r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2710
Expires: Tue, 31 Jan 2023 11:30:59 GMT
Date: Tue, 31 Jan 2023 10:45:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2328
Expires: Tue, 31 Jan 2023 11:24:37 GMT
Date: Tue, 31 Jan 2023 10:45:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 10:43:17 GMT
content-type: application/json
age: 152
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10897
Expires: Tue, 31 Jan 2023 13:47:26 GMT
Date: Tue, 31 Jan 2023 10:45:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o8uSRx/yrka+Kc8w/OunGnjIuUhSLbwhr4vnupUwFEimBf4ctoDgJeEHxliwC5CfqSVIxolaTt4=
x-amz-request-id: AQ4BHEN7756RN1NY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 09:51:07 GMT
age: 3283
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.fond-astana.ru/author/admin/
200 OK 35 kB URL HTTP/1.1 www.fond-astana.ru/author/admin/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (641), with CRLF, LF line terminators
Hash 0911b4c5ae15c00c6ebabab4643f236b
9de2ac6289ab131b30b714872558798fe9f48f39
1585cbff5dc648f4746de84ee4af7759ed665106fc5f1915aabf59e46bad53d1
Analyzer Verdict Alert fortinet Malware
GET /author/admin/ HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Vary: Cookie
X-Pingback: http://www.fond-astana.ru/xmlrpc.php
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 10:45:50 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.fond-astana.ru/wp-content/themes/ColdStone/style.css
200 OK 25 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/style.css
IP
File type assembler source, ASCII text, with CRLF line terminators
Hash 198a532dc55c277d9825a9a754064fb3
628ad77e249baa4924c753dfbe93cf39b415d653
c52ba506f4f4ed2a5d258ef898289f2ee04f60f1d716c4f545cbd2a028240dc7
GET /wp-content/themes/ColdStone/style.css HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: text/css
Content-Length: 24843
Connection: keep-alive
Last-Modified: Sat, 18 Sep 2010 20:29:22 GMT
ETag: "4c952122-610b"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/nextgen-gallery/css/Black_Minimalism.css?ver=1.0.0
200 OK 5.4 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/nextgen-gallery/css/Black_Minimalism.css?ver=1.0.0
IP
File type ASCII text, with CRLF line terminators
Hash 9832b4545a7a20d53a52986ad1019f38
5b1cae3e3fbf7538ec9e242fb477265129a72fee
dcf335639ac8ed0fe02b2afd5b924065c2ec2e8d0f07bb2eec854d7d22712e7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nextgen-gallery/css/Black_Minimalism.css?ver=1.0.0 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: text/css
Content-Length: 5381
Connection: keep-alive
Last-Modified: Sun, 22 Mar 2009 22:14:51 GMT
ETag: "49c6b85b-1505"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/shutter-reloaded.css?ver=2.2
200 OK 2.4 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/shutter-reloaded.css?ver=2.2
IP
Hash b0f466f8a2250aebaa3853ca7c368daf
ff89fea60e269cc7a13e6a64722bbe764cd0300e
9194a627845b688658ecbea859ebb5f3add550e33195853b1b9e0becf2fffd60
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/shutter-reloaded/shutter-reloaded.css?ver=2.2 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: text/css
Content-Length: 2416
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:34:55 GMT
ETag: "49aaff7f-970"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/shutter-reloaded.js?ver=2.2
200 OK 10 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/shutter-reloaded.js?ver=2.2
IP
File type HTML document, ASCII text
Hash a2a07d88ac66f4b397c6646f48b1beef
b8083e92542e6fcecb5b33a9c9af53a2c86d5bd9
41ffd27c2dd50a1a4a92c090759eed3b757ba8a2a2270704fcb036fe79d49e91
GET /wp-content/plugins/shutter-reloaded/shutter-reloaded.js?ver=2.2 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: application/javascript
Content-Length: 10398
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:34:55 GMT
ETag: "49aaff7f-289e"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/inc/visionary.js
200 OK 2.8 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/inc/visionary.js
IP
File type ASCII text, with CRLF line terminators
Hash c8f1217a790cc868704b5f7e38f3b3db
5df892332325633f914efed769af09ca630107ab
a98649834709532a4d4d9287654946f701dc3ac07f8cb150927a4d5e0259e3fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ColdStone/inc/visionary.js HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: application/javascript
Content-Length: 2848
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:24 GMT
ETag: "49ab0104-b20"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/inc/superfish.js
200 OK 3.8 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/inc/superfish.js
IP
File type ASCII text, with CRLF line terminators
Hash 52c5e5b4f3f12ba2ac5fba98dc256f00
2b5d8fcc70c374bd9fd959585333442460f98c38
4502845d5f99ee020a4c57ab24e7a882402d26caf02179821b6caaa3e6978819
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ColdStone/inc/superfish.js HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: application/javascript
Content-Length: 3827
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:23 GMT
ETag: "49ab0103-ef3"
Accept-Ranges: bytes
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 37 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP
File type ASCII text, with very long lines (4137)
Hash 889569306baceff78d4f23ebe7ed75d8
b8bf3167aaf666deab282d1ea134e3e98c39e03d
608edc9611f3923d8d381222c4c9443670cc9323e5470dadc8251c1ad95757a3
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Tue, 31 Jan 2023 10:45:50 GMT
Expires: Tue, 31 Jan 2023 10:45:50 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 15041163492897703819
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36709
X-XSS-Protection: 0
www.fond-astana.ru/wp-content/themes/ColdStone/inc/jquery-1.2.6.min.js
200 OK 56 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/inc/jquery-1.2.6.min.js
IP
File type ASCII text, with very long lines (12391)
Hash a9331828c517ac5d97f93b3cfdbcc9bc
1be9c3684054001f53fa7ff6d85ec3cb573a9cd2
d548530775a6286f49ba66e0715876b4ec5985966b0291c21568fecfc4178e8d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ColdStone/inc/jquery-1.2.6.min.js HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: application/javascript
Content-Length: 55774
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:23 GMT
ETag: "49ab0103-d9de"
Accept-Ranges: bytes
counter.rambler.ru/top100.jcn?1629355
307 Temporary Redirect 171 B URL HTTP/1.1 counter.rambler.ru/top100.jcn?1629355
IP
ASN #24638 Rambler Internet Holding LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dd35c5be446e8b57583fcd73a23c529c
d29afc0f3c58349452d60d01e2877bab336c22dd
3a04f06f1f4e502d8b5f53f01acd3c7c6c0a1dad68b77525780b917164608a0f
GET /top100.jcn?1629355 HTTP/1.1
Host: counter.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.4
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: text/html
Content-Length: 171
Connection: keep-alive
Location: https://counter.rambler.ru/top100.jcn?1629355
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Credentials: true
Set-Cookie: proto_uid=1CIAAF7x2GORQYETAalCcwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
www.fond-astana.ru/wp-content/themes/ColdStone/img/logo.png
200 OK 8.2 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/logo.png
IP
File type PNG image data, 270 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 061c179e782f41816a41bbcde9a42599
25879458796bff9463ab1b7cecf2a007ea5a1944
a49331790db57a4fabee8f4dda4c920265beca01977043d3eda7d402c445e82c
GET /wp-content/themes/ColdStone/img/logo.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 8226
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:06 GMT
ETag: "49ab00f2-2022"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/berkut.gif
200 OK 19 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/berkut.gif
IP
File type GIF image data, version 89a, 248 x 124\012- data
Hash 39ee3d92c6f1e8f9cbd483e1d70329aa
a79eb5a233966aaf503ce683d6b8e2d3df4006c5
508894c865f33b30e3fdc6df9e018b0dbb44bfbced522cbd2e4c3cf4f45e7952
GET /wp-content/themes/ColdStone/img/berkut.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 19287
Connection: keep-alive
Last-Modified: Fri, 10 Jul 2009 15:52:40 GMT
ETag: "4a5763c8-4b57"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/09/670l1.jpg&h=62&w=62&zc=1&q=100
200 OK 2.2 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/09/670l1.jpg&h=62&w=62&zc=1&q=100
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 62x62, components 3\012- data
Hash 63343dd0a3c40fb076f2050d72d4844a
732f6d0559a12b7748dd5b52dcca8bdb6b2eb1a2
3f1f759a104435b7e1687ac4d3cd7ed660833cced53c8643b27ee37833cffa2f
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/09/670l1.jpg&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 2192
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Tue, 22 Sep 2009 10:05:28 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: 14ea0d5b0cf49525d1866cb1e95ada5d
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/160_tran.jpg&h=62&w=62&zc=1&q=100
200 OK 2.1 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/160_tran.jpg&h=62&w=62&zc=1&q=100
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 62x62, components 3\012- data
Hash 2f60556109a3e3083a64c40f2f5fbf77
c0736dd6812e6be29f4a23ba698b7bf00f3e8e9c
0436f28355547ddee8650c461b288c9ede02b1d22a294094bb601a4a93b37656
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/160_tran.jpg&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 2141
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Sat, 03 Oct 2009 13:18:07 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: 5d6646aad9bcc0be55b2c82f69750387
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2010/01/id0bcd0bed0bdd183d0bcd0b5d0bdd182.jpg&h=62&w=62&zc=1&q=100
200 OK 1.7 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2010/01/id0bcd0bed0bdd183d0bcd0b5d0bdd182.jpg&h=62&w=62&zc=1&q=100
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 62x62, components 3\012- data
Hash eadaebfaabde825b9eb3c0e225c326b9
f75e6c59f435fa3f52cd28b6b64046c6fba333a3
a74ec3871c923a104dbb3136df0b6a3ba7e56febc9f1570b3d260585b03df580
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2010/01/id0bcd0bed0bdd183d0bcd0b5d0bdd182.jpg&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 1669
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Sun, 03 Jan 2010 22:18:47 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: cdf1035c34ec380218a8cc9a43d438f9
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/link_4.gif&h=62&w=62&zc=1&q=100
200 OK 2.8 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/link_4.gif&h=62&w=62&zc=1&q=100
IP
File type GIF image data, version 87a, 62 x 62\012- data
Hash faf0b17a9051810bdf0351cde236cbca
8788b80b08cef07c1b3c07738e67510aa5f8a4bd
00140974ce68d6afe6d3c1019e4f07dca534d11e336830d898f01d544d825b18
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/link_4.gif&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 2844
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Mon, 19 Oct 2009 14:26:20 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: 6f1d0705c91c2145201df18a1a0c7345
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/6d7cc34d9b31bcdfaf21d4c76f59f4e3.jpg&h=62&w=62&zc=1&q=100
200 OK 2.2 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/6d7cc34d9b31bcdfaf21d4c76f59f4e3.jpg&h=62&w=62&zc=1&q=100
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 62x62, components 3\012- data
Hash ba0a12183379768e7b9296ecdc8f7eba
52bfcf31c1b32afc5e17dbd69c42c17959475095
40bef3fa798ffdbb8acec9767a11f6ffc03772cd2cb05df1f7a9a72508787cea
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/6d7cc34d9b31bcdfaf21d4c76f59f4e3.jpg&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 2173
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Sat, 03 Oct 2009 13:30:38 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: 7bc1ec1d9c3426357e69acd5bf320061
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/22729.jpg&h=62&w=62&zc=1&q=100
200 OK 1.3 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/22729.jpg&h=62&w=62&zc=1&q=100
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 62x62, components 3\012- data
Hash 99e601f33319fbc0e30c0880ad1c7364
50182b13a89f70b8268b048e2c05af8e81216869
7d783304cb70eb7840414b9d71abe97a6f4c4f0f79021e55f354977efd4b21a8
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/22729.jpg&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 1349
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Sat, 17 Oct 2009 09:28:53 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: bcc0d400288793e8bdcd7c19a8ac0c2b
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/l0ca0c827rcar3kyrucarm64jqcaqfcjdzcaitnch7can7p3hgcakcu0wsca612hawca9tzt7acaq0ckydca6se511cainzzilcabq632rcakwlv9icaxx8luscamjxrkscamkimaccaa31mhgcar2hojb.jpg&h=62&w=62&zc=1&q=100
200 OK 1.4 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/l0ca0c827rcar3kyrucarm64jqcaqfcjdzcaitnch7can7p3hgcakcu0wsca612hawca9tzt7acaq0ckydca6se511cainzzilcabq632rcakwlv9icaxx8luscamjxrkscamkimaccaa31mhgcar2hojb.jpg&h=62&w=62&zc=1&q=100
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 62x62, components 3\012- data
Hash 6eed7b0bc2d6cdd02da1c3cfc9893ead
decc3789b7fcd69a334c51e835b39f54fdacfa32
679d0d8a998316c695b74e28baeec4ed1366199cb9c5fd23511b6ee3b5e223b1
GET /wp-content/themes/ColdStone/timthumb.php?src=http://www.fond-astana.ru/wp-content/uploads/2009/10/l0ca0c827rcar3kyrucarm64jqcaqfcjdzcaitnch7can7p3hgcakcu0wsca612hawca9tzt7acaq0ckydca6se511cainzzilcabq632rcakwlv9icaxx8luscamjxrkscamkimaccaa31mhgcar2hojb.jpg&h=62&w=62&zc=1&q=100 HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 1407
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Accept-Ranges: bytes
Last-Modified: Thu, 08 Oct 2009 16:11:23 GMT
Cache-Control: max-age=9999, must-revalidate
Etag: 46771d1f432b42343f56f791422a4991
Expires: Tue, 31 Jan 2023 13:32:29GMT
www.fond-astana.ru/wp-content/themes/ColdStone/img/bg.jpg
200 OK 11 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/bg.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2009:02:23 20:48:22], progressive, precision 8, 3x718, components 3\012- data
Hash 6b864e509ebc3c81dcf2a75bf0a3e9ae
26fdbe43a36150ee78a3a8a553d7d9f0dd0664ea
a0082358d9df063bd2ed186ea416c54e83804fe23a795a51e3e8314c66777bc2
GET /wp-content/themes/ColdStone/img/bg.jpg HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/jpeg
Content-Length: 11393
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:40:53 GMT
ETag: "49ab00e5-2c81"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/search-button.gif
200 OK 424 B URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/search-button.gif
IP
File type GIF image data, version 89a, 32 x 32\012- data
Hash dcc8e50b0498dade4648baf3535b9ee6
900fc33dd91d52b0f46a1f261f5ee28bbbf1a351
3bd58ee30dc8b1b04c17989452798b9bc20f00069ccd4e72dbe3a5ca0727231d
GET /wp-content/themes/ColdStone/img/search-button.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 424
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:08 GMT
ETag: "49ab00f4-1a8"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/tnav_l-tr.png
200 OK 3.0 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/tnav_l-tr.png
IP
File type PNG image data, 6 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ed8fdd75b1f2a53ec5dc5d95c0322af
56c100882f09283cb064eb7a56fbf43b380399cb
89d46ffd2ce47eedb901bc5a8c2c671c7ffa2a4f8a0ba9162305018bf10d8849
GET /wp-content/themes/ColdStone/img/tnav_l-tr.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 3044
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:13 GMT
ETag: "49ab00f9-be4"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/tnavbg.png
200 OK 2.9 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/tnavbg.png
IP
File type PNG image data, 1 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 8f425bcfd81f71b1df8d1f23469a0746
a38c23e2d418818f0126c180cb49ded073ea561b
e4d8981a85ca7f2bdfbae18a9b70bf3c1c22cc0946d46d98ed291cabe06128c1
GET /wp-content/themes/ColdStone/img/tnavbg.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2853
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:13 GMT
ETag: "49ab00f9-b25"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/pages-bottom.png
200 OK 4.0 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/pages-bottom.png
IP
File type PNG image data, 240 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b22b108fe9c7d3903528e36aa583d62
d849f54bfc6d409db02a992c1cbc291abad4114a
f2a14b988dbd3c24f01001087d0d92f30ac026646ee730445ebbe605148653ed
GET /wp-content/themes/ColdStone/img/pages-bottom.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 3952
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:06 GMT
ETag: "49ab00f2-f70"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/tnav_r-tr.png
200 OK 3.1 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/tnav_r-tr.png
IP
File type PNG image data, 6 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 165984554de47e6dbcce9f2fd3043193
50f65e033d5f7ebf5c21c11538ba90c3fd32b20d
4418328558ac0e563da9566bad933548d5e4162e093c31fd5204b786a1967143
GET /wp-content/themes/ColdStone/img/tnav_r-tr.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 3065
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:14 GMT
ETag: "49ab00fa-bf9"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/bnav-l.png
200 OK 2.9 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/bnav-l.png
IP
File type PNG image data, 15 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 05ec23ee811790e50797e804ef5aba53
9c21db53dfbcb51fc45ad45c413163674be12c9c
a8c65fa5a82f0716b325d9f055c86727ada713ca1a0110617010666461ee28bf
GET /wp-content/themes/ColdStone/img/bnav-l.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2938
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:00 GMT
ETag: "49ab00ec-b7a"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/bnavbg.png
200 OK 2.8 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/bnavbg.png
IP
File type PNG image data, 2 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash fab419fb7e221ca4bf7d6a595a15fd86
c57d0525fae1beb23ac568eae7c00b9e05670ef2
8f266cc4abbb742318190e2a8f8cb264b2eb0e0a97ed9fea89c000aa0b527696
GET /wp-content/themes/ColdStone/img/bnavbg.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2808
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:00 GMT
ETag: "49ab00ec-af8"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/knot.png
200 OK 2.8 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/knot.png
IP
File type PNG image data, 2 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash 878f0543545bf00d0dddb0aaad21561c
169513abbbe9ada9df7028b47d782f324d6a65c3
b868cde82dd68dba1547ae5209901e4cba2d209567f6bbc864e6daa096e83891
GET /wp-content/themes/ColdStone/img/knot.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2800
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:04 GMT
ETag: "49ab00f0-af0"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/categories-bottom.png
200 OK 3.3 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/categories-bottom.png
IP
File type PNG image data, 240 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 66b82c837a5659a33a9b47eb11d1492a
71c94c5dabe7421043996c680b43acea11d958cb
77af4d17a40ddba9c7e11bfd3c5f4419eb4bd087aa9c104df983451b1c04f451
GET /wp-content/themes/ColdStone/img/categories-bottom.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 3258
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:01 GMT
ETag: "49ab00ed-cba"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/searchbg.png
200 OK 2.9 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/searchbg.png
IP
File type PNG image data, 229 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 6227fe5b1f00af152e20a4151f7eea2b
8b4c158cb4d3d73c2102a368ffe938bc50773cd9
6426b08f06bcd911d67d24a6831cc165cac0c2a329bc52a64809099c6efb60e7
GET /wp-content/themes/ColdStone/img/searchbg.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2899
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:08 GMT
ETag: "49ab00f4-b53"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/singlebg.png
200 OK 2.9 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/singlebg.png
IP
File type PNG image data, 1 x 253, 8-bit/color RGB, non-interlaced\012- data
Hash 2e15b19795b3d29f7cf736f87c40faca
e0190a9e345701cb2e4b496902ba19ad9cf7f863
893862f9b1059abbb8adf8ae864de4c11adef3b49aa1e9600514c597a69572c4
GET /wp-content/themes/ColdStone/img/singlebg.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2876
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:09 GMT
ETag: "49ab00f5-b3c"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/bnav-r.png
200 OK 3.0 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/bnav-r.png
IP
File type PNG image data, 12 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b95b95181069daccdf4f1c08a798052
6111a60afbc8f6ccd7bfba1abdd1801ef063c047
96768a128e7fe4ab691296e182265cf985de21d6a85a181b151942dd9a682ba1
GET /wp-content/themes/ColdStone/img/bnav-r.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 3002
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:00 GMT
ETag: "49ab00ec-bba"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/sideline.png
200 OK 2.9 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/sideline.png
IP
File type PNG image data, 412 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 2e3cbec2591715ccafad06eeb10c9252
678a60b678a403580c8f5aaa12cb08f25eac02fe
991b7672e30b38bfd4298d9fa02b4f7e8382ee97624886c7507f518f06224d75
GET /wp-content/themes/ColdStone/img/sideline.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 2862
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:08 GMT
ETag: "49ab00f4-b2e"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/img/folder.gif
200 OK 382 B URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/img/folder.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash fb2ef54739d01923d4a0b9b0b9627494
6d7a9e2122275b5e929ce851e21bb1f9e694ebdf
b2b0e0565cd42fc3e5b16b7f6aad81ac512ff32713b27e3546d75ab5f339ebf6
GET /wp-content/themes/ColdStone/img/folder.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 382
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:41:03 GMT
ETag: "49ab00ef-17e"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/themes/ColdStone/images/gevak_logo.png
200 OK 8.0 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/themes/ColdStone/images/gevak_logo.png
IP
File type PNG image data, 228 x 40, 8-bit/color RGBA, interlaced\012- data
Hash 6317ee13ddcf562008e7d83815a231eb
906b9eb7079a2ca8cc94f8bf7a529064ff9c7f5e
0955b070bf10d5cdace143570c3305b2b04bb9e43ecd5faac6996b19783fc423
GET /wp-content/themes/ColdStone/images/gevak_logo.png HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/wp-content/themes/ColdStone/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/png
Content-Length: 7955
Connection: keep-alive
Last-Modified: Sat, 18 Sep 2010 20:23:49 GMT
ETag: "4c951fd5-1f13"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/close.gif
200 OK 1.1 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/close.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8f35b0fee056ed232f6140a6ccc0b804
d51657ddfc273eebb2f6115d1864820fc7d661e5
34ebb2cf13316f567df466170af3b82b766da4763faa5c1963d12aba47c7c7b7
GET /wp-content/plugins/shutter-reloaded/menu/close.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 1062
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:01 GMT
ETag: "49aaff85-426"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/prev.gif
200 OK 551 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/prev.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash d54a66903c5f4df8633465a411dc2bae
5274a587a811d305bd9926207162ca92c575253a
777c46ccdd2b5c7174c1afc71eb3e2634dc56ae083466342aca3da480cf49238
GET /wp-content/plugins/shutter-reloaded/menu/prev.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 551
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:02 GMT
ETag: "49aaff86-227"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/prev-d.gif
200 OK 344 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/prev-d.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash cc2766d35d2a0ef0a364649151c9f23a
7e9d774e9a2ebc56f200405871b4fb453f47d57f
8737b709dd4a162542c27efa5f55d9ce5f073f7488bc693157688e7dc08f76a5
GET /wp-content/plugins/shutter-reloaded/menu/prev-d.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 344
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:02 GMT
ETag: "49aaff86-158"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/next.gif
200 OK 549 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/next.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 81b89dfa48905b9652747d1b215467b4
1952253cea925c0c52d4700582c1e135c6480407
085a663645fbc816f22f75202a5335b6c3a91e05d5caa035b39c01a317e1d982
GET /wp-content/plugins/shutter-reloaded/menu/next.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 549
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:01 GMT
ETag: "49aaff85-225"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/next-d.gif
200 OK 340 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/next-d.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 936ecaeb59c7c62927aec81f64a07a02
7447847f086d7d4772a5addbbb08c9f45529548e
cf53947f8215cb27acd435f462c2dc0db401f1a0feac6f5ba78afb6c37206319
GET /wp-content/plugins/shutter-reloaded/menu/next-d.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 340
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:01 GMT
ETag: "49aaff85-154"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/resize1.gif
200 OK 942 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/resize1.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 685edc031886758dea934b9c764e8b6d
80f893a29bf62645af89eead0238f40524aa4b50
78a200f3fc2bb87ee48ad872368cee81091be513bf529676acd27f658d55ae17
GET /wp-content/plugins/shutter-reloaded/menu/resize1.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 942
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:03 GMT
ETag: "49aaff87-3ae"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/resize2.gif
200 OK 953 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/resize2.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 7ad1b38b8d49b9dde392b10adf36b2cb
b570c7669097c6f594267c6e8bcf62e331aaecdb
4dd56f77557dd09e8f001ba53e63fcc6ae9e0547e5bfbe635d28d6a1d41a297f
GET /wp-content/plugins/shutter-reloaded/menu/resize2.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 953
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:04 GMT
ETag: "49aaff88-3b9"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/resize-d.gif
200 OK 540 B URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/resize-d.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash dec6e518ae2a7016f55720b6c1a983d8
447a4a24c64033e51e79cbcf27490a20f807d157
70574eca2bc69a6d4db3dadb8aab838c49b8a4346b6cfa8024461969ddc0fe76
GET /wp-content/plugins/shutter-reloaded/menu/resize-d.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 540
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:03 GMT
ETag: "49aaff87-21c"
Accept-Ranges: bytes
www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/loading.gif
200 OK 10 kB URL HTTP/1.1 www.fond-astana.ru/wp-content/plugins/shutter-reloaded/menu/loading.gif
IP
File type GIF image data, version 89a, 48 x 48\012- data
Hash 95395bfeb200ae3ca7b9d9f304b5dd4d
1d4309c1fb83f9977720cd0a6fe9e0e31b625e06
a99ae73ae08d691c3d6d8ba158e6e3e93ab140263408cf91e97ba913c7b4d1bd
GET /wp-content/plugins/shutter-reloaded/menu/loading.gif HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 10049
Connection: keep-alive
Last-Modified: Sun, 01 Mar 2009 21:35:01 GMT
ETag: "49aaff85-2741"
Accept-Ranges: bytes
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 0a184e2c21c946bd287e4decb74366be
e83d4280d87c22c52674c7c8b47115ad5e37f5ee
a1bf8c180b164472cbbe4934902888f63251cc9d3c241f2f54977051f09b4ddb
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:39:50 GMT
ETag: "e83d4280d87c22c52674c7c8b47115ad5e37f5ee"
Last-Modified: Tue, 31 Jan 2023 07:39:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3121
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7921dc2f78060b39-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 09:49:04 GMT
age: 3406
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Tue, 31 Jan 2023 09:33:41 GMT
Expires: Tue, 31 Jan 2023 11:33:41 GMT
Cache-Control: public, max-age=7200
Age: 4329
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1701093550&utmhn=www.fond-astana.ru&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0&utmhid=1969597800&utmr=-&utmp=%2Fauthor%2Fadmin%2F&utmht=1675161967238&utmac=UA-7802947-1&utmcc=__utma%3D257506844.1192428907.1675161967.1675161967.1675161967.1%3B%2B__utmz%3D257506844.1675161967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106395356&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1701093550&utmhn=www.fond-astana.ru&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0&utmhid=1969597800&utmr=-&utmp=%2Fauthor%2Fadmin%2F&utmht=1675161967238&utmac=UA-7802947-1&utmcc=__utma%3D257506844.1192428907.1675161967.1675161967.1675161967.1%3B%2B__utmz%3D257506844.1675161967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106395356&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1701093550&utmhn=www.fond-astana.ru&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0&utmhid=1969597800&utmr=-&utmp=%2Fauthor%2Fadmin%2F&utmht=1675161967238&utmac=UA-7802947-1&utmcc=__utma%3D257506844.1192428907.1675161967.1675161967.1675161967.1%3B%2B__utmz%3D257506844.1675161967.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106395356&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Tue, 31 Jan 2023 10:45:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
kraken.rambler.ru/cnt/?et=pv&v=3.13.6i&pid=1629355&tid=t1.1629355.500065551.1675161967162&rid=1675161967.161-977119995&fid=pA8AAENKs1e4GYz8AQlryQA%3D&eid=600919671692879&aduid=8634c2ba-ba57-4a7f-940e-d423e24b04fe&aduidsc=fond-astana.ru&stid=1605642189_1675161967164&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=0&ct=web&url=http%3A%2F%2Fwww.fond-astana.ru%2Fauthor%2Fadmin%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1926116468
200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.6i&pid=1629355&tid=t1.1629355.500065551.1675161967162&rid=1675161967.161-977119995&fid=pA8AAENKs1e4GYz8AQlryQA%3D&eid=600919671692879&aduid=8634c2ba-ba57-4a7f-940e-d423e24b04fe&aduidsc=fond-astana.ru&stid=1605642189_1675161967164&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=0&ct=web&url=http%3A%2F%2Fwww.fond-astana.ru%2Fauthor%2Fadmin%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1926116468
IP
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash bc3b86b4098983e3e0bbe654222d2619
1f294ca6cb990a20deacc236075515510648ae5e
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc
GET /cnt/?et=pv&v=3.13.6i&pid=1629355&tid=t1.1629355.500065551.1675161967162&rid=1675161967.161-977119995&fid=pA8AAENKs1e4GYz8AQlryQA%3D&eid=600919671692879&aduid=8634c2ba-ba57-4a7f-940e-d423e24b04fe&aduidsc=fond-astana.ru&stid=1605642189_1675161967164&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=0&ct=web&url=http%3A%2F%2Fwww.fond-astana.ru%2Fauthor%2Fadmin%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1926116468 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 10:45:50 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAF7x2GOHQTkQAVR9cwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAF7x2GOHQTkQAVR9cwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1629355&session_id=1605642189_1675161967164&session_number=1&session_event_number=1&version=3.13.6i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1629355.500065551.1675161967162&adtech_uid=8634c2ba-ba57-4a7f-940e-d423e24b04fe&adtech_uid_scope=fond-astana.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&url=http%3A%2F%2Fwww.fond-astana.ru%2Fauthor%2Fadmin%2F&request_id=1675161967.161-977119995&event_id=523919671709953&meta=%7B%22title%22%3A%22admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1686156202
200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=1629355&session_id=1605642189_1675161967164&session_number=1&session_event_number=1&version=3.13.6i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1629355.500065551.1675161967162&adtech_uid=8634c2ba-ba57-4a7f-940e-d423e24b04fe&adtech_uid_scope=fond-astana.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&url=http%3A%2F%2Fwww.fond-astana.ru%2Fauthor%2Fadmin%2F&request_id=1675161967.161-977119995&event_id=523919671709953&meta=%7B%22title%22%3A%22admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1686156202
IP
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash bc3b86b4098983e3e0bbe654222d2619
1f294ca6cb990a20deacc236075515510648ae5e
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=1629355&session_id=1605642189_1675161967164&session_number=1&session_event_number=1&version=3.13.6i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1629355.500065551.1675161967162&adtech_uid=8634c2ba-ba57-4a7f-940e-d423e24b04fe&adtech_uid_scope=fond-astana.ru&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&url=http%3A%2F%2Fwww.fond-astana.ru%2Fauthor%2Fadmin%2F&request_id=1675161967.161-977119995&event_id=523919671709953&meta=%7B%22title%22%3A%22admin%20%7C%20%D0%A4%D0%BE%D0%BD%D0%B4%20%D0%90%D1%81%D1%82%D0%B0%D0%BD%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1686156202 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 10:45:50 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAF7x2GOHQTkQAVV9cwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAF7x2GOHQTkQAVV9cwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
top100-images.rambler.ru/top100/banner-88x31-rambler-blue3.gif
200 OK 931 B URL HTTP/1.1 top100-images.rambler.ru/top100/banner-88x31-rambler-blue3.gif
IP
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 89a, 88 x 31\012- data
Hash ba3fac93e2b16731a230f29627de3b1e
e8c629ed043f19fe8d581668080abb314d3b5292
4b8db0deff54214206b12a5c3c57cba6828079750225f5e5ceadb2dd6c258c1d
GET /top100/banner-88x31-rambler-blue3.gif HTTP/1.1
Host: top100-images.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Type: image/gif
Content-Length: 931
Connection: keep-alive
Keep-Alive: timeout=40
Last-Modified: Wed, 02 Feb 2022 05:30:04 GMT
x-rgw-object-type: Normal
ETag: "ba3fac93e2b16731a230f29627de3b1e"
x-amz-request-id: tx00000000000021ecc77fe-0063d8f08c-f85be6-default
Set-Cookie: ruid=HQAAAF7x2GMwakdFARN9dgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11258
Expires: Tue, 31 Jan 2023 13:53:28 GMT
Date: Tue, 31 Jan 2023 10:45:50 GMT
Connection: keep-alive
counter.yadro.ru/hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175
302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175
IP
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 302 Moved Temporarily
Date: Tue, 31 Jan 2023 10:45:50 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175
Content-Length: 32
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d8.c6.b8.a1.top.mail.ru/counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
302 Moved Temporarily 0 B URL HTTP/1.1 d8.c6.b8.a1.top.mail.ru/counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723 HTTP/1.1
Host: d8.c6.b8.a1.top.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 31 Jan 2023 10:45:50 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 385febe80d24c258f7c0a68353963c20
9d6a28fa9f4b72da428ae8c034599b06f8475d16
398fd4bc598e1fea10e7eeee1dd8158f5f631f4ce862841b9ba845f05f1fcc60
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 10:45:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:55:01 GMT
ETag: "9d6a28fa9f4b72da428ae8c034599b06f8475d16"
Last-Modified: Tue, 31 Jan 2023 07:55:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 784
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7921dc3229d2b51e-OSL
www.fond-astana.ru/favicon.ico
404 Not Found 134 B URL HTTP/1.1 www.fond-astana.ru/favicon.ico
IP
File type exported SGML document, ASCII text
Hash a4fb6506df4d455bb66a16cd5e35e773
fbb468b483dc713a3532b567b7bb1bbfd6454dfa
569b6e31c717aca7928d5cabc53092a1856382e5e21214e631dee151e509fa1c
GET /favicon.ico HTTP/1.1
Host: www.fond-astana.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fond-astana.ru/author/admin/
Cookie: adtech_uid=8634c2ba-ba57-4a7f-940e-d423e24b04fe%3Afond-astana.ru; top100_id=t1.1629355.500065551.1675161967162; t3_sid_1629355=s1.1605642189.1675161967164.1675161967170.1.2; last_visit=1675161967165%3A%3A1675161967165; __utma=257506844.1192428907.1675161967.1675161967.1675161967.1; __utmb=257506844.1.10.1675161967; __utmc=257506844; __utmz=257506844.1675161967.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 404 Not Found
Server: openresty
Date: Tue, 31 Jan 2023 10:45:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Vary: Cookie
X-Pingback: http://www.fond-astana.ru/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_with_ama_fy2021.js?client=pub-5361888841415114&plah=www.fond-astana.ru&bust=31071887
200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_with_ama_fy2021.js?client=pub-5361888841415114&plah=www.fond-astana.ru&bust=31071887
IP
File type ASCII text, with very long lines (4056)
Size 121 kB (121320 bytes)
Hash 44189bf437202a3cabf34e2c5e3a23ad
8d302cd19e6600cfeb8acb4ea8bcd9fb3054e9b2
504b868174ff781ce6a4d60eb6a69a3215a42b853e3eb91c051f2010909aa94f
GET /pagead/managed/js/adsense/m202301250101/show_ads_impl_with_ama_fy2021.js?client=pub-5361888841415114&plah=www.fond-astana.ru&bust=31071887 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Jan 2023 10:45:51 GMT
expires: Tue, 31 Jan 2023 10:45:51 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 17891701217729515223
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175
200 OK 128 B URL HTTP/1.1 counter.yadro.ru/hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175
IP
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 6c20f4752c8d6b60757b334cbb6882e5
211632e1e41754e71b3e455a961f092be0a475aa
bab0b3f92b91b7316b81530bc7a1567fd37c41efcf3c4874639e67a21caa9b80
GET /hit?t18.11;r;s1280*1024*24;uhttp%3A//www.fond-astana.ru/author/admin/;hadmin%20%7C%20%u0424%u043E%u043D%u0434%20%u0410%u0441%u0442%u0430%u043D%u0430;0.014086100252434175 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.fond-astana.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 10:45:51 GMT
Content-Type: image/gif
Content-Length: 128
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top-fwz1.mail.ru/counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.fond-astana.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 10:45:51 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
set-cookie: FTID=1RMYgQ0tkIIF:1675161951:1599590:::; path=/; expires=Thu, 01-Feb-24 10:45:51 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
200 OK 605 B URL HTTP/2 top-fwz1.mail.ru/counter2?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723
IP
File type GIF image data, version 87a, 88 x 31\012- data
Hash 4f902a26004e83be3654171014318ee0
04388e08ea1a5d9b823784552dcee5fb1333933c
6f82561870e095edb910a7e70c11017d4475ddfc174437b06194a0e846128a15
GET /counter2?id=1599590;t=56;js=13;r=;j=false;s=1280*1024;d=24;rand=0.6466990598304723 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.fond-astana.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 10:45:51 GMT
content-type: image/gif
content-length: 605
set-cookie: FTID=1RMYgQ0tkIIF:1675161951:1599590:::; path=/; expires=Thu, 01-Feb-24 10:45:51 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fYlgkJ8Azo1kzNNEnC8Gbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 38/cIKRcIfFhS3bbx9p75pK7fqU=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1b05a0b3c19155ff38f58b7dd4606775
ef6a909125ff3c1e9ea077163a86df4028ff490e
b0708b95554274b9cf8bced7a8668069a39b99a5e216c11b6c277bb912dcecf7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.fond-astana.ru&callback=_gfp_s_&client=ca-pub-5361888841415114
200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.fond-astana.ru&callback=_gfp_s_&client=ca-pub-5361888841415114
IP
File type ASCII text, with very long lines (395), with no line terminators
Hash 64eea9f1165350d785f8308f9db439d0
0574cdab8864376f612a6b87a122001c2e321b6f
fafd1b27a29f4d1d4fb3697adfbc64fc8058623bb5760ec1e120bb0f25387309
GET /gampad/cookie.js?domain=www.fond-astana.ru&callback=_gfp_s_&client=ca-pub-5361888841415114 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 31 Jan 2023 10:45:51 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.fond-astana.ru
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.fond-astana.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.fond-astana.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 31 Jan 2023 10:45:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.fond-astana.ru
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.fond-astana.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.fond-astana.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 31 Jan 2023 10:45:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1b05a0b3c19155ff38f58b7dd4606775
ef6a909125ff3c1e9ea077163a86df4028ff490e
b0708b95554274b9cf8bced7a8668069a39b99a5e216c11b6c277bb912dcecf7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 087182d3a6a359284853764004bfb9b4
0297b9b2cb72a979d6a1267f587bab0fb79b7b40
aa00ff2ec55972ad493cedf34c369da582f052df3a1f660610b8cbbcb78ce5ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 31 Jan 2023 10:45:51 GMT
expires: Tue, 31 Jan 2023 10:45:51 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:43:30 GMT
expires: Fri, 26 Jan 2024 20:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 396141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 10:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash dc9181f2cdc35dae810efa3d67786cc7
196215c6c88e7eb27e78962ae9e0ec2e3a33d4ff
c2921ad2009f25fca0c20587239c0300ec09f72f0f4147123fa2e50dcfd73266
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fond-astana.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 31 Jan 2023 10:45:51 GMT
date: Tue, 31 Jan 2023 10:45:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-zSzImchjF7MD0OnJPJu4mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2499
Expires: Tue, 31 Jan 2023 11:27:31 GMT
Date: Tue, 31 Jan 2023 10:45:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2499
Expires: Tue, 31 Jan 2023 11:27:31 GMT
Date: Tue, 31 Jan 2023 10:45:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2499
Expires: Tue, 31 Jan 2023 11:27:31 GMT
Date: Tue, 31 Jan 2023 10:45:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L6MnX0h8Bn9-ufqI6yOzQAPhqc4SoJKySgzlm756NaiVrfJpnftIWQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 06:29:38 GMT
age: 15374
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 46651
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 31757
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70d0f84c-475c-41c3-922d-8f0be8fbfff4.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70d0f84c-475c-41c3-922d-8f0be8fbfff4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6790dfb54452775c77c50890d17669a
a21e3ac869acae92640075dcb9da9ded4b7f0c92
b24238875cca2327ef4df93e5e66303f02b7f64265faebcb033a245c14638817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70d0f84c-475c-41c3-922d-8f0be8fbfff4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6481
x-amzn-requestid: ca20c9a5-983f-4cde-a833-2a561c13af95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY-T9FcXoAMFnlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d3774c-665397d31a681a155b8a7d53;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:03:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BpOJ8IlnGRS5RbTLM1pQdk11d9NJLiiUy7oIMbwYykeX5E6OyAAFdw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 17:04:34 GMT
age: 63678
etag: "a21e3ac869acae92640075dcb9da9ded4b7f0c92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 36770
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 32593
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
counter.rambler.ru/top100.jcn?1629355
200 OK 0 B URL HTTP/2 counter.rambler.ru/top100.jcn?1629355
IP
ASN #24638 Rambler Internet Holding LLC
GET /top100.jcn?1629355 HTTP/1.1
Host: counter.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.fond-astana.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 10:45:50 GMT
content-type: application/octet-stream
set-cookie: ruid=1CIAAF7x2GOHQTkQAT59cwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAF7x2GOHQTkQAT59cwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
195.24.68.17
104.18.20.226
216.58.211.2
23.36.77.32