{"report_id":"c756f305-c33a-42ce-b826-040b21545e95","version":0,"status":"done","tags":[],"date":"2026-06-17T16:00:27Z","url":{"schema":"https","addr":"investudy.kz/po","fqdn":"investudy.kz","domain":"investudy.kz","tld":"kz"},"ip":{"addr":"77.220.207.191","port":0,"asn":51162,"as":"JSC Kazteleport - subsidiary of Halyk Bank of Kazakhstan","country":"Kazakhstan","country_code":"KZ"},"final":{"url":{"schema":"https","addr":"investudy.kz/po","fqdn":"investudy.kz","domain":"investudy.kz","tld":"kz"},"title":"Бесплатное предобучение","dom":{"size":5291,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3200)","md5":"e9e254fe0480157e43dfe877d603ed47","sha1":"69ced13a09e40770f08cb4a3e4429ea1c33fff48","sha256":"4753146c3f2b1f594ddc7bb2700b39408529b02026f42d0e94593dbe202d36a5","sha512":"24452494f665314ebc6aba6b82e55f546e50eff14b02bf993e46472d37326075b8a5ec12602255dab10fb82f2b74bcfb766c58ea5170537cde39cff3b3d17ae0","ssdeep":"96:uKVKs4ZDwqblQ/V1bJE6gDY9cqSPgwD7kfQWZosEy0RNstzFHzw:f4pwqblQ/V1bJE6gDY9cqSYAQIcosEy+","tlshash":"f3b1a7b31524f83a8300c9ce4d7f304ed466e50f5f295860d94144eeb9f5ae66e2bd8b","dom_hash":"domhash96efbafcaddaa871b1e1b94d5ecd8314","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"investudy.kz/po","fqdn":"investudy.kz","domain":"investudy.kz","tld":"kz"},"ip":{"addr":"77.220.207.191","port":0,"asn":51162,"as":"JSC Kazteleport - subsidiary of Halyk Bank of Kazakhstan","country":"Kazakhstan","country_code":"KZ"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T16:00:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"investudy.kz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"investudy.kz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.tildacdn.pro","ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"domain_registered":"2023-07-31","domain_rank":2763183,"first_seen":"2024-01-02T15:23:56Z","last_seen":"2026-06-15T01:01:18.25433Z","alert_count":0,"request_count":23,"received_data":513190,"sent_data":11979,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-14T22:22:05.140579Z","alert_count":0,"request_count":2,"received_data":22725,"sent_data":1056,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"neo.tildacdn.com","ip":{"addr":"194.48.203.181","port":443,"asn":0,"as":"","country":"Ireland","country_code":"IE"},"domain_registered":"2015-07-28","domain_rank":358009,"first_seen":"2022-08-05T12:33:28Z","last_seen":"2026-06-12T01:31:48.57769Z","alert_count":0,"request_count":1,"received_data":2334,"sent_data":472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"investudy.kz","ip":{"addr":"77.220.207.191","port":443,"asn":51162,"as":"JSC Kazteleport - subsidiary of Halyk Bank of Kazakhstan","country":"Kazakhstan","country_code":"KZ"},"domain_registered":"2022-03-04","domain_rank":0,"first_seen":"2026-06-15T12:06:38.534212Z","last_seen":"2026-06-15T12:06:38.534212Z","alert_count":2,"request_count":1,"received_data":96364,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Tilda","description":"Tilda is a web design tool.","website":"https://tilda.cc","common_platform_enumeration":"","icon":"Tilda.svg","categories":["CMS"]},{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]},{"fqdn":"vakas-tools.ru","ip":{"addr":"80.78.254.21","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2018-12-29","domain_rank":559831,"first_seen":"2019-05-01T00:23:02Z","last_seen":"2026-03-04T06:46:45.646767Z","alert_count":0,"request_count":2,"received_data":6606,"sent_data":926,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"thb.tildacdn.pro","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2023-07-31","domain_rank":3009791,"first_seen":"2024-01-29T12:32:31Z","last_seen":"2026-06-02T08:59:07.702953Z","alert_count":0,"request_count":3,"received_data":0,"sent_data":1775,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"neo.tildacdn.com/js/tilda-fallback-1.0.min.js","fqdn":"neo.tildacdn.com","domain":"tildacdn.com","tld":"com"},"ip":{"addr":"194.48.203.181","port":443,"asn":0,"as":"","country":"Ireland","country_code":"IE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e582042c3e2c49a8f2c1aaf96c70da0","sha1":"d72ccdcc11d24594480a4ca8b699c029a8e0765c","sha256":"cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c","sha512":"b289159bb4cd83316ce8a9a9e0e53a845065454ac847e54fcddecbdb201ee84c0a4623c5288680e472e5c47bb4ef5852b399df43786a1e745f4165d99a6b0644","ssdeep":"","tlshash":"c741cc70a51fdc324e2393ab94bbf71734b901066d0bd1c22aa9dfdc9c62c8a5355b4e","size":1918,"data":"","first_seen":"2023-03-07T18:27:23Z","last_seen":"2026-06-21T10:54:34.925499Z","times_seen":5015,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-forms-1.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.921Z","timestamp":1781712015921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-forms-1.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 08 Jun 2026 09:33:25 GMT\r\netag: W/\"6a268c65-18a1c\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-32\r\ntraceparent: 00-08f2609213a049fdc80766676a6d941c-da4b829d2e24d543-01\r\nx-id-shield: fr5-hw-edge-gc40\r\nage: 710355\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc11\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T15:47:25+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":100892,"size_decoded":26934,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32757)","md5":"e192de131798d0ffa1c010bd8c627c50","sha1":"c82723ab1f37ffee71f46654465337d495c7faa0","sha256":"549cbe99e0e5726ae88be4176734f190a3a4d979cac8f7de91be8ac7d90f2c3e","sha512":"5261817d5d5cea9f0ecf9ab48932861203eaa89bd6170f2d26e2ffab4520db86dd10ed1370be6c2c6a09f14fa8d88e09a7efd0675c58c3c23036936cd48488b1","ssdeep":"1536:gtHtx2bbVK59a+IGcnzN0R2qPvdw9ocKjVLnK:Otb59a+e6R2qaHKjVLK","tlshash":"28a319a9b1393072169757f991ef174a72312128b906c440d964d8d63facc8bee23fe9","first_seen":"2026-06-08T13:05:42.738353Z","last_seen":"2026-06-22T03:54:24.938161Z","times_seen":27,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild3430-3932-4466-a232-323030343439/telegram_omp4l61n0tl.svg","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.960Z","timestamp":1781712015960,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /tild3430-3932-4466-a232-323030343439/telegram_omp4l61n0tl.svg HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: image/svg+xml\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nx-amz-id-2: ogHS/KiIJderGgbTrwjHUDHnZQWMbr3rZcRtRt3cEb61IIQS4HNnlgUW8ygIIEQ2KycwAwuhIdE=\r\nx-amz-request-id: 5P108MCFY39QAMV9\r\nlast-modified: Fri, 29 Nov 2024 13:21:27 GMT\r\netag: W/\"5868fb6ba5070cd1c5d6ab10d6164a01\"\r\nx-amz-storage-class: STANDARD_IA\r\nx-tilda-origin: or-31\r\nx-id-shield: am3-hw-edge-gc11\r\nage: 175259\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T15:33:39+00:00\r\ntraceparent: 00-a3a719712336a50da1db4d449b531478-18dcceb138238c5a-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1040,"size_decoded":1361,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5868fb6ba5070cd1c5d6ab10d6164a01","sha1":"eed97835d6ecfacefb3f9d0e926479cd9b2f80fd","sha256":"2bd109ca5f228a755f2cb4de7ceeb7c1df442032ff71d9f25d54f04c9df0ad67","sha512":"2f0f1000b90c5cc3dd221680b67f69bf2bce88759ecbf5923536486dd9d62308aa5a97b2684eda24d62d90bbb60d23caa56458c09aaf59bca1e74d88efd4df21","ssdeep":"","tlshash":"a4113e11d2e45638dc5283a4d2f86ac7b3b5308c31c2a07daaaf01a5781bbf10288a9d","first_seen":"2026-06-17T16:00:29.525095Z","last_seen":"2026-06-17T16:00:29.525095Z","times_seen":1,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild3733-6538-4461-b864-616438653035/photo_2024-07-16_19-.svg","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:19.868Z","timestamp":1781712019868,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tild3733-6538-4461-b864-616438653035/photo_2024-07-16_19-.svg HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T04:29:52.872309Z","times_seen":16626337,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700\u0026subset=latin,cyrillic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.899Z","timestamp":1781712015899,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700\u0026subset=latin,cyrillic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 17 Jun 2026 16:00:15 GMT\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11865,"size_decoded":1475,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"391f309cd18fb94b49dc2469b5b5ca13","sha1":"23e6a653a89de462e801f2a75106bf67734fb837","sha256":"3fb71e6caa4f541382e002d96dc48b1464567d55c00895d0156c058b7e323f46","sha512":"cf0528225c55df98c08066fd09d4f10e4a8365eab8c6caac75b72c820d9be5a18d25ef6f64446bf838e64cf292ef88b957b653ecf7c39f75fafcbb4ba1f18e09","ssdeep":"192:yNineO33lxopNP6TO3Kkxx2NkdIO3tPx+PNpYNO3o2x3kN2jqO3zpxMx:akYVOKczmIG","tlshash":"97327c92002be40067931dc363cf7e39aece5088a086d5796bfd0dc59cead66537436e","first_seen":"2025-09-12T23:42:14.26865Z","last_seen":"2026-06-22T04:35:41.412154Z","times_seen":1634,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":3,"connect":16,"send":0,"wait":35,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.905Z","timestamp":1781712015905,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;600;700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 17 Jun 2026 16:00:15 GMT\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9492,"size_decoded":1435,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d32f932e8f2899c3459c57db273c6f30","sha1":"905c3a999906e60810b51d8ec762f3eaf5e6ec62","sha256":"d6bee13ced1e502b1542661874bf59f4a4c0844a396d835a491599a23f715ed6","sha512":"7d47fb0c3cf60971970636ce86838348f559e35f3a9d54787ad062cad11dfc4f8570117c20b4e09beeb5c14131e12d23d2db764e71b3c20e88e220eef81e970a","ssdeep":"192:yNineO33lxopNP6TO3KkxxPNpYNO3o2x3kN2jqO3zpxMx:akYVlzmIG","tlshash":"95127b92002be40067931dc363cf7e39aece5088a086d5796bfd0dc59cead66537436e","first_seen":"2025-09-15T15:35:41.465574Z","last_seen":"2026-06-17T16:00:29.531831Z","times_seen":21,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":34,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/jquery-1.10.2.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.907Z","timestamp":1781712015907,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/jquery-1.10.2.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 18 Mar 2021 12:08:37 GMT\r\netag: W/\"605342c5-16b88\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-31\r\ntraceparent: 00-b20149171ef92aa3ad94866ac6854797-5d3da7566394aca0-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 1123903\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc10\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T10:06:22+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93064,"size_decoded":32443,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"bdce12c949e78d570c8d44e9c2b23508","sha1":"9afdc4fec954646bd6270caf82f107fdef605bc5","sha256":"c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc","sha512":"b96588d93fb86228ecc8f501bee6db5f199b20b086fc88c683bbe1feb6c343dec3f99467e1d3140b7f4731d07adf2f918f0ca88bb257d10b5ab8879ff9ce8ed3","ssdeep":"1536:34mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:3GsKXlI2p0WPSbDrstfam","tlshash":"f193f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T12:27:49Z","last_seen":"2026-06-21T04:42:53.834983Z","times_seen":5621,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":21,"connect":9,"send":0,"wait":12,"receive":0,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild6464-3763-4234-a266-613366326264/Social_Icons_4.svg","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.955Z","timestamp":1781712015955,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /tild6464-3763-4234-a266-613366326264/Social_Icons_4.svg HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: image/svg+xml\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nx-amz-id-2: LsIssSF/cmst1Zqprw9zFB4PYcQeH5sE+E0MXdzYvAe7Y1Z5mXMtmrNcJ/DOtUliuYWFObAiDaalmuyDHKnf/3qsMi9H2VIp\r\nx-amz-request-id: G8WPQSBN6ZFK9WTF\r\nlast-modified: Sat, 09 Mar 2024 14:00:37 GMT\r\netag: W/\"2dc9e3fcad55a2b47443e624deaaa937\"\r\nx-amz-storage-class: STANDARD_IA\r\nx-tilda-origin: or-32\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 2040262\r\nx-cached-since: 2026-05-25T01:15:54+00:00\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc15\r\naccess-control-allow-origin: *\r\ncache: HIT, MISS\r\ntraceparent: 00-c1fe32e7d852b77c9608d4be1d4380f6-ed4fc1e322c6ae44-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1790,"size_decoded":1654,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2dc9e3fcad55a2b47443e624deaaa937","sha1":"4b8e50608b818034d2f00910ffa7d3cc6b38e496","sha256":"52daed5c359081ebdfeb54ba9e73603c89d60a50f5aee8088670d86e1a6a0216","sha512":"51ecec7de1eeb9a63b2d8166f57fd23ab6f09edda4efa0a1a3e3ddcea9b65d9f847f7e107be615b0a09a6bb0f63fc43409c678e5d40e2b816a847fe3743e49ba","ssdeep":"","tlshash":"8a319bfa6bea95c0a526df0dcd337dbd71ef2cfe8c5b4375888ba445ad918804a04c94","first_seen":"2026-06-17T16:00:29.533644Z","last_seen":"2026-06-17T16:00:29.533644Z","times_seen":1,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild3964-3739-4233-b734-303965623734/priloj_icon.svg","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.956Z","timestamp":1781712015956,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /tild3964-3739-4233-b734-303965623734/priloj_icon.svg HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: image/svg+xml\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nx-amz-id-2: 5pqit+svSOXhpGmmJuu9Tk5Fpqa+1+Buk57sxwcl7TXsvZlOx5s1jvo3mxxeng+YSAC0MLiwQKU=\r\nx-amz-request-id: T405PK0SSGS2JXWH\r\nlast-modified: Sat, 11 Jan 2025 06:02:27 GMT\r\netag: W/\"d7ae8abcb5a0ce9619b3f016c6fd3a88\"\r\nx-amz-storage-class: STANDARD_IA\r\nt-server: or-2\r\nx-id-shield: am3-hw-edge-gc11\r\nage: 2356463\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc15\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-15T10:31:25+00:00\r\ntraceparent: 00-79c0f7acddd30db9c2bae55fae005778-80abc5e4becbbc35-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":798,"size_decoded":1107,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d7ae8abcb5a0ce9619b3f016c6fd3a88","sha1":"f40bb03fa57ede7fee81d4b8fffaa0687bb97c57","sha256":"93c062e55785b0a3319fa77ac1d201cd6634eb1243ea6f9e41306d67c341e165","sha512":"116f78e15df6dd480fc0cf4911b0e907cb0ffc12baf91927ce112d5e08ce8e548b3e512106eaccb3ed4a497d16d1890bf49450ac07582d8b26963a8d97bd90ab","ssdeep":"","tlshash":"2901c9e89218e9d4dcc8c3f42f5aa222730030ee439a8928d8b00b4090c378a6918ec5","first_seen":"2026-06-17T16:00:29.534999Z","last_seen":"2026-06-17T16:00:29.534999Z","times_seen":1,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"neo.tildacdn.com/js/tilda-fallback-1.0.min.js","fqdn":"neo.tildacdn.com","domain":"tildacdn.com","tld":"com"},"ip":{"addr":"194.48.203.181","port":443,"asn":0,"as":"","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.889Z","timestamp":1781712015889,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.com","organization":""},"issuer":{"commonName":"GlobeSSL DV CA","organization":"CentralNic Luxembourg Sàrl"},"validity":{"start":"Tue, 03 Feb 2026 00:00:00 GMT","end":"Sat, 20 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"9E:6F:B5:96:E2:36:65:FE:13:E9:4D:8B:A3:FA:0B:53:A6:95:4D:EA","sha256":"07:14:4E:62:F1:DF:1C:54:FC:C2:84:2A:7F:F4:9C:8C:93:51:8B:FD:44:C4:9E:E6:85:88:30:AD:E7:42:2C:55"}}},"request":{"raw":"GET /js/tilda-fallback-1.0.min.js HTTP/1.1\r\nHost: neo.tildacdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Apr 2026 08:46:20 GMT\r\netag: W/\"69dcad5c-77e\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\ncontent-encoding: gzip\r\nexpires: Wed, 24 Jun 2026 16:00:16 GMT\r\ncache-control: max-age=604800\r\nx-tilda-server: 5\r\nx-tilda-imprint: 79feb30d-1033-4f17-a413-2b825ba8d640\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1918,"size_decoded":1252,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1918), with no line terminators","md5":"8e582042c3e2c49a8f2c1aaf96c70da0","sha1":"d72ccdcc11d24594480a4ca8b699c029a8e0765c","sha256":"cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c","sha512":"b289159bb4cd83316ce8a9a9e0e53a845065454ac847e54fcddecbdb201ee84c0a4623c5288680e472e5c47bb4ef5852b399df43786a1e745f4165d99a6b0644","ssdeep":"","tlshash":"c741cc70a51fdc324e2393ab94bbf71734b901066d0bd1c22aa9dfdc9c62c8a5355b4e","first_seen":"2023-03-07T18:27:23Z","last_seen":"2026-06-21T10:54:34.925499Z","times_seen":5015,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":3,"connect":59,"send":0,"wait":57,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/ws/project9149247/tilda-blocks-page144922513.min.js?t=1780657503","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.911Z","timestamp":1781712015911,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /ws/project9149247/tilda-blocks-page144922513.min.js?t=1780657503 HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 05 Jun 2026 11:05:11 GMT\r\nx-host: ws.tildacdn.com\r\nx-tilda-origin: or-31\r\ntraceparent: 00-27f2bb4afe9cc4124be038d53fe5386f-ab66c4f3da5747b6-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 1054047\r\nx-cached-since: 2026-06-05T11:12:49+00:00\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT, MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":26120,"size_decoded":6691,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1024)","md5":"11255e5acfd29e74a0f895343b32da32","sha1":"177bc2996bfb67f0265941c2f6ad5a85683c9b49","sha256":"dcdb04f72a5591a6eca3dac7b3ff4c99aad730f09fdafb0a0f76619c64883347","sha512":"b1e0bf37f4ba70819eb03cfa849463ea643ace147a2146987e90a556fccc6c5b8e0268c14729ab3cd7aa64d45f85eeb3fcc6b2480033f1bf4ac31e56216143af","ssdeep":"384:v6l+/F6aimmWvmpR5g1WUPSm7a98w13qhFF5n47fFF3bRyirAGMrm:JibWvT11PSmcR9orm","tlshash":"4ac2a399f1a0bc3b04ff2a72557f07a565351891b606cc31981accd8ae28e87c497f7e","first_seen":"2026-03-14T00:42:54.909648Z","last_seen":"2026-06-17T16:00:29.537921Z","times_seen":6,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild3239-3536-4361-b163-653865323730/instagram_ye3btfjz8k.svg","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.959Z","timestamp":1781712015959,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /tild3239-3536-4361-b163-653865323730/instagram_ye3btfjz8k.svg HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: image/svg+xml\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nx-amz-id-2: 4milIsLeaQY0D5LlL2uAL0D7/P76ikrokfTHXrBGpQbeDfx9n+zQLk9tFWDf/pD9+N5NrkCZ8a0=\r\nx-amz-request-id: 1FSC6D22873HKC4X\r\nlast-modified: Fri, 29 Nov 2024 13:21:35 GMT\r\netag: W/\"fc1c428ae3e3927955231a58c53e9746\"\r\nx-amz-storage-class: STANDARD_IA\r\nt-server: or-3\r\nx-id-shield: am3-hw-edge-gc11\r\nage: 4681831\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T15:33:39+00:00\r\ntraceparent: 00-353042b3eaf35d4fba9f1dd54af84757-1165bfe4fd146666-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3400,"size_decoded":2035,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fc1c428ae3e3927955231a58c53e9746","sha1":"b84b2cf5ce159d4430d310a763d1ab3670aa6bf7","sha256":"1c9f4bb4495d980f1dbb19f66896805db0a4ab0776c233abcd06ac09fd7c4674","sha512":"03f89934eb4758f1fe86b718732cb1ab7b8d93518b489d1ca695760792fd21a5c5d8a2d082d389a1e302052a617b8e2159ddc7bb6539e032d02693ba1814453a","ssdeep":"","tlshash":"7e6151e0a35010b07b1dbbe440c0b8ac3b3336ff0a1543de86f679d09427b9a66d88c2","first_seen":"2026-06-17T16:00:29.538582Z","last_seen":"2026-06-17T16:00:29.538582Z","times_seen":1,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"investudy.kz/po","fqdn":"investudy.kz","domain":"investudy.kz","tld":"kz"},"ip":{"addr":"77.220.207.191","port":443,"asn":51162,"as":"JSC Kazteleport - subsidiary of Halyk Bank of Kazakhstan","country":"Kazakhstan","country_code":"KZ"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:59:54.862Z","timestamp":1781711994862,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"investudy.kz","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Jun 2026 08:16:05 GMT","end":"Fri, 11 Sep 2026 08:16:04 GMT"},"fingerprint":{"sha1":"B6:5F:00:A9:80:49:A0:2C:9B:FE:44:CE:E6:B4:C3:A7:6A:09:FC:30","sha256":"4E:6B:1B:C5:9A:CF:8B:74:BD:80:76:E3:33:0F:4A:6F:A5:57:03:06:4F:20:EC:C1:FD:6B:74:F5:1D:8A:45:E3"}}},"request":{"raw":"GET /po HTTP/1.1\r\nHost: investudy.kz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: ddos-guard\r\nset-cookie: __ddg8_=I2kZYzzigq5ScJNi; Domain=.investudy.kz; Path=/; Expires=Wed, 17-Jun-2026 16:20:15 GMT\n__ddg10_=1781712015; Domain=.investudy.kz; Path=/; Expires=Wed, 17-Jun-2026 16:20:15 GMT\n__ddg9_=195.64.118.152; Domain=.investudy.kz; Path=/; Expires=Wed, 17-Jun-2026 16:20:15 GMT\n__ddg1_=9hoFfVMW4jssYPOCJfdS; Domain=.investudy.kz; HttpOnly; Path=/; Expires=Thu, 17-Jun-2027 16:00:15 GMT\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 15111\r\nlast-modified: Fri, 05 Jun 2026 11:05:10 GMT\r\netag: \"17549-6537fa2621928-gzip\"\r\ncontent-encoding: gzip\r\nx-frame-options: SAMEORIGIN\r\nx-host: investudy.kz\r\naccept-ranges: bytes\r\nx-tilda-server: 25\r\nx-tilda-imprint: 306d1135-bda6-4a73-9854-dfe6c50a2e11\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Tilda","description":"Tilda is a web design tool.","website":"https://tilda.cc","common_platform_enumeration":"","icon":"Tilda.svg","categories":["CMS"]},{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":95561,"size_decoded":15914,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24715)","md5":"b84c0480fdeed75e0def5974e1497af0","sha1":"d976ff0f249ad9e82221043226547146b5ef6536","sha256":"c3d89b12db9921ddc4411b9b69c4a67e3ff8e96244bcbb0a8134cb32c309a44b","sha512":"c026db432edb0ae0b4f507749fa806a7c019cb425eaa4986e222c61327172866092afef8781d783e1a7f164139b06d2922613eba501e1d0fae0d883a9e9bf532","ssdeep":"1536:v4VblQIqlTCCoYIiq8SEadDy5oHtLzcBvrBPB5a8ntQ5CXqeqUnbwAEhVaM0llWq:F1hrJjDMVr7/UkK","tlshash":"2193b551b652582ac107b6cf42bb8618336eb782cf0603e0f6a51f7d6f979e11ea7c14","first_seen":"2026-06-17T16:00:29.539862Z","last_seen":"2026-06-17T16:00:29.539862Z","times_seen":1,"resource_available":true,"data":null}},"time_used":34940,"timings":{"blocked":-1,"dns":14603,"connect":19611,"send":0,"wait":396,"receive":12,"ssl":318},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"investudy.kz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"investudy.kz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/css/tilda-animation-2.0.min.css","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.901Z","timestamp":1781712015901,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /css/tilda-animation-2.0.min.css HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: text/css\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 11:59:57 GMT\r\netag: W/\"687f7d3d-a77\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-33\r\ntraceparent: 00-453785a9ba5e53462d1fe2960f501e43-340db9cdff7bca1a-01\r\nx-id-shield: fr5-hw-edge-gc40\r\nage: 1123964\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc15\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T10:55:44+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":2679,"size_decoded":1181,"mime_type":"text/css","magic":"ASCII text, with very long lines (2679), with no line terminators","md5":"a2e83a85322807a783feebfda59e0e1f","sha1":"e71e09218938b4a560acdc593b3d290632dd1576","sha256":"4367cfe21925829103cb1d8a3e599fde37dcf00e90c8303c904e5db1f5816292","sha512":"b2b17f7d18d61bbf6c860a8714355899ebadb5d22c1c46f9ae45257b159f7fa1538614b8466f56feb5ac1b830c49b91664b74206d6438b4e3ee91c82d33926b0","ssdeep":"","tlshash":"0651b7576926175002630da345cfbb644e289eb106520eceb3bc242f67c165ef27e2bf","first_seen":"2025-07-23T08:20:05.317665Z","last_seen":"2026-06-21T04:42:53.837646Z","times_seen":2850,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":27,"connect":8,"send":0,"wait":18,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-animation-2.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.915Z","timestamp":1781712015915,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-animation-2.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nlast-modified: Tue, 25 Nov 2025 14:58:40 GMT\r\netag: W/\"6925c420-8a79\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\ncontent-encoding: gzip\r\nx-tilda-origin: or-32\r\ntraceparent: 00-243e68e3c3f6038e84c7a6f6e2e71ce5-161faa05a45fd799-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 1123914\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T10:06:22+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35449,"size_decoded":9205,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35448)","md5":"2219912e772b40c1433a34e532d76fec","sha1":"33901bdeccbda70885f394bb0bda42710b61f25f","sha256":"c764f6558612179a585b3b4e0f4e952a12142d0b158c5b570160cdf3db82b524","sha512":"09afda2a6005396922fa293a737e3ee43b830a9c612f78e49ff73dbb017824c86dcf81965f0dcbf891fd046e922b72d381b300b5ddd226124b8a43e6bb2ce902","ssdeep":"768:56fSctcnLcn1cnscntcnOcnFcnccnTcnGcnhcnCcnPcn2cnvcn6g+6bc78INhAiJ:pCYhze","tlshash":"1bf2a69bf654a032437732b281cf618c5e345d55a50644acba3dd88f2864a4ae37fe3f","first_seen":"2025-11-25T15:07:41.355429Z","last_seen":"2026-06-22T03:54:24.947445Z","times_seen":1723,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vakas-tools.ru/tilda/autotime/21061/","fqdn":"vakas-tools.ru","domain":"vakas-tools.ru","tld":"ru"},"ip":{"addr":"80.78.254.21","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.929Z","timestamp":1781712015929,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vakas-tools.ru","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 23:52:05 GMT","end":"Sun, 26 Jul 2026 23:52:04 GMT"},"fingerprint":{"sha1":"95:D4:14:0B:CF:CE:19:F8:C4:25:2F:C9:A8:D6:3F:DC:4F:02:F5:20","sha256":"20:4A:83:2E:45:02:B4:9E:F3:3F:F4:C8:52:E1:86:9A:15:36:7C:2D:81:E5:53:1B:9C:83:76:BB:5B:BA:46:69"}}},"request":{"raw":"GET /tilda/autotime/21061/ HTTP/1.1\r\nHost: vakas-tools.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3 (Ubuntu)\r\nDate: Wed, 17 Jun 2026 16:00:16 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 823\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=5nkvs2rm4gj0r6rkbjo1v4049f; expires=Fri, 19 Jun 2026 16:00:16 GMT; Max-Age=172800; path=/; HttpOnly\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nX-Robots-Tag: noindex, nofollow\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2778,"size_decoded":1366,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"980d1d5e311702f3953ebe2550773a9b","sha1":"d903708a68f1597a4819378de1748fe8cc2e287c","sha256":"8fbf8ddb44da1f4f9e19572b5e34c21f23bf1e93476204a344737d9e3565001c","sha512":"f8ce3c97953f18dc5e151259f5eb8c7d0f49ae81fd2c505cbc3b3004964351b176f1ea7bd01fd7a72ca17455471a0b27790270fce24eacb2fd77700a0dd4e40e","ssdeep":"","tlshash":"88510f68955c430450b673fdc7ab088cefbb427f264de180b92c29880fb9831a2d7dd8","first_seen":"2026-06-17T16:00:29.548932Z","last_seen":"2026-06-17T16:00:29.548932Z","times_seen":1,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":4,"connect":54,"send":0,"wait":75,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"vakas-tools.ru/tilda/autotime/18838/","fqdn":"vakas-tools.ru","domain":"vakas-tools.ru","tld":"ru"},"ip":{"addr":"80.78.254.21","port":443,"asn":197695,"as":"Domain names registrar REG.RU, Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.932Z","timestamp":1781712015932,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"vakas-tools.ru","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 27 Apr 2026 23:52:05 GMT","end":"Sun, 26 Jul 2026 23:52:04 GMT"},"fingerprint":{"sha1":"95:D4:14:0B:CF:CE:19:F8:C4:25:2F:C9:A8:D6:3F:DC:4F:02:F5:20","sha256":"20:4A:83:2E:45:02:B4:9E:F3:3F:F4:C8:52:E1:86:9A:15:36:7C:2D:81:E5:53:1B:9C:83:76:BB:5B:BA:46:69"}}},"request":{"raw":"GET /tilda/autotime/18838/ HTTP/1.1\r\nHost: vakas-tools.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3 (Ubuntu)\r\nDate: Wed, 17 Jun 2026 16:00:16 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 812\r\nConnection: keep-alive\r\nSet-Cookie: PHPSESSID=t3nhpf2d522qpsnh39pneu4nht; expires=Fri, 19 Jun 2026 16:00:16 GMT; Max-Age=172800; path=/; HttpOnly\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nX-Robots-Tag: noindex, nofollow\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2742,"size_decoded":1355,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"764ef41aab166ce2b1e7a766cd67200a","sha1":"61dd343f4db880bbe569d755c07a916c20d8fec4","sha256":"7cb261bc124fa3112993bcd880901d8915f427fd347e7000358d80a09774159b","sha512":"3713953ebbe478e65cd763b53072260db9ee79e9f18904d79a7e3a60ce7d26fc3f7609566cf6a2e7abb09c4119d8b18fab8a1b2580ca7e8c8d73694a56928e01","ssdeep":"","tlshash":"2a51bd68265c120450f6b7bdc7eb488cef7b427f1549d180bd6c29890fb983912d7de8","first_seen":"2026-06-17T16:00:29.550476Z","last_seen":"2026-06-17T16:00:29.550476Z","times_seen":1,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":-1,"dns":2,"connect":54,"send":0,"wait":72,"receive":0,"ssl":376},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thb.tildacdn.pro/tild3837-3061-4366-b939-656133373466/-/resize/20x/Adobe_Express_-_file.png","fqdn":"thb.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.953Z","timestamp":1781712015953,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tild3837-3061-4366-b939-656133373466/-/resize/20x/Adobe_Express_-_file.png HTTP/1.1\r\nHost: thb.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T04:29:52.872309Z","times_seen":16626337,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild6438-6531-4139-a330-363734316361/whatsapp_n6m1ijqq6fi.svg","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.957Z","timestamp":1781712015957,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /tild6438-6531-4139-a330-363734316361/whatsapp_n6m1ijqq6fi.svg HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: image/svg+xml\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nx-amz-id-2: PqylCz4D+G5rWRuQjLX+lEZmfpHWrGZc5oMjFyfFuoMHvLZo1YdYjKZlje1SxLWP42qwBVWIlHo=\r\nx-amz-request-id: AE54S98KE4J7BKVZ\r\nlast-modified: Fri, 29 Nov 2024 13:20:32 GMT\r\netag: W/\"1e7ef705fe2aac711ff5e692057f38fd\"\r\nx-amz-storage-class: STANDARD_IA\r\nt-server: or-3\r\nx-id-shield: am3-hw-edge-gc11\r\nage: 2779639\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc10\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T15:33:39+00:00\r\ntraceparent: 00-471d0d381dba562987ad4b613d43bcab-13de78747b60b21b-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":2395,"size_decoded":1894,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1e7ef705fe2aac711ff5e692057f38fd","sha1":"c555de85d7699910fc65f492ae84063b580d2a4a","sha256":"b4a684e9220c5393ceeddb2d5cb74f4432ddfc09d30bb30586f4bf535a3c3026","sha512":"c1bb403b1c246279825502a75638ad8f7b6b4e09e75be013bcbb854dba1037b3591c5c7759e5a6497d7bda652727116784791566a491203ef0f078be819e7c01","ssdeep":"","tlshash":"c34184c9e7215ae04b0e03f6d8e478357b7a70f93284029d62f5a9f0e6237d6574c8c0","first_seen":"2026-06-17T16:00:29.551544Z","last_seen":"2026-06-17T16:00:29.551544Z","times_seen":1,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/ws/project9149247/tilda-blocks-page144922513.min.css?t=1780657503","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.896Z","timestamp":1781712015896,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /ws/project9149247/tilda-blocks-page144922513.min.css?t=1780657503 HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T04:29:52.872309Z","times_seen":16626337,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-scripts-3.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.908Z","timestamp":1781712015908,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-scripts-3.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 09 Jun 2026 13:17:38 GMT\r\netag: W/\"6a281272-5b54\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-33\r\ntraceparent: 00-03f70176c4d74e8945ffa4df4a130c07-ff2d881761917e6d-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 700508\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc15\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T12:06:15+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":23380,"size_decoded":7101,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (23358)","md5":"f24e5043080edf2ad852f64377dfd757","sha1":"5a8aca8ca6afdd80598e506584dcd28825a7b210","sha256":"be2f308ac80f7f06833c8522cd85f40445353c6addbdf6a12518a7fddb865186","sha512":"204c8b5251bc1850cededcf76f30983533a22d4aeebc436da9d04c680ff6b8219ac7a5415fbf25ebc8ed26c65e92f8330e507cf4875753a65b2a7ddab8480a71","ssdeep":"384:40+t+i+8F/Iu01rHxW9sp6o8VYk5qSzJp2T7uj8n+zav0oezfllh/RMokdDiFypf:otl+8F/Ib1rosp6o8Ck5qSzJM3uj8n+a","tlshash":"23a2c77877443837006b1abbbbbe738936302619ab038440f11dd9a4bd9ce976917fd9","first_seen":"2026-06-09T21:34:39.780433Z","last_seen":"2026-06-22T03:54:24.936643Z","times_seen":25,"resource_available":true,"data":null}},"time_used":953,"timings":{"blocked":-1,"dns":20,"connect":9,"send":0,"wait":10,"receive":0,"ssl":912},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-lazyload-1.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.913Z","timestamp":1781712015913,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-lazyload-1.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 08 May 2026 12:00:06 GMT\r\netag: W/\"69fdd046-4f5b\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-31\r\ntraceparent: 00-8fa591d7348ad41efc90beeb8f891825-92085cfd2aae7f54-01\r\nx-id-shield: am3-hw-edge-gc11\r\nage: 1123829\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc15\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-04T15:51:15+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":20315,"size_decoded":7642,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20314)","md5":"5dd393e87e9315d3c1e429ed082039aa","sha1":"b08f8f0f76258356bf7b6ced78d73eaf98c69879","sha256":"2f718826160d39cd3a9b9e23b5044ea7143c1413dce1779c4e68b750745193c0","sha512":"e0913acefab3faac739c2905adbc4575f5ad28fa1904f607bff1116d3d6955bc98b3b410aafb799926d2ad050fc125455f5533948295be8eca73a766e492b0cc","ssdeep":"384:KN48L56BZVBicX7UwlLlArKTgSffCeUrhwjVLdUf41j6Eqy+dyZCHHTa+92Gc3Mu:KN48L56BZ7icX7UmLiOTUTrijVLdUQ1T","tlshash":"c5922a6c3a81f536b6b251b123ff06477234265af9024051fc29e0dc6af8c47b767b9a","first_seen":"2026-05-08T12:13:46.532623Z","last_seen":"2026-06-22T03:54:24.946943Z","times_seen":515,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-zero-1.1.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.917Z","timestamp":1781712015917,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-zero-1.1.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 25 May 2026 08:48:08 GMT\r\netag: W/\"6a140cc8-ad6b\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-31\r\ntraceparent: 00-a2fd8ac3d1303f9908e7c1bbd4f86c37-8de7d8a73e78b9b2-01\r\nx-id-shield: am3-hw-edge-gc11\r\nage: 1123783\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T11:50:02+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44395,"size_decoded":11606,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44394)","md5":"43e2d46abaea95eedc854ceded4d6796","sha1":"df71a61e8cbb1fffdad2d93afbe8fc8673a798a8","sha256":"3fb0b044a01da55b6e62e5fd985a868aed9a14d8b770de198aa50ff6f91c5cfc","sha512":"36d3f742384ab668a1e4903de0322bf40a1ef195a76f0cfa7b304b6f8f760e081e867591a35277706671015088b4620dcc5014bc05508d345396ca673a8e5621","ssdeep":"768:b5pKi2jqwzjkRFeMV0MkWG5Zg5TMuwYdrtNqpgAEbw7myr2TfObTvII6YzpHS1f5:b5/WY7XxG+hmpvB4WTEMD5VsjBDLOhLs","tlshash":"e4131978f634303b817726b7845f3706ba353195a74f4084ce29c496787c88fba63ea5","first_seen":"2026-06-04T17:44:41.87597Z","last_seen":"2026-06-22T03:54:24.934003Z","times_seen":54,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-events-1.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.927Z","timestamp":1781712015927,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-events-1.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 10 Jul 2025 12:35:06 GMT\r\netag: W/\"686fb37a-347f\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-33\r\ntraceparent: 00-ad5673657ca24b4fe47797bfa1399d29-0f2e2bc191151efd-01\r\nx-id-shield: fr5-hw-edge-gc39\r\nage: 1123830\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc11\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T15:47:25+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13439,"size_decoded":4197,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13438)","md5":"fe0741f3cca980618b067b8ce3bb9377","sha1":"b013bd95a88f242bda0288423aac5e5be7261cea","sha256":"5ef75137fa784d916c1731eb5c3700fdadaf7babc8c55a933cb52910249ce576","sha512":"b99997ac68d6cd3b517a8c76ffe9247a41d77be1b2031fd9d4f87ba6c51473fe56ea576d9dae5b1eec639e32ba0a75492778149959205f898a7f65e271367b8b","ssdeep":"384:ZjAm742zrc9BZvBTB/CQsxq8s70g91sSqMRC2tx8eVhJKsXug+q1:F574crc9BZvBTB/hsxq8A1sSqMRC2txV","tlshash":"2852f793a8307d7465f824ac6e6a37c534b822adf5c501812d48fdae33159438a2bf9d","first_seen":"2025-07-10T16:23:26.55297Z","last_seen":"2026-06-22T03:54:24.948965Z","times_seen":4070,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thb.tildacdn.pro/tild6238-3630-4566-b830-633833653632/-/resize/20x/logo.png","fqdn":"thb.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.950Z","timestamp":1781712015950,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tild6238-3630-4566-b830-633833653632/-/resize/20x/logo.png HTTP/1.1\r\nHost: thb.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T04:29:52.872309Z","times_seen":16626337,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/img/tildacopy.png","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.961Z","timestamp":1781712015961,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /img/tildacopy.png HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 819\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\netag: \"008f3580b6c16d8902b62bf0982176c8\"\r\nlast-modified: Mon, 05 Feb 2018 10:39:55 GMT\r\nage: 5157538\r\nx-tilda-origin: or-31\r\nx-id-shield: fr5-hw-edge-gc39\r\nx-id: sto5-hw-edge-gc11\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T15:52:48+00:00\r\naccept-ranges: bytes\r\ntraceparent: 00-dc70eee7c7dae21b58a192a744e308f4-6253ede73a0e6d5a-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":819,"size_decoded":1370,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit colormap, non-interlaced","md5":"008f3580b6c16d8902b62bf0982176c8","sha1":"aed272653b94904393ed90cffa74d1a9177b716a","sha256":"feaa79fd393600ae251d35df414fc9c5633674b6104a52cdfdfe1b449f2aa15a","sha512":"7c2a91ea4b3fbbf58f1d8e2de9d0b7faa1d2fcbd584cb11064b015a2f08d7095ad7d2a513573f563644523eb57e0bb2e554c405ed2404c6e1cda0c8e96bc7148","ssdeep":"","tlshash":"850144bb1a39a7adc8261ae10669838620656e3b91787659f9dd341f1d32d82190ca01","first_seen":"2023-05-14T16:57:39Z","last_seen":"2026-06-17T16:00:29.558685Z","times_seen":1421,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-popup-1.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.919Z","timestamp":1781712015919,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-popup-1.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nlast-modified: Tue, 25 Nov 2025 14:58:40 GMT\r\netag: W/\"6925c420-d26\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\ncontent-encoding: gzip\r\nx-tilda-origin: or-32\r\ntraceparent: 00-2bc2d3b3a29880ef91a3d640bda17874-17413c8cffec36e0-01\r\nx-id-shield: fr5-hw-edge-gc39\r\nage: 1123846\r\nx-id: sto5-hw-edge-gc15\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T09:11:22+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3366,"size_decoded":2028,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3365)","md5":"eb286eafe5f0b9d3ebc1022b3e1ee29d","sha1":"5f782bf6a25f09790ff426d95251157e77301d71","sha256":"22dd5ef26241412d3a0872d24e45000751ea3414fcf0b8d331413f6be6e5eb1c","sha512":"69a49a1237ddb3a3e8a71db0c68b2c189bdb4d90ca4becf72a3afd571d4eace16c8cf5643222ccbc43f3bfee7d3e122dd198f28720e3884af228e81b707e37af","ssdeep":"","tlshash":"c3615324b6b4317206df51f9e9da62cd3b3190aef6038c606468dc8865f88cac60597e","first_seen":"2025-11-25T15:11:39.238194Z","last_seen":"2026-06-22T03:54:24.950936Z","times_seen":1237,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-zero-scale-1.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.925Z","timestamp":1781712015925,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-zero-scale-1.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 04 Jun 2026 12:03:35 GMT\r\netag: W/\"6a216997-1ed1\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-32\r\ntraceparent: 00-fb5651fb37f994ef547d7fb287d2e1cd-9179119d78ea2713-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 710361\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc10\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T09:26:02+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":7889,"size_decoded":2828,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7888)","md5":"b994ae368afaa0647324c897d8a3bcb7","sha1":"5715ac911278b56e5186726f1b0d56c0e5887e78","sha256":"600a06ff557b85aa4fac64673d7d3635eff9c3e1fcbf7e68d6a947622d2b8e14","sha512":"c49efc4fcfe55d8f00bedb61768a0ee73cf07a44c4f631c7da8b449dd8eb2d2a9f7c01eefc6526668f0c112b17a5dacd7d669435ef3369959f077e1b5accf8d2","ssdeep":"192:PKMuA/JKsuilDREGJPCinMNV42y5gcJzJhJPJwJItJJtJdJmJGJVJP1rtgxgtvTM:nuA/JL1lDREGJPCinmGScJzJhJPJwJqM","tlshash":"2df163957a3e702a8bae15b7011f230f7e7992d5530f8a44c8258466382dd1aea87ee1","first_seen":"2026-06-04T17:44:41.886285Z","last_seen":"2026-06-22T03:54:24.948437Z","times_seen":51,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thb.tildacdn.pro/tild6666-6239-4031-a130-346537633932/-/resize/20x/Subtract.png","fqdn":"thb.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.952Z","timestamp":1781712015952,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tild6666-6239-4031-a130-346537633932/-/resize/20x/Subtract.png HTTP/1.1\r\nHost: thb.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T04:29:52.872309Z","times_seen":16626337,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/css/tilda-grid-3.0.min.css","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.893Z","timestamp":1781712015893,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /css/tilda-grid-3.0.min.css HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: text/css\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Feb 2023 12:52:41 GMT\r\netag: W/\"63f4be99-11a2\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-32\r\ntraceparent: 00-81303628ea040aa5f3433c34a7f8655e-cf4213b76c931b9b-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 1123948\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc10\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-16T12:06:15+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":4514,"size_decoded":1576,"mime_type":"text/css","magic":"ASCII text, with very long lines (4514), with no line terminators","md5":"ffd973cc9b002ba30ce57896976c7218","sha1":"9e330a8ea115d5b11ab8e04040546956f9923fb6","sha256":"0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec","sha512":"3979c8e6acfdffadc1a5534ad9b05270fdd43484340974e03d973e0c77d1b7b72492aa65fd6fd296cacf135b218bc07df0f5b5a583f0a25bbae674d58f3c6cb4","ssdeep":"96:ptBrBxFXC29lpgiikFFncB1XqRirWBQcoLlcY2e:pzVjS2BYzXwiXute","tlshash":"f89121230fad5a3ea555c45cc1d1a17e5a0fa30573eb1cc9fd12a8bba54ffc014b0a5a","first_seen":"2023-04-05T15:36:49Z","last_seen":"2026-06-21T04:42:53.850482Z","times_seen":4636,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":34,"connect":9,"send":0,"wait":9,"receive":0,"ssl":237},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/css/tilda-forms-1.0.min.css","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.904Z","timestamp":1781712015904,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /css/tilda-forms-1.0.min.css HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:16 GMT\r\ncontent-type: text/css\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Mon, 06 Apr 2026 08:50:47 GMT\r\netag: W/\"69d373e7-ab7d\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-32\r\ntraceparent: 00-f1bc2ae32add31cbfcc5a9cc4118ffc1-f720d1f05ea51081-01\r\nx-id-shield: am3-hw-edge-gc38\r\nage: 1123945\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-04T15:48:53+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43901,"size_decoded":6326,"mime_type":"text/css","magic":"ASCII text, with very long lines (13954)","md5":"abd5957b5eaeb960abf9006d52454729","sha1":"83e02e4227b39661248cc8fca909f1bce1ea030d","sha256":"d501f8cefa70eca2af74c3f089f8caf4af72daf71e19363df032e3392721e4f4","sha512":"f9b99815f4baba56492320fe10130268e37fa51b36a19572e1c40d61a8505822f4c6829dcd26951c37c96fb4f621b9527203422456fdb4669e28742fad00b03c","ssdeep":"384:3rr8bs0QLtyCXDaOoJ/8+WXWHdfPgAaQJL7K6NEjuBXR6Fhrx/2x/98Kp:P8bs0QLttDaZWXadfPgAaQFG6zb","tlshash":"39132232a874365cb8168e7c5ac5d209452cc4218f9349cfe2847838678e597d7ffbae","first_seen":"2026-04-06T13:41:42.734432Z","last_seen":"2026-06-21T12:36:29.204509Z","times_seen":789,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":24,"connect":9,"send":0,"wait":9,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/js/tilda-zero-forms-1.0.min.js","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:15.923Z","timestamp":1781712015923,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tildacdn.pro","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Mon, 21 Jul 2025 00:00:00 GMT","end":"Thu, 20 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:62:24:F8:FD:5A:83:69:77:B8:DD:99:40:CD:7A:4A:FC:9C:03:96","sha256":"AD:A4:B3:C1:E9:78:E4:B5:D6:2B:C1:A7:56:47:0D:A1:38:08:35:FF:CB:4F:7E:EB:3F:53:6A:A0:C8:D0:35:9B"}}},"request":{"raw":"GET /js/tilda-zero-forms-1.0.min.js HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Wed, 17 Jun 2026 16:00:15 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc14\r\nx-shard: sto5-shard0-default\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 03:40:39 GMT\r\netag: W/\"69e6f1b7-10f0b\"\r\nx-tilda-front: fr-3\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-allow-headers: Accept,X-Requested-With,X-File-Name,X-Mime-Type,Content-Type,Cache-Control,Origin\r\nx-tilda-origin: or-33\r\ntraceparent: 00-d03d71c2e98cb5116463fd1986a38e41-8307d8aaae18231e-01\r\nx-id-shield: fr5-hw-edge-gc40\r\nage: 1123782\r\ncontent-encoding: br\r\nx-id: sto5-hw-edge-gc14\r\naccess-control-allow-origin: *\r\ncache: HIT\r\nx-cached-since: 2026-06-04T15:51:51+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":69387,"size_decoded":17880,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e42a86442535ccc81df9d29ce76d9821","sha1":"61d7e60027c85cb64dca4bcf60be9392f6210c93","sha256":"e524610088949d9781c13f571952d954f5a6a70f39b1d4de59652a657336bfed","sha512":"5b32a594594ebd28e477603e8e2368bed244f87107e3838ad649dfcb565e83b425e097b3c9e264f8abe85a43e5bfe2dba4232c35646f02cd273496ffaf8c68fd","ssdeep":"1536:RyJ5DuQ6hM5w3VJoOcZ9PsKuvaAqbdPbIfQbQ15yYcZJIVSP5Z:YJGhllvc/sKulqbdPrJI8n","tlshash":"626395b47137253602974fbe24ff7785776ca1219562c810cc68c84d2abd887d73bbaa","first_seen":"2026-04-21T16:07:49.475673Z","last_seen":"2026-06-22T03:54:24.943827Z","times_seen":208,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":59,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.tildacdn.pro/tild6636-3737-4236-a162-356138313961/photo_2024-07-16_19-.png","fqdn":"static.tildacdn.pro","domain":"tildacdn.pro","tld":"pro"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://investudy.kz/po","date":"2026-06-17T16:00:19.867Z","timestamp":1781712019867,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /tild6636-3737-4236-a162-356138313961/photo_2024-07-16_19-.png HTTP/1.1\r\nHost: static.tildacdn.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://investudy.kz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T04:29:52.872309Z","times_seen":16626337,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}