aadb315d370bfa
Sha1:   7d5c16c4c26eeb1dba35037b2d42d88ac627c04f
Sha256: 2ac94e93dcddc561c391b7f0832712a82d62c7ae802036027aee8f086f0068c1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/my_video_thumbnail/public/video_embed_field_thumbnails/youtube/kA3yTM2wwzY.jpg?itok=H_-zGk5a HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 09 Nov 2015 00:06:41 GMT
Etag: "d8d1c4-1730-524105e26fef9"
Accept-Ranges: bytes
Content-Length: 5936
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5936
Md5:    b130fad3a54a0bf4001775eaa14d43cf
Sha1:   c94068aa8caf81f934558a07e3107166d91a18ff
Sha256: 2f9fca8509df0ba4a28606b724fedcfcc6c8a7b4b6fe7170ceb95f259a60ea17

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_439.jpg?itok=SsVAbZZR HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 07 Dec 2016 00:57:12 GMT
Etag: "daa87a-67b-5430700541996"
Accept-Ranges: bytes
Content-Length: 1659
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1659
Md5:    7d4f0deff8cd9875c6559d60cc915222
Sha1:   a0d2a992b6963e5d8a3ad86d959340e46fd9cbf3
Sha256: 8b63238b3e135382da1c033c279c4a8be606b963704b4055d0d4ecf7aba118cc
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_397.jpg?itok=lrCZcDdP HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 10 May 2016 20:09:28 GMT
Etag: "da8deb-676-5328280a030eb"
Accept-Ranges: bytes
Content-Length: 1654
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1654
Md5:    9807bc41e5c5ba78b0aabb65fe5b284c
Sha1:   d0cf521855de1369e9a908fa7fb2a7bdf0e9f20b
Sha256: d1cb70a104b0f0ca1007def3ffb60f993b99e0fd80c394348c3d24c3b67598fc
                                        
                                            GET /sites/default/files/styles/front_left/public/1509101154_22883267_1607701189285896_25822991_n.jpg?itok=l65Wf764 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 27 Oct 2017 12:41:12 GMT
Etag: "d97d10-1e4b-55c869a916fd9"
Accept-Ranges: bytes
Content-Length: 7755
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   7755
Md5:    89db5b9b628dbac1abbaaedf1ff5f245
Sha1:   44a254b9f8f1f7aa91d2f75ec0cc5561fc944503
Sha256: e403118b259852dd482a7e9cb5fd98c1ae8332cf49d9f9ce2053e128c6821ec0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/44_91.jpg?itok=5v3cDyZp HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 29 Apr 2016 01:41:57 GMT
Etag: "da8c4e-68d-53195bf8b8a6d"
Accept-Ranges: bytes
Content-Length: 1677
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1677
Md5:    63b518f4db73bb0a016ac6e7d1d7a315
Sha1:   78a38c31e27947ef58c774075a465e4c0df1b5e3
Sha256: 8a2c43b0490173e30a81e61c67309544ac3b6f56044ad1b591b99f013effadd4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_384.jpg?itok=rHmrgmYp HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 21 Feb 2016 11:43:43 GMT
Etag: "da8397-6be-52c463a6f7c57"
Accept-Ranges: bytes
Content-Length: 1726
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1726
Md5:    c121d48393919b30f6e4e0b99dd8cd3e
Sha1:   852174b31929fcd6f7807415519ed5501bd78e04
Sha256: 6e6804197a3ed7a8529b7d1edce5a9bebaee0b6b54058d09aa4dc20e6cd2b111
                                        
                                            GET /sites/default/files/styles/front_left/public/a75c6a6fed40d3627754db17dc08eca4_l_0.jpg?itok=32SHNmsx HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 27 Oct 2017 12:55:07 GMT
Etag: "d97d36-29f4-55c86cc627d19"
Accept-Ranges: bytes
Content-Length: 10740
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   10740
Md5:    e5ccfb09d02f07d15dd1d13fa33c40b5
Sha1:   7eb7ee3bd33c89fa013b6d7ea9368b81c28b65b9
Sha256: bc50051e1372141bc1a955731e99607ee46576d5bae1d371c4ff36ab8cbf2e5a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_380.jpg?itok=eaYUifhK HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:43 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 30 Jan 2016 15:10:11 GMT
Etag: "da80ec-5f6-52a8e8c4cb91e"
Accept-Ranges: bytes
Content-Length: 1526
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:43 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1526
Md5:    8e35171924dc330b3ca1fb5007cb7682
Sha1:   34b7b24bf0709145810b69b442c6c6138d9110d8
Sha256: 35b3221283722d0a2400fc65d96da4b3ffa9c9a20c4abf88c216cce72d273a6a
                                        
                                            GET /sites/default/files/styles/front_slide/public/1d53af58976f7f8f937e8e43b74b7182_l.jpg?itok=-_5Oei3e HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:42 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 15 Oct 2017 06:28:00 GMT
Etag: "d98440-688b-55b8ffdce5804"
Accept-Ranges: bytes
Content-Length: 26763
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:42 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   26763
Md5:    2c224c45da16bebab79b3c183e2b465d
Sha1:   5ac8961508ba0c5262ed1d5caee50a4e29a96c87
Sha256: 2ddf5365f9e37025dc313508842969832d98ccdfe9d2185d7cf5a88f7f691ecd

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /r/collect?v=1&_v=j65&aip=1&a=594507657&t=pageview&_s=1&dl=http%3A%2F%2Fwww.t.ks.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%81%D0%BE%D0%B1%D1%8B%D1%82%D0%B8%D1%8F%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD%D0%B0%20%7C%20%D0%A2%D0%B8%D0%BF%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%A5%D0%B5%D1%80%D1%81%D0%BE%D0%BD&sd=24-bit&sr=1176x885&vp=1176x754&je=1&fl=10.0%20r45&_u=YEBAAEQAI~&jid=1705160518&gjid=1270231646&cid=1198844969.1509434563&tid=UA-367178-54&_gid=1833445758.1509434563&_r=1&z=1247953681 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 31 Oct 2017 07:22:43 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /show.cgi?adp=181076&div=DIV_DA_181076 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm46=1; expires=Tue, 07-Nov-2017 07:22:43 GMT; path=/; domain=directadvert.ru dadcm3=1; expires=Tue, 07-Nov-2017 07:22:43 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMMBXCYwFEmWAg==; expires=Wed, 31-Oct-18 07:22:43 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   657
Md5:    dffc3e1af310a77d97e82bfcced5cc9a
Sha1:   5a6bf410553bb07e0b44ee7fc14aab32513f6d96
Sha256: 5b4c814c0213f2a15026f2533bf33ed9ee4105a490de550ab477dd3e97b38744
                                        
                                            GET /show.cgi?adp=181068&div=DIV_DA_181068 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: dadcm46=1; expires=Tue, 07-Nov-2017 07:22:43 GMT; path=/; domain=directadvert.ru dadcm3=1; expires=Tue, 07-Nov-2017 07:22:43 GMT; path=/; domain=directadvert.ru nid=1J6kRVn4JMMBXCYwFEmlAg==; expires=Wed, 31-Oct-18 07:22:43 GMT; domain=directadvert.ru; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   658
Md5:    0a2ff9ca7e299ce9ab0aa0ead7944434
Sha1:   98baae1e70b44eca5b923bbf9b5dcecebd4391f9
Sha256: d22b627fb680dcba96fa62270b9a9614971382b2db9f789a46ec6768fe3ff731
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 31 Oct 2017 07:22:44 GMT
Etag: "59f81193-1d7"
Expires: Thu, 02 Nov 2017 07:22:44 GMT
Last-Modified: Tue, 31 Oct 2017 06:00:51 GMT
Server: ECS (arn/4598)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    57a2880d9564a02f0d255880a0ec8f4f
Sha1:   292abaef4d8a505e740183cf3838ede243fcfae4
Sha256: ea5ebcb4ef7a15118c958effda9be0cb306eb9da3db9827809f766094f2eb623
                                        
                                            GET /sites/all/themes/th/img/main-left-shad.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60945-5bf-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1471
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 15 x 130, 8-bit/color RGBA, non-interlaced
Size:   1471
Md5:    6505411acfbc2c3fe1ada0c8acd44d53
Sha1:   a724a45dfd3ae74d66ca5e573104d5d69403ba89
Sha256: b3b26e980e53bf3cf9f39c82499895655be04e1ed6878df061b9ee2798cda6fb
                                        
                                            GET /sites/all/themes/th/img/main-right-shad.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60946-5b6-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1462
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 15 x 130, 8-bit/color RGBA, non-interlaced
Size:   1462
Md5:    68453c65d070bb772ba3c738f8efb0b4
Sha1:   b50e8bba08041a6c60c79518cce3a57143402d84
Sha256: b03a1047c66dc91f3f70763444c4d3f9e1f557a921227973c717fd04a0bd53ca
                                        
                                            GET /sites/all/themes/th/img/probki.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60959-1077-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 4215
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 39 x 38, 8-bit/color RGBA, non-interlaced
Size:   4215
Md5:    7ae2735af7c39ede39f48c0468f91884
Sha1:   0d82fc3b19601f5b426abeedd18c1946176c198b
Sha256: 947ca0f88f43f687ca85ad8d1501106bbe5f57231030860a623426c452cc3345
                                        
                                            GET /sites/all/themes/th/img/face.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d6093f-425-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1061
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 36 x 37, 8-bit/color RGBA, non-interlaced
Size:   1061
Md5:    00d3de0fc43824d0e9720be2b8b49bec
Sha1:   5937ffd81f6bcd2b33a7c4c31831981161e02e40
Sha256: e057baed453831c4bd7defeec717638c716d33d737f8098e6221bcf940fa14a0
                                        
                                            GET /sites/all/themes/th/img/odnoklas.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 29 Dec 2014 10:17:48 GMT
Etag: "d63c59-84c-50b582fadafb9"
Accept-Ranges: bytes
Content-Length: 2124
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 36 x 37, 8-bit/color RGBA, non-interlaced
Size:   2124
Md5:    d83f1191b0c27230c9f1e25ea47ce805
Sha1:   34ed489e84f1d3d568210322fcff25c9022e2428
Sha256: fe14709dc74d872c8d88ba7c50f269bdbf332c5dad3dc1fc42f3d4650b87266f
                                        
                                            GET /sites/all/themes/th/img/vk.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Mon, 29 Dec 2014 10:29:31 GMT
Etag: "d60969-eb5-50b58598f9c39"
Accept-Ranges: bytes
Content-Length: 3765
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 36 x 37, 8-bit/color RGBA, non-interlaced
Size:   3765
Md5:    71e816ff87b90f101486ec8048327bdf
Sha1:   1a592dc6e43c3b81e00779691b3f879439af15ac
Sha256: 27adb05fc944d50891d76cb0dab7fda9d7bcb66ab255d0e8bb256c7b001b58ad
                                        
                                            GET /sites/all/themes/th/img/rssnews.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 17 Aug 2013 22:00:00 GMT
Etag: "d6095c-b32-4e42bd4195800"
Accept-Ranges: bytes
Content-Length: 2866
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 37 x 37, 8-bit/color RGBA, non-interlaced
Size:   2866
Md5:    52131d473b917a6a8b4d5418f64542cc
Sha1:   7e9c146791473694c068f24102bbf8af16f96d05
Sha256: 1c30400c5452045392ba04abfc8e81d6f953d9644931573ea47fdf5ad30208ad
                                        
                                            GET /sites/all/themes/th/img/tochka.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60960-40c-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1036
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 4 x 4, 8-bit/color RGBA, non-interlaced
Size:   1036
Md5:    1c5f555c20c23726fa596fdc0689f819
Sha1:   36aa1bad69abf25c29cc09c1849d0b165e17de5e
Sha256: bf287eb93845fd7f4d5cf252d74b9e1d17e6972d788985fdf07b2abebb24e3a7
                                        
                                            GET /sites/all/themes/th/img/searcsubmit.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d6095d-4f7-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1271
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 29 x 28, 8-bit/color RGB, non-interlaced
Size:   1271
Md5:    2da385f7e28cde768f9c3b74cc75e15f
Sha1:   259e9c2f9df792466bb3d8d410627c3fff610d86
Sha256: b88abf722571d5f7cb117ee6c53c62021e4246e83332294bfb779f0b28af5420
                                        
                                            GET /sites/all/themes/th/img/topmenu-bg.jpg HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60963-6dd-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1757
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   1757
Md5:    a81889ef26fd5386b5f4583b16b51db7
Sha1:   e9288eb9597ef6e300b3d4e99a3d0edd98404704
Sha256: 00f3a02f4c79111cafa881fb62511e5a0e1d680c62dc8a3825ede71db82b74d2
                                        
                                            GET /sites/all/themes/th/img/topmenu-li.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60965-430-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1072
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 1 x 32, 8-bit/color RGBA, non-interlaced
Size:   1072
Md5:    515834eeb7076f16b0019739aec5ad73
Sha1:   8d834f66e334f04c717a1153545ad7e2f486dd62
Sha256: eb1e60c08ba2778150714534c8316aeeb18f854a4d7a7233af4250a35d410aac
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_363.jpg?itok=EAV_tqYx HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Nov 2015 03:08:18 GMT
Etag: "da78b1-5dd-52554c51cb8ac"
Accept-Ranges: bytes
Content-Length: 1501
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1501
Md5:    533fbe4a2ac5429ec20314abcdc021f0
Sha1:   0c09fdc2616df9f1e6887f47f3e1c67ccbb92238
Sha256: 7d91e88491d65ab9564b725289be8b57c6a1b557676fbb16a43fd545d315743e
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/11_345.jpg?itok=ItuSu6o2 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 20 Sep 2015 22:57:56 GMT
Etag: "da6ee7-6bf-52035b215ea2a"
Accept-Ranges: bytes
Content-Length: 1727
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1727
Md5:    f94cdc552fcae558550566dbdbf2afee
Sha1:   ac6d3f3bdaef8a7eafba8db070de45b1b14bda02
Sha256: 431283f5a411ce4c2045eb0b6a3c7ea2f13b38c05db2b7236bf1d7c014d88f55
                                        
                                            GET /sites/default/files/styles/thumb_55x45/public/011_1.jpg?itok=Ma1WPhhR HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 18 Oct 2015 05:49:29 GMT
Etag: "da72ba-662-5225a97a2796a"
Accept-Ranges: bytes
Content-Length: 1634
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1634
Md5:    05b68bc0e30c06fdcaa712899fc2d086
Sha1:   9ea421b22575d3f0c48ba3fae02a8f52d3d0f082
Sha256: d7672a8caa7807739b616d5d617d61be4b201326b612b64926150163380e93b4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 31 Oct 2017 07:22:44 GMT
Etag: "59f7a884-1d7"
Expires: Thu, 02 Nov 2017 07:22:44 GMT
Last-Modified: Mon, 30 Oct 2017 22:32:36 GMT
Server: ECS (arn/45C7)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4ce41ff3d66a5628b6aa6403acc35fa2
Sha1:   3dd471ee82ce46456135ce12f08ea111403c3bc9
Sha256: 3e8b031d4ac4bb8679c8e4a45b7b8722a81bc45cd4e3ad2ae8eeceeb63e98a48
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_439.jpg?itok=41UoVq5G HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 07 Dec 2016 00:57:12 GMT
Etag: "daa87b-3fc8-5430700555dce"
Accept-Ranges: bytes
Content-Length: 16328
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   16328
Md5:    e98b36df9a6b41c55ba5da1a6ab0eda3
Sha1:   365b2212d942b9bebb0ef0dd3d6e3f18d62a2706
Sha256: 12e479e89f0d51df38bf8b853a64f82abc7585f87ad472a17e4d05eade363e35

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_397.jpg?itok=bN6P_0Q7 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 10 May 2016 20:09:28 GMT
Etag: "da8dec-3e86-5328280a0d4fb"
Accept-Ranges: bytes
Content-Length: 16006
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   16006
Md5:    3745fbad7a10dbea17658005f40abd02
Sha1:   1c6d6bfa34e08bc6f6229c41e478110bd1062bca
Sha256: 376db00b6213492fac0d3e34ff7c474865bff42fbba8570064ff309390467142

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_380.jpg?itok=Pqdpuu3d HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 30 Jan 2016 15:10:11 GMT
Etag: "da80ed-2a22-52a8e8c581f16"
Accept-Ranges: bytes
Content-Length: 10786
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   10786
Md5:    166722d70a863108dfe5314bff3a2f9a
Sha1:   7094df10a430017c7eaf384bc80268ffdc95a099
Sha256: c3b9260854b0831bf9eff2f3ac18c1f452dfba5521479fe77e5305e768c54923

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_384.jpg?itok=VFAvPWqG HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 21 Feb 2016 11:43:43 GMT
Etag: "da8396-300c-52c463a6eebcf"
Accept-Ranges: bytes
Content-Length: 12300
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   12300
Md5:    0a8cd933f43ee09be862e080560864d5
Sha1:   3a340777e5d310039e7a3bc15a8fc512149d186e
Sha256: f56310dd7ae9aa7d6f5682c9f6408364542823d22bce884ec3005db1432b876c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/44_91.jpg?itok=f_Z5S3oH HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Fri, 29 Apr 2016 01:41:57 GMT
Etag: "da8c4c-2eb0-53195bf8b3095"
Accept-Ranges: bytes
Content-Length: 11952
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   11952
Md5:    7f4c6dd519854c8a7d2d1d3841c6c845
Sha1:   b5185e63b961de942199b382feac3e4ef038acc8
Sha256: ba508af3e7ed1aa8df99046b3737595f165e13650e75fa053744e50b637daefb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_363.jpg?itok=UheByNC3 HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Wed, 25 Nov 2015 03:08:18 GMT
Etag: "da78b2-283c-52554c51d54ec"
Accept-Ranges: bytes
Content-Length: 10300
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   10300
Md5:    f4e7e55b7ae9aeac986dcb1f3c474194
Sha1:   7e7aaac51d81889558b786324ef8202b3ae0cd72
Sha256: e3a958c2b8646b2e7e9b641c041e0c7937fd3c91bf07f9617b701044819ecc7b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/themes/th/img/footer-logo.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60940-1c26-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 7206
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 217 x 70, 8-bit/color RGBA, non-interlaced
Size:   7206
Md5:    51f4dd092f2980673fd64744b3906d24
Sha1:   09b9a464d63ff9ce9a631bdbc8248d5c0f270aeb
Sha256: b1625e8390ccfdeffcb799b1da43065bae55f34d6eb40fb91d9a1c1e0e828fe7
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/11_345.jpg?itok=zTeCNjNj HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 20 Sep 2015 22:57:56 GMT
Etag: "da6eea-3475-52035b217bb02"
Accept-Ranges: bytes
Content-Length: 13429
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   13429
Md5:    dee39d4c9aaa4800ba55fa292c93e28c
Sha1:   ca151e04d4c58327dc8c5f98be616e25fd6f73ca
Sha256: e838976981dfcc478f3e1f2b9c57cfdc047426d94a2b4a819da5079f5cf8f267

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/themes/th/fonts/ArialNarrowRegular/ArialNarrowRegular.woff HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 30 Dec 2014 22:53:52 GMT
Etag: "dc249f-10888-50b76dd6b215e"
Accept-Ranges: bytes
Content-Length: 67720
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   67720
Md5:    4f778e0e643bc0192e8af66c1f952621
Sha1:   baa8d826d28a9724cff0c12060b6e415ee39d8b2
Sha256: c2bcd72da59138ee5adf1c88652d15550cb50edd12913cdad5e15ae448579a8b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sites/default/files/styles/thumb_268x191/public/011_1.jpg?itok=A6e1k4Al HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sun, 18 Oct 2015 05:49:30 GMT
Etag: "da72bb-3ec3-5225a97a9b112"
Accept-Ranges: bytes
Content-Length: 16067
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:44 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   16067
Md5:    2a74dc26d117b0facea9ffb5d5a97ebb
Sha1:   6cb9eb23aa8cfd5ff526b4071672d2cc4626a68d
Sha256: 00d3a69dc19dd35810d1ebd7ae7190cacedeb7eeddbbf4ba15d963a8d7d5c9a0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Expires: Sat, 04 Nov 2017 07:22:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    b6c072815d97091b23ba322afde51ba1
Sha1:   8ca18f1601694e1d4e2d213dd444b5d9fd829c0d
Sha256: 8cd3720786a8f434eee107fbafbbbb10de6af29a131ff19a1b4a7db68666c4f2
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Expires: Sat, 04 Nov 2017 07:22:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Expires: Sat, 04 Nov 2017 07:22:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    20fe15782e115e72c82d9b18a3425868
Sha1:   baf205e3531dbc645827aabc2b05ec445ec329b4
Sha256: ff28c6e7031d91a0e26a7d966efa866b6862ffe49ac6f012ddc8a4ad14a56f31
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=580650, public, no-transform, must-revalidate
Last-Modified: Tue, 31 Oct 2017 00:39:25 GMT
Expires: Tue, 7 Nov 2017 00:39:25 GMT
Date: Tue, 31 Oct 2017 07:22:44 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fa622bfacb2851892c001e3467da9f7f
Sha1:   c9ac9fdae8a188d96d5ca070e2aeba5b210a7bd1
Sha256: e0b3d12869e2260aa1aab64966373acd4d9d27a29dee3649a0e078ec367a30bd
                                        
                                            GET /impression.php/f1bfcdc17e39526/?api_key=27928787079&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.36
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.facebook.com
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Pragma: no-cache
Vary: Origin, Accept-Encoding
access-control-allow-method: OPTIONS
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Encoding: gzip
X-FB-Debug: Zn9NhWeBEz//YSsuf7dQoLZgKI5ulrrksbePym+qmksqCmilrsH4S9yaKfl3wMNejzTHgldNLRJQujmQVSUExw==
Date: Tue, 31 Oct 2017 07:22:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   57
Md5:    9539fdb766538c525a3e11e03853b8c9
Sha1:   cd658fd453cb9e7af5aede2e9c6050d81c0e2fdc
Sha256: 88882a6963e4a4313761bf5e5be68a015ec125c023fba749a9ec0aca7a9124af
                                        
                                            GET /adsid/integrator.js?domain=www.t.ks.ua HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /adsid/integrator.js?domain=www.t.ks.ua HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 31 Oct 2017 07:22:44 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /pagead/js/r20171025/r20170110/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 31 Oct 2017 07:22:44 GMT
Expires: Tue, 31 Oct 2017 07:22:44 GMT
Cache-Control: private, max-age=1209600
Etag: 3836713063396696250
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67169
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67169
Md5:    4a957c4254b4dbf733ba6bf18a857d09
Sha1:   e6bb159689933aa1e250330055067754bf1a62b5
Sha256: c8a72f7e5689bd2920f3cd7799c3191f131942b3400e27cc21b8915b2be3abdb
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:44 GMT
Expires: Sat, 04 Nov 2017 07:22:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    e9a8857e73a84fca51871e452d9c661d
Sha1:   18a2c5a5d92f038b747820f7e9dcb641b64afd40
Sha256: e173dfe757e73b25dca4da6c1cafa5a12128ff08e9a830eeb883c931d4e6cf6f
                                        
                                            GET /sites/all/themes/th/img/bullets.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:45 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 18 Mar 2014 03:42:00 GMT
Etag: "d60939-11f-4f4d9518b3200"
Accept-Ranges: bytes
Content-Length: 287
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:45 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 11 x 22, 8-bit/color RGBA, non-interlaced
Size:   287
Md5:    5b3fb19576e7c2aa6f22d0a896409ad1
Sha1:   f377ebdcad597e0eea81e0efa12be2ac00753c4f
Sha256: 908a0d9ffee148e5a49f4142c450551a84d833d390054da49bf5d9994fe71edb
                                        
                                            GET /sites/all/themes/th/img/opros-bg.png HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 31 Oct 2017 07:22:45 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d6094b-3f4-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1012
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:45 GMT
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 1 x 1, 8-bit/color RGBA, non-interlaced
Size:   1012
Md5:    31b29f522cc8bcd24fc3b2a53df04189
Sha1:   ce9aaff1d2edc23aeae85254619f6f2c27fe862b
Sha256: 13befa2f33acefd58d15c4dd1762f8122e470a161a3eab28edf6978ee2352f56
                                        
                                            GET /pub-config/r20160913/ca-pub-3410491531423553.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Mon, 30 Oct 2017 20:02:26 GMT
Expires: Tue, 31 Oct 2017 08:02:26 GMT
Last-Modified: Sun, 29 Oct 2017 20:47:01 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 40819
Cache-Control: public, max-age=43200
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /css/informers.css?v=3 HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:45 GMT
Last-Modified: Tue, 16 Sep 2014 12:54:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5418331c-3c0f"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2029
Md5:    e9d0434d93a0fa1cb2d670b94dbd51fb
Sha1:   6ee9341c94843cdf31f0628e2a9403f48852bf75
Sha256: 34508d32021ed73e4095f664eba15db2d58f10d9d4fe4af2f2daf32eaff0a4cb
                                        
                                            GET /sites/all/themes/th/img/bottom-bg.jpg HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1; b=b

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Sat, 13 Jul 2013 22:00:00 GMT
Etag: "d60938-664-4e16bbfa73800"
Accept-Ranges: bytes
Content-Length: 1636
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:46 GMT
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   1636
Md5:    338afdd662eea536b450918c1b1d36a0
Sha1:   1838216e07e8885c1fc5b1ed46643fa67e2dde5c
Sha256: 569dc2c59277c648031d7cc1355b436d6a97002cd7fe809681fa6c09bc23ee5a
                                        
                                            GET /sites/all/themes/th/fonts/ArialNarrowBold/ArialNarrowBold.woff HTTP/1.1 
Host: www.t.ks.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/sites/default/files/css/css_71D_nSUNQjr3LxFCmhxc2zIhoGcecKLALC1rdGCF51M.css
Cookie: has_js=1; _ga=GA1.3.1198844969.1509434563; _gid=GA1.3.1833445758.1509434563; _gat=1

                                         
                                         88.198.13.114
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Tue, 31 Oct 2017 07:22:45 GMT
Server: Apache/2.2.15 (CentOS) DAV/2 PHP/5.4.28 mod_ssl/2.2.15 OpenSSL/1.0.0-fips
Last-Modified: Tue, 30 Dec 2014 22:53:49 GMT
Etag: "dc2341-10624-50b76dd457ca6"
Accept-Ranges: bytes
Content-Length: 67108
Cache-Control: max-age=1209600
Expires: Tue, 14 Nov 2017 07:22:45 GMT
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   67108
Md5:    e5403ddbc708fc3c4bad6b93ff23b5f3
Sha1:   d65b86a0408a0657c0b882fda916d46c737b9cf5
Sha256: ce3f68519605dc553a385f4b5feccce75768e72baa7c3f29a1f1efbec7c32f55

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /informer/inf2?color=blue&rnd=1509434565571 HTTP/1.1 
Host: kurs.com.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         104.20.191.8
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 31 Oct 2017 07:22:45 GMT
Content-Length: 185
Connection: keep-alive
Set-Cookie: __cfduid=d066a2afdac5245a5b3cf5af84f80e99a1509434565; expires=Wed, 31-Oct-18 07:22:45 GMT; path=/; domain=.kurs.com.ua; HttpOnly
Location: https://kurs.com.ua/informer/inf2?color=blue&rnd=1509434565571
Expires: Thu, 30 Nov 2017 07:22:46 GMT
Cache-Control: max-age=2592000
Server: cloudflare-nginx
CF-RAY: 3b64dd73d3fb42af-OSL


--- Additional Info ---
Magic:  HTML document text
Size:   185
Md5:    6e7f8aa3bd099765db3fb3b2084fc77d
Sha1:   0993ec635e68bc34d29f6af4c63c08df0a8a06f4
Sha256: 101948f8635e8dffee80941a9c4d1e34c9beaac9b95920086c79d72c82afbae1
                                        
                                            GET /?o1&v16917773&s16916894&t0&c1&n389835&w0&m10&y1&d24&r1176 HTTP/1.1 
Host: c.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.68.8
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   133
Md5:    42d022693a51cef9703300ad27b0d16b
Sha1:   20c19df06a80d0f044b7c81d033be034e99846c4
Sha256: 673d6be3d47a70d965e6960c66243375f7c1f0c2f98d3ad2f9079470a9313a7b
                                        
                                            GET /img/logo-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 2444
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-98c"
Expires: Wed, 31 Oct 2018 07:22:46 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 93 x 23, 8-bit/color RGBA, non-interlaced
Size:   2444
Md5:    577f2a97826cc211955c5c80b7c17998
Sha1:   7fb4510abd846ff8b2c57006f544d775f8d1a01f
Sha256: 812b13056e0a955622e120865d2231dc2933ca37bb8aac942279cc41ec1d1d27
                                        
                                            GET /img/frc-t1.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 168
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-a8"
Expires: Wed, 31 Oct 2018 07:22:46 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 4, 8-bit/color RGBA, non-interlaced
Size:   168
Md5:    18edee194d93a00d95ab1e697671bfe2
Sha1:   acacc80a65b7cc2003253302a68114c8aad447d1
Sha256: 07531f638ff8480af382b964ee68d940250303fc0651aa31ae0670e43fb434b6
                                        
                                            GET /pagead/js/r20171025/r20170110/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Fri, 27 Oct 2017 01:56:50 GMT
Expires: Fri, 10 Nov 2017 01:56:50 GMT
Etag: 10688965687138498808
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 29919
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 365156
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29919
Md5:    09e5db7a02aa91a4b6df638901022302
Sha1:   16f9f1b4f7afc6bd99c5f50bbc2823675e80eeb4
Sha256: 94ef2febf434a558ba8c524fe256ce444f6c214fe883a3925a646d12561e67f4
                                        
                                            GET /pagead/html/r20171025/r20170110/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 26 Oct 2017 06:38:38 GMT
Expires: Thu, 09 Nov 2017 06:38:38 GMT
Etag: 6418741575122187315
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6881
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 434648
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6881
Md5:    23c17ee6d2d9b616f6e577cfb564510b
Sha1:   9901bde0396b3f544ca06e452d02cf6a55472034
Sha256: 088d427f05b00a47bc7b6baf8888b625cb01001f70349d792720ae991f649008
                                        
                                            GET /img/flc-t1.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 167
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-a7"
Expires: Wed, 31 Oct 2018 07:22:46 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 4, 8-bit/color RGBA, non-interlaced
Size:   167
Md5:    e79184fb5501a6fe9a4ddf041e867a3f
Sha1:   b6b7c6f5b06e72916f846f8189f283b3978a31ac
Sha256: 0ce777967d0e103cfcc1c12282103c3a7502400ad2fe769a866a2e2158956a2f
                                        
                                            GET /img/term-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 454
Last-Modified: Tue, 08 Feb 2011 14:13:40 GMT
Connection: keep-alive
Etag: "4d514f94-1c6"
Expires: Wed, 31 Oct 2018 07:22:46 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 11 x 31, 8-bit colormap, non-interlaced
Size:   454
Md5:    7666b938fe0a65a30e8286c8058c3743
Sha1:   b90cea78a2ee5b019103fa2533043a24d3379913
Sha256: 79d7fe2f02f73e59b3ddd141a186e815624fb6a844196c57081268c2d0758266
                                        
                                            GET /img/hlc-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 181
Last-Modified: Tue, 19 Jul 2011 10:31:38 GMT
Connection: keep-alive
Etag: "4e255d0a-b5"
Expires: Wed, 31 Oct 2018 07:22:46 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 5 x 23, 8-bit/color RGBA, non-interlaced
Size:   181
Md5:    8cfbaf9b79a228a1fd79e023ce43fadd
Sha1:   deeac840fbe37d4602c0166a83e25c8fa008276e
Sha256: c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
                                        
                                            GET /news/js/info.min.js?t=1509434562 HTTP/1.1 
Host: st.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm46=1; dadcm3=1; nid=1J6kRVn4JMMBXCYwFEmlAg==

                                         
                                         212.158.164.72
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:46 GMT
Last-Modified: Thu, 27 Apr 2017 11:02:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"5901cfb6-12c2"
Expires: Tue, 14 Nov 2017 07:22:46 GMT
Cache-Control: max-age=1209600
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2486
Md5:    5ebaa3313a62ac6b129dfab1780b7688
Sha1:   e23a583f722dda6c265edb4f9b1f5d3de69b8c0b
Sha256: 8b01583772a2e66f78ba0db52d735082059a69a324f1e2126ee4802b5da3d042
                                        
                                            GET /hit;All_da_nnn_dn_realty?r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.9731229310356867 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.212.196.105
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.9731229310356867
Content-Length: 32
Expires: Sun, 30 Oct 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1P-2J62MPtfd1P-2J6004MOK; path=/; expires=Tue, 30 Oct 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /hit?t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.0194198490862999 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         88.212.196.105
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit?q;t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.0194198490862999
Content-Length: 32
Expires: Sun, 30 Oct 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1P-2J62MPtfd1P-2J60042aq; path=/; expires=Tue, 30 Oct 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /img/s-informers-t2.png HTTP/1.1 
Host: informers.sinoptik.ua
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://informers.sinoptik.ua/css/informers.css?v=3

                                         
                                         212.42.76.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 36708
Last-Modified: Tue, 08 Feb 2011 14:13:40 GMT
Connection: keep-alive
Etag: "4d514f94-8f64"
Expires: Wed, 31 Oct 2018 07:22:46 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 387 x 324, 8-bit colormap, non-interlaced
Size:   36708
Md5:    e38f8e70a77d7ea204803c4984b5eb52
Sha1:   dfcaff384de0ebd18144bd0210d326da42c064c7
Sha256: 5f8a60a18e784c16174ab8616abd0a28fde829f0abb2362f9a917210b25033c5
                                        
                                            GET /cnt/samples/default/b57_left.gif HTTP/1.1 
Host: i.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.71.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 319
Last-Modified: Tue, 23 Jan 2007 13:14:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Etag: "45b60a33-13f"
Expires: Fri, 03 Nov 2017 07:22:46 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 7 x 17
Size:   319
Md5:    0d4e2c2b81f9bcc55503213e76d663cc
Sha1:   5df71fd127df928d0edffbd424a1b3d8991ae416
Sha256: ebae1af4a0fb8c6db224686c85f213adcaf37212e49c10edd4a722a06266913a
                                        
                                            GET /cnt/samples/default/b57_center.gif HTTP/1.1 
Host: i.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.71.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 146
Last-Modified: Tue, 23 Jan 2007 13:14:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Etag: "45b60a33-92"
Expires: Fri, 03 Nov 2017 07:22:46 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 17
Size:   146
Md5:    df49900d91c7e7e2d62ade83ac459335
Sha1:   e3f9a4da722b4d0399fcf19ae82c4605fdca40d7
Sha256: 91084dabad218b0e62e313c102d801e7fec5d134a770524e46667a7b94db0d4d
                                        
                                            GET /cnt/samples/default/b57_right.gif HTTP/1.1 
Host: i.bigmir.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         193.239.71.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:46 GMT
Content-Length: 314
Last-Modified: Tue, 23 Jan 2007 13:14:27 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Etag: "45b60a33-13a"
Expires: Fri, 03 Nov 2017 07:22:46 GMT
Cache-Control: max-age=259200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 7 x 17
Size:   314
Md5:    c47e826215f5dad5640c6dfc2bd349dd
Sha1:   fe39b2b692b9a25b7de8660c297a5577b90855e8
Sha256: 1c4f8dd4d6014e189cfb9a8c41ddf3f1d1dab4bdd68c872334a63a291a5604ca
                                        
                                            GET /hit;All_da_nnn_dn_realty?q;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.9731229310356867 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: FTID=1P-2J62MPtfd1P-2J6004MOK

                                         
                                         88.212.196.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 43
Expires: Sun, 30 Oct 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=2e642e1CX0Pd1P-2J6004MOU; path=/; expires=Tue, 30 Oct 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    fc94fb0c3ed8a8f909dbc7630a0987ff
Sha1:   56d45f8a17f5078a20af9962c992ca4678450765
Sha256: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
                                        
                                            GET /hit?q;t23.6;r;s1176*885*24;uhttp%3A//www.t.ks.ua/;0.0194198490862999 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: FTID=1P-2J62MPtfd1P-2J60042aq

                                         
                                         88.212.196.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 488
Expires: Sun, 30 Oct 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=2e6I6n1uf99d1P-2J60042b3; path=/; expires=Tue, 30 Oct 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 15
Size:   488
Md5:    8fe0efda1656af54fb56c3311b8f448b
Sha1:   3c452b44030b22c90be2865dfd29e1d15a3ea756
Sha256: abef6a973a0731e884d18e0f4bac39f89ac5dfbe006e2c5faa0bc080ad0a3a83
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 02:23:30 GMT
Expires: Mon, 06 Nov 2017 02:23:30 GMT
Etag: E4773E58BBB4AE91E1814CA82B39A54B1FF1ECE9
Cache-Control: max-age=499843,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp15
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    b09b04283c292077384960f8207cc6cc
Sha1:   e4773e58bbb4ae91e1814ca82b39a54b1ff1ece9
Sha256: e5a6e3b0828b99f2ef27b37cc5ec61ed4ac6acd175c33cc5f69ecc0010b6300e
                                        
                                            GET /data/180807.js?nnn=180807&div=DIV_DA_180807&t=0.0233263724789978 HTTP/1.1 
Host: code.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm46=1; dadcm3=1; nid=1J6kRVn4JMMBXCYwFEmlAg==

                                         
                                         212.158.164.69
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=windows-1251
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: s=7358668:6968677; expires=Tue, 07-Nov-2017 07:22:46 GMT; path=/; domain=directadvert.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3614
Md5:    8b56fbc6587e7820c4c14f33078868fa
Sha1:   d82a174d3246e9822094b681662aeb5a28eb60f7
Sha256: bd26175226bb4ac2744257375391f96b4aaa7b5a47d214e9f95c2f522ee94374
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: Apache
Last-Modified: Sat, 28 Oct 2017 21:42:49 GMT
Expires: Sat, 04 Nov 2017 21:42:49 GMT
Etag: 1B0CA10FC3C3ECF3F0A1E8312380832416CD1886
Cache-Control: max-age=396602,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp15
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    4f2394071559dc5f289b28d6e8096955
Sha1:   1b0ca10fc3c3ecf3f0a1e8312380832416cd1886
Sha256: c005042f01c11a71684a1e85d040a68d5d63559492b8e9b87b405d320def582d
                                        
                                            GET /images/100x100/55/4525255.jpg HTTP/1.1 
Host: img.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm46=1; dadcm3=1; nid=1J6kRVn4JMMBXCYwFEmlAg==; s=7358668:6968677

                                         
                                         195.161.16.136
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:47 GMT
Content-Length: 8542
Last-Modified: Mon, 23 Oct 2017 06:12:02 GMT
Connection: keep-alive
Etag: "59ed8832-215e"
Expires: Thu, 30 Nov 2017 07:22:47 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   8542
Md5:    a36190f90633948ed42e2e2a522e7032
Sha1:   af37adcbc6ffe29ac926545029ccc32c216ab412
Sha256: c57157db2faba5b6168bac822bf46004f1e52aa6fb86aea780c6c3292a99721f
                                        
                                            GET /images/100x100/92/4121292.jpg HTTP/1.1 
Host: img.directadvert.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: dadcm46=1; dadcm3=1; nid=1J6kRVn4JMMBXCYwFEmlAg==; s=7358668:6968677

                                         
                                         195.161.16.136
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.1
Date: Tue, 31 Oct 2017 07:22:47 GMT
Content-Length: 5789
Last-Modified: Tue, 16 May 2017 08:42:01 GMT
Connection: keep-alive
Etag: "591abb59-169d"
Expires: Thu, 30 Nov 2017 07:22:47 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 1728000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   5789
Md5:    06f8774e429e05c3953122515dd2d491
Sha1:   02d662da021d39418fa01f21df962fd4ee4801d9
Sha256: 92c027da043727e8cb0fc9a1546fb1dd8e7f45e26654fdece7c7a4a70c68548a
                                        
                                            GET /rich/1/8/311258818b HTTP/1.1 
Host: thumbs.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.148.30
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:47 GMT
Content-Length: 13737
Last-Modified: Thu, 23 Mar 2017 13:07:17 GMT
Connection: keep-alive
Etag: "58d3c885-35a9"
X-Passed: pf234o
Expires: Tue, 31 Oct 2017 08:22:47 GMT
Cache-Control: max-age=3600
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   13737
Md5:    e3a8a49b8b0d6d6d315f16e955120780
Sha1:   3160899a4ca9369e4b1e53e22f5299140f0081c0
Sha256: f33d37e051dd52736ad923fd9ac8fe6184b0dffb1b8a79e1c5a73c1c71dc2925
                                        
                                            GET /connect/xd_arbiter/r/hsBwMj6iLmk.js?version=42 HTTP/1.1 
Host: staticxx.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Expires: Tue, 30 Oct 2018 22:06:33 GMT
Cache-Control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
public-key-pins-report-only: max-age=600; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="k2v657xBsOVe1PQRwOsHsw3bsGT2VzIqz5K+59sNQws="; pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; includeSubdomains; report-uri="http://reports.fb.com/hpkp/"
X-XSS-Protection: 0
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: i917EOwTSiTPoAt3hxS72OlnAqRik1JSy1jYau3HMDoA98oEn5Tf8Hdc20cVljXpMWuJoG7KCGqp+9jpqUhKGA==
Date: Tue, 31 Oct 2017 07:22:47 GMT
Connection: keep-alive
Content-Length: 14209


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   14209
Md5:    30cca614b9129bb45ab2ef2115bb5998
Sha1:   d3aee60e070dc39233031ca729822ba16b9302ed
Sha256: ac3991be7181b5b4a216948cbd2ff7842a1bc7325b883c728beec9ba698f5b7e
                                        
                                            GET /t/lb156315.js?rt=45672870077 HTTP/1.1 
Host: c.luxup.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         109.248.237.37
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.8.0
Date: Tue, 31 Oct 2017 07:22:47 GMT
Last-Modified: Tue, 31 Oct 2017 07:03:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: W/"59f82036-ea1d"
Expires: Tue, 31 Oct 2017 07:23:47 GMT
Cache-Control: max-age=60
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24386
Md5:    3ede085e1922f52b92aef055a9296bb8
Sha1:   f89ab4be6400a4aefda5256ce78d4a99ccf41923
Sha256: 3f41473fb5dcaa9959464312d3d93adcdcfc836fae528d31336403ae8ab033ea
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:47 GMT
Server: Apache
Last-Modified: Sat, 28 Oct 2017 21:42:49 GMT
Expires: Sat, 04 Nov 2017 21:42:49 GMT
Etag: E9604F0B062218DECA799DB0B90037A612A99983
Cache-Control: max-age=396601,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp1
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    75b2ab10ac59cb1dfa9cc2ee11ca642c
Sha1:   e9604f0b062218deca799db0b90037a612a99983
Sha256: 06180b58340ac76936b5bc5d4dc0246230fe903ad509746f0621c688594c2610
                                        
                                            POST / HTTP/1.1 
Host: gp.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1415
Content-Transfer-Encoding: binary
Cache-Control: max-age=421990, public, no-transform, must-revalidate
Last-Modified: Sun, 29 Oct 2017 04:34:10 GMT
Expires: Sun, 5 Nov 2017 04:34:10 GMT
Date: Tue, 31 Oct 2017 07:22:47 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1415
Md5:    b9decd207d2acf055d2f71fec1a545f2
Sha1:   227939282c2f2429fb9ed234d89cfbdd7c8ab74a
Sha256: def3ddb58cb9bc929710d5aae291e6c1f18061c8f3733120877c9a08cf7663b6
                                        
                                            GET /pagead/ads?client=ca-pub-3410491531423553&output=html&h=90&slotname=5488537826&adk=3230642478&adf=807048394&w=728&lmt=1509434213&loeid=38893311&format=728x90&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1509434564784&bpp=57&fdt=65&idt=341&shv=r20171025&cbv=r20170110&saldr=aa&correlator=7409377489602&frm=20&ga_vid=1198844969.1509434563&ga_sid=1509434565&ga_hid=594507657&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=75&ady=280&biw=1159&bih=754&abxe=1&eid=10583695%2C38893301%2C21061122%2C828064251%2C21061084&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=385 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 31-Oct-2017 07:37:46 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 31 Oct 2017 07:22:46 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   366
Md5:    5cc0e31ff2ab66e2fee7daeaaf9ca991
Sha1:   0a48366d8da94a3f227b850671fb45815738a25c
Sha256: a5fe473b77c4f95926eb947f5a9814447286c56383ad92032efc125bd95f54e6
                                        
                                            GET /pagead/ads?client=ca-pub-3410491531423553&output=html&h=600&slotname=3872203828&adk=4137196353&adf=807048394&w=300&lmt=1509434213&loeid=38893311&format=300x600&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1509434565343&bpp=52&fdt=59&idt=186&shv=r20171025&cbv=r20170110&saldr=aa&prev_fmts=728x90&correlator=7409377489602&frm=20&ga_vid=1198844969.1509434563&ga_sid=1509434565&ga_hid=594507657&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=787&ady=397&biw=1159&bih=754&abxe=1&eid=10583695%2C38893301%2C21061122%2C828064251%2C21061084&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=218 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 31-Oct-2017 07:37:46 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 31 Oct 2017 07:22:46 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   367
Md5:    cb2a4f192478de55808350247cb25392
Sha1:   d02d7c3da202e17e7f0a13664239512982f210a2
Sha256: 487a83bdd0e216e7136e0d38f8dd274ab631d6297617f2ebb1b2d97bfe6440db
                                        
                                            GET /pagead/gen_204?id=resize&scrl=0&adk=4137196353&adf=807048394&fmt=300x600&str=false&ad_y=397.3999938964844&vph=754&r_nh=0&qid=CIyrk_mpmtcCFYyAGQodeKUIww&w=300&h=600.0000305175781&err=1&url=http%3A%2F%2Fwww.t.ks.ua%2F HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 31 Oct 2017 07:22:47 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:47 GMT
Server: Apache
Last-Modified: Mon, 30 Oct 2017 01:44:49 GMT
Expires: Mon, 06 Nov 2017 01:44:49 GMT
Etag: 4FD614B9CD0BFB644E219781092002932C7E7840
Cache-Control: max-age=497521,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp1
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    4d90c618123ab3c9bb2e8b0f2f70c254
Sha1:   4fd614b9cd0bfb644e219781092002932c7e7840
Sha256: 270f9e5145f903eae020ed9340920aec8a66903c98104e54b3932c6a1857f27a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:47 GMT
Server: Apache
Last-Modified: Sat, 28 Oct 2017 21:42:49 GMT
Expires: Sat, 04 Nov 2017 21:42:49 GMT
Etag: EC6CDE88F4102A9E75A6EDCE03EC5709595AA63D
Cache-Control: max-age=396601,public,no-transform,must-revalidate
X-OCSP-Reponder-ID: rmdccaocsp15
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    85c643da63729f8b8fc0336b4d3c0495
Sha1:   ec6cde88f4102a9e75a6edce03ec5709595aa63d
Sha256: 4dace0702e99b55db580d657641fff0aeb3999fa8bbf4f9280d2950fe3a7fa91
                                        
                                            GET /sync2.204?pid=117&anket_id=C224F8592A004F0D HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.148.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:47 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 31 Oct 2017 06:22:47 GMT embryo=4vrJyDu6vDwthjNw4M2g6cr*q52Tz6t0eTzhad1dDfnHmkFdc5w7R38nkDuuOrQKEXZ0O2kVWqfzZpc2YcdnOw*tjMlCfAkqnTMDkimS-1s390F*kTFdc5WnkTW4APeMQrb7gaw5MFXGOqiJ4-Pj-CbAkdYpKCLm40ehx3ffFPQmENtUhfDAYrtzZPo0aKn6r59gYtp2DsT1kd*Z87Fn0jwQH11NfUwTP3ZKmyYxFtQxYgG8O7NMQ9Thp4g9OyYHOkgGmcFkOcw; domain=.rambler.ru; path=/; expires=Sun, 29 Apr 2018 07:22:47 GMT uuts=4vrJyMaLgy-p4ROagQUDCbXC34tE*3US; domain=.rambler.ru; path=/; expires=Sun, 29 Apr 2018 07:22:47 GMT
X-Passed: pf234o
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         72.167.239.239
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:48 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=117990, public, no-transform, must-revalidate
Last-Modified: Tue, 31 Oct 2017 05:52:48 GMT
Expires: Wed, 01 Nov 2017 17:52:48 GMT
Etag: "39d21970a350d7745d21253dee304289bf4c9fc6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1776
Connection: close


--- Additional Info ---
Magic:  data
Size:   1776
Md5:    c7a9d9dae22e557055349a9bf24d507b
Sha1:   39d21970a350d7745d21253dee304289bf4c9fc6
Sha256: f79987b595359409e16186020c5ac97a0d47a9a9e35440bd3ed5458d46c6e5e8
                                        
                                            GET /sync?ssp=yengo&user_id=C224F8592A004F0D HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         104.155.36.133
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 31 Oct 2017 07:22:48 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?ssp=yengo&user_id=C224F8592A004F0D
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=9154b7e4-667e-4b04-b49f-73cca3a7f90f; path=/; expires=Wed, 31-Oct-2018 07:22:48 GMT; domain=.bidswitch.net tuuid_last_update=1509434568; path=/; expires=Wed, 31-Oct-2018 07:22:48 GMT; domain=.bidswitch.net c=1509434568; path=/; expires=Wed, 31-Oct-2018 07:22:48 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /connect/ping?client_id=27928787079&domain=www.t.ks.ua&origin=1&redirect_uri=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df163dd73c3b841a%26domain%3Dwww.t.ks.ua%26origin%3Dhttp%253A%252F%252Fwww.t.ks.ua%252Ff36c5b1d3d9be28%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
X-XSS-Protection: 0
Pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Cache-Control: private, no-cache, no-store, must-revalidate
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: Y5ojhW3k4/pasCvl0zH3WBdNmdLXgHwaFr/O4M8+mtxidXxGDj4FpxuA4cK94enAkpvRu74g6MnOXMfsFW2A+Q==
Date: Tue, 31 Oct 2017 07:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   242
Md5:    5f70ab537c285b4d25db587b98e1394a
Sha1:   0a5d6553eb7a7c99d24a96914446e6323d93319c
Sha256: 49fce7ed7e3af9805bc606245ee8ad760a7856432ef807f2595b407051fc9553
                                        
                                            GET /plugins/like_box.php?app_id=27928787079&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df2939939314f418%26domain%3Dwww.t.ks.ua%26origin%3Dhttp%253A%252F%252Fwww.t.ks.ua%252Ff36c5b1d3d9be28%26relation%3Dparent.parent&container_width=505&header=true&height=248&href=http%3A%2F%2Fwww.facebook.com%2Ftypical.kherson.city&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=494 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Timing-Allow-Origin: *
X-XSS-Protection: 0
Pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Cache-Control: private, no-cache, no-store, must-revalidate
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: WDjJymfcyq/G13NTeDCxntDSea3vM3BYF2wYLXpev24DMv6jDxmZhQCTrRFvfF8o/Cvyk4qOSEPCIIjFE7Tj6g==
Date: Tue, 31 Oct 2017 07:22:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   59103
Md5:    0f149f094100a805df6dc9598c412b33
Sha1:   ef5ac82e5a81bb671827857eece468cec25c083e
Sha256: f882fae03f85ce6053064ca91e6e626f80244748ac52f9c7518d67de9abede89
                                        
                                            GET /ul_cb/sync?ssp=yengo&user_id=C224F8592A004F0D HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/
Cookie: tuuid=9154b7e4-667e-4b04-b49f-73cca3a7f90f; tuuid_last_update=1509434568; c=1509434568

                                         
                                         104.155.36.133
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Tue, 31 Oct 2017 07:22:48 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: //a.company-target.com/bidswitch_match?bidswitch_ssp_id=yengo
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=9154b7e4-667e-4b04-b49f-73cca3a7f90f; path=/; expires=Wed, 31-Oct-2018 07:22:48 GMT; domain=.bidswitch.net tuuid_last_update=1509434568; path=/; expires=Wed, 31-Oct-2018 07:22:48 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3/yu/r/Ct1BAPZi54V.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/plugins/like_box.php?app_id=27928787079&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df2939939314f418%26domain%3Dwww.t.ks.ua%26origin%3Dhttp%253A%252F%252Fwww.t.ks.ua%252Ff36c5b1d3d9be28%26relation%3Dparent.parent&container_width=505&header=true&height=248&href=http%3A%2F%2Fwww.facebook.com%2Ftypical.kherson.city&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=494

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Cache-Control: public,max-age=31536000,immutable
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Timing-Allow-Origin: *
Expires: Tue, 30 Oct 2018 22:06:39 GMT
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: msonj7eS19MmmVBEC1rIKQ==
X-FB-Debug: QK4mSNc/d3+VZaUaDIF/NfVKNGchh06ACQkkIvX1c92w+7QdJphktFSfirtTGwAhXZT+mILo+VpWWpyQdKx5kg==
Date: Tue, 31 Oct 2017 07:22:48 GMT
Connection: keep-alive
Content-Length: 8960


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8960
Md5:    9aca278fb792d7d3269950440b5ac829
Sha1:   ad4a7e76e81e837326b37813af9220a5eb0361a0
Sha256: 77bf243e73f4adc0916a85d83be2d717e3f9cd04039fc08f79434d0969e52f2a
                                        
                                            GET /images/upload.gif HTTP/1.1 
Host: vk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         95.213.11.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:48 GMT
Content-Length: 230
Last-Modified: Sat, 07 Jan 2017 23:21:10 GMT
Connection: keep-alive
Etag: "587177e6-e6"
Expires: Tue, 07 Nov 2017 07:22:48 GMT
Cache-Control: max-age=604800
Strict-Transport-Security: max-age=0
X-Frontend: front213009
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 8
Size:   230
Md5:    59cd625f8c2ce03663123d59416378a1
Sha1:   b8d103133aadcdbe532e5642ddce9159b7385e4e
Sha256: 0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
                                        
                                            GET /pagead/ads?client=ca-pub-3410491531423553&output=html&h=120&slotname=9081132626&adk=3817973285&adf=807048394&w=980&lmt=1509434213&loeid=38893311&format=980x120&url=http%3A%2F%2Fwww.t.ks.ua%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1509434565588&bpp=8&fdt=45&idt=345&shv=r20171025&cbv=r20170110&saldr=aa&prev_fmts=728x90%2C300x600&correlator=7409377489602&frm=20&ga_vid=1198844969.1509434563&ga_sid=1509434565&ga_hid=594507657&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=75&ady=3148&biw=1159&bih=754&abxe=1&eid=10583695%2C38893301%2C21061122%2C828064251%2C21061084&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&dtd=404 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 31 Oct 2017 07:22:46 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 31-Oct-2017 07:37:46 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 31 Oct 2017 07:22:46 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   367
Md5:    dcbb113b642df652b299ec568b40e1b8
Sha1:   0501805ce2492a95c720587d7190819f53232f53
Sha256: 78ac1664aa8aa408a8453933a8c6a2e4f7f0e7aff4826afb384dfd31eca0ffc7
                                        
                                            GET /rsrc.php/v3/yI/r/MhvLUJY-wNI.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/plugins/like_box.php?app_id=27928787079&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df2939939314f418%26domain%3Dwww.t.ks.ua%26origin%3Dhttp%253A%252F%252Fwww.t.ks.ua%252Ff36c5b1d3d9be28%26relation%3Dparent.parent&container_width=505&header=true&height=248&href=http%3A%2F%2Fwww.facebook.com%2Ftypical.kherson.city&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=494

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Timing-Allow-Origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Cache-Control: public,max-age=31536000,immutable
Expires: Wed, 31 Oct 2018 05:25:28 GMT
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: u732cdI8O3j/89c2ELTv5w==
X-FB-Debug: bfPB/G6eKUE9RT7JRxkXzKDvVKy3g3MYTyA/HkVQozb4WHdVprkccHW7AGWtFIvFhp7WvfnBQmGMkwBw0BG8Fw==
Date: Tue, 31 Oct 2017 07:22:48 GMT
Connection: keep-alive
Content-Length: 83604


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   83604
Md5:    bbbdf671d23c3b78fff3d73610b4efe7
Sha1:   df1eb6cb55ec6898a4481d965ff5c185ea838bdf
Sha256: 114d9f070fca8d239ac2837d0423191a4bb1fa8ecbe5a2714de511bd36ca6699
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 108
Content-Type: application/ocsp-request

                                         
                                         72.167.239.239
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 31 Oct 2017 07:22:49 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=122584, public, no-transform, must-revalidate
Last-Modified: Tue, 31 Oct 2017 07:13:25 GMT
Expires: Wed, 01 Nov 2017 19:13:25 GMT
Etag: "ab0bf2fd36f1b200613064abbee6d93c63393dfc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1777
Connection: close


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    2123849745b1b4585951d4c68132ff1d
Sha1:   ab0bf2fd36f1b200613064abbee6d93c63393dfc
Sha256: d7943ca0f94f1ca2db49fba67fdcfaf976dbb57aa33916dab55560de1ed7fe91
                                        
                                            GET /sync2.204?pid=117&anket_id=C224F859E8016D1C HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.148.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 31 Oct 2017 06:22:49 GMT embryo=4vrJyENtI6GwG67tfVA9dH9*qgS7t2iRnNkEjDi46ByThsUuSyWWlWJQ9tx4HKvt9pGT3I7yvUBrt*VuYbUkEyeFpOFqVCEC24*z-eDSf-6SUuTbNJT41vizV61Cxyoy-AhFPxKHjut4hBY3XU1dQph*L2iXlpxYXfkfeclhqkp9vb-rSA0oD1ITTbCYfx0JXGyTkSmF-Tfdts0rDaj0zCIOAUNTY1INIWhUhTgvCMovfB*iJa1SXcdmoUyB4axJzSK2oEyHhJU; domain=.rambler.ru; path=/; expires=Sun, 29 Apr 2018 07:22:49 GMT uuts=4vrJyMGhEVqclGbv9HB2fOdSsK*Rerf1; domain=.rambler.ru; path=/; expires=Sun, 29 Apr 2018 07:22:49 GMT
X-Passed: pf234o
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3/yJ/r/QkepTOr90P7.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/plugins/like_box.php?app_id=27928787079&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df2939939314f418%26domain%3Dwww.t.ks.ua%26origin%3Dhttp%253A%252F%252Fwww.t.ks.ua%252Ff36c5b1d3d9be28%26relation%3Dparent.parent&container_width=505&header=true&height=248&href=http%3A%2F%2Fwww.facebook.com%2Ftypical.kherson.city&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=494

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Timing-Allow-Origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Cache-Control: public,max-age=31536000,immutable
Expires: Tue, 30 Oct 2018 21:16:03 GMT
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: CyTHNMy+O7S67NfoT9GSwA==
X-FB-Debug: dwwLBnVGWaycJrnWa2dQNChK8pZ6lIscEx6/iSAVi17TcFT18TQ/osqKWfZ62Pijp0rp0alDpTXd52gBZSTn/w==
Date: Tue, 31 Oct 2017 07:22:49 GMT
Connection: keep-alive
Content-Length: 24352


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24352
Md5:    0b24c734ccbe3bb4baecd7e84fd192c0
Sha1:   28cc06fb4ea79a7d40b336ba68003da12f508503
Sha256: 131fcd4adb3b63f8799e45ba84d02808032ac1d66fbf04ced644d23e674c006a
                                        
                                            GET /connect/xd_arbiter/r/hsBwMj6iLmk.js?version=42 HTTP/1.1 
Host: staticxx.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Expires: Tue, 30 Oct 2018 22:06:33 GMT
Cache-Control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
public-key-pins-report-only: max-age=600; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="k2v657xBsOVe1PQRwOsHsw3bsGT2VzIqz5K+59sNQws="; pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; includeSubdomains; report-uri="http://reports.fb.com/hpkp/"
X-XSS-Protection: 0
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: i917EOwTSiTPoAt3hxS72OlnAqRik1JSy1jYau3HMDoA98oEn5Tf8Hdc20cVljXpMWuJoG7KCGqp+9jpqUhKGA==
Date: Tue, 31 Oct 2017 07:22:48 GMT
Connection: keep-alive
Content-Length: 14209


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   14209
Md5:    30cca614b9129bb45ab2ef2115bb5998
Sha1:   d3aee60e070dc39233031ca729822ba16b9302ed
Sha256: ac3991be7181b5b4a216948cbd2ff7842a1bc7325b883c728beec9ba698f5b7e
                                        
                                            GET /rsrc.php/v3/yy/l/0,cross/YEFRU12WhKa.css HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/plugins/like_box.php?app_id=27928787079&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FhsBwMj6iLmk.js%3Fversion%3D42%23cb%3Df2939939314f418%26domain%3Dwww.t.ks.ua%26origin%3Dhttp%253A%252F%252Fwww.t.ks.ua%252Ff36c5b1d3d9be28%26relation%3Dparent.parent&container_width=505&header=true&height=248&href=http%3A%2F%2Fwww.facebook.com%2Ftypical.kherson.city&locale=ru_RU&sdk=joey&show_faces=true&stream=false&width=494

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Cache-Control: public,max-age=31536000,immutable
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Timing-Allow-Origin: *
Expires: Sat, 27 Oct 2018 03:19:03 GMT
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: vzy5KL8gt5wKOqxLp/RTJg==
X-FB-Debug: YvqZmxFTJfXcdd6wQYQ9dhOClsS/D/LAVrX8K+0VktiSjRjltQF/mAQFnX+XBphfvw8rp3s+9CZ+nzkTRQD/XQ==
Date: Tue, 31 Oct 2017 07:22:49 GMT
Connection: keep-alive
Content-Length: 8130


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8130
Md5:    bf3cb928bf20b79c0a3aac4ba7f45326
Sha1:   c87aba9307b720ed9e09f4b95bebb4ba5bb05282
Sha256: bcb70da430f2851349d30bb62d3914b066287fc8f1cd7cbb13bd536fb2d3d4af
                                        
                                            GET /sync2.204?pid=117&anket_id=C324F8595C014914 HTTP/1.1 
Host: profile.ssp.rambler.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         91.192.148.30
HTTP/1.1 204 Http No Content
Content-Type: application/x-javascript; charset=Windows-1251
                                        
Server: nginx
Date: Tue, 31 Oct 2017 07:22:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: ruid=; domain=.rambler.ru; path=/; expires=Tue, 31 Oct 2017 06:22:49 GMT embryo=4vrJyD-Ml6CxGq-sfFE8dX5-qwW6tmmQndgFjTm56R276H9nsDCw7uZqQQRQOGCEn-j6teeb1CkC3owHCNxNek7szYgDPUhrsubalIm7Fpf7O42yXf2Rv-Fau-xMCNy7dYHMtpsOB2LxDZ**1MTUyxH3puEeHxXRw-2TQPoz9497InOLQ27dblVTdAa1URMUQXGOjDSY4CqS-SUG1CywgW9DTA4eLh9AbCUZyHViRYeZJN9kbQbOEKuM*4lgPAuk4a0*Ri6OEGU; domain=.rambler.ru; path=/; expires=Sun, 29 Apr 2018 07:22:49 GMT uuts=4vrJyMGhEVqclGbv9HB2fOdSsK*Rerf1; domain=.rambler.ru; path=/; expires=Sun, 29 Apr 2018 07:22:49 GMT
X-Passed: pf234o
Strict-Transport-Security: max-age=0
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"


--- Additional Info ---
                                        
                                            GET /bidswitch_match?bidswitch_ssp_id=yengo HTTP/1.1 
Host: a.company-target.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.t.ks.ua/

                                         
                                         35.190.24.107
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Tue, 31 Oct 2017 07:22:49 GMT
Location: https://a.company-target.com/ul_cb/bidswitch_match?bidswitch_ssp_id=yengo
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=662c6da4-17ca-4543-92a5-09082da26028; path=/; expires=Thu, 31-Oct-2019 07:22:49 GMT; domain=.company-target.com tuuid_last_update=1509434569; path=/; expires=Thu, 31-Oct-2019 07:22:49 GMT; domain=.company-target.com
Via: 1.1 google
Alt-Svc: clear


--- Additional Info ---
                                        
                                            GET /sync?ssp=yengo&user_id=C324F8595C014914 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate