Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
30/07/2024, 13:01 UTC
Static task
static1
Behavioral task
behavioral1
Sample
NCALayer-1.2.2-ADILETGOV.jar
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
NCALayer-1.2.2-ADILETGOV.jar
Resource
win10v2004-20240709-en
General
-
Target
NCALayer-1.2.2-ADILETGOV.jar
-
Size
4KB
-
MD5
1d60146ca0a7eed20312eb2750e5ce10
-
SHA1
51b102215ba662c2b4c91df1403728d0894b1d2b
-
SHA256
8deb8ee811cbb3c186183950491c5c38da704b304057cdeaaf81b91e4f6e8a7e
-
SHA512
c2e2445ed728a2429bfcc8fb710de9a640b74b49f4b60361c7d7e23d115c0405e69276caf34828960fc8c8513b9d93fe8a7b02ecf59e816c6e072adc9c444993
-
SSDEEP
96:jp2KXysQ3U4dcJ4RN2cGWjklK1t/e0+U3n3XzuY3H8UAKQkH:jppCtQ4RGWjJb/F3H6giKD
Malware Config
Extracted
strrat
https://pastebin.com/raw/67b8GSUQ:13777
https://pastebin.com/raw/8umPhg86:13778
-
license_id
RPTV-2M8W-MG8W-F8QN-9ERV
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Signatures
-
Drops startup file 2 IoCs
description ioc Process File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NCALayerServer.jar java.exe File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NCALayerServer.jar java.exe -
Loads dropped DLL 1 IoCs
pid Process 3932 java.exe -
Adds Run key to start application 2 TTPs 2 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NCALayerServer = "\"C:\\Program Files\\Java\\jre-1.8\\bin\\javaw.exe\" -jar \"C:\\Users\\Admin\\AppData\\Roaming\\NCALayerServer.jar\"" java.exe Set value (str) \REGISTRY\USER\S-1-5-21-464762018-485119342-1613148473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NCALayerServer = "\"C:\\Program Files\\Java\\jre-1.8\\bin\\javaw.exe\" -jar \"C:\\Users\\Admin\\AppData\\Roaming\\NCALayerServer.jar\"" java.exe -
Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
flow ioc 79 pastebin.com 32 pastebin.com 33 pastebin.com -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Scheduled Task/Job: Scheduled Task 1 TTPs 1 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
pid Process 1992 schtasks.exe -
Suspicious behavior: EnumeratesProcesses 6 IoCs
pid Process 4676 msedge.exe 4676 msedge.exe 4824 msedge.exe 4824 msedge.exe 5916 identity_helper.exe 5916 identity_helper.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
pid Process 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe -
Suspicious use of FindShellTrayWindow 51 IoCs
pid Process 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe -
Suspicious use of SendNotifyMessage 48 IoCs
pid Process 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe 4824 msedge.exe -
Suspicious use of SetWindowsHookEx 7 IoCs
pid Process 4168 java.exe 4168 java.exe 4168 java.exe 4168 java.exe 4168 java.exe 4168 java.exe 4168 java.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4168 wrote to memory of 4588 4168 java.exe 93 PID 4168 wrote to memory of 4588 4168 java.exe 93 PID 4168 wrote to memory of 4824 4168 java.exe 98 PID 4168 wrote to memory of 4824 4168 java.exe 98 PID 4824 wrote to memory of 2620 4824 msedge.exe 99 PID 4824 wrote to memory of 2620 4824 msedge.exe 99 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4960 4824 msedge.exe 100 PID 4824 wrote to memory of 4676 4824 msedge.exe 101 PID 4824 wrote to memory of 4676 4824 msedge.exe 101 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 PID 4824 wrote to memory of 4256 4824 msedge.exe 102 -
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\NCALayer-1.2.2-ADILETGOV.jar1⤵
- Drops startup file
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4168 -
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exejava -jar "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NCALayerServer.jar"2⤵PID:4588
-
C:\Program Files\Java\jre-1.8\bin\java.exe"C:\Program Files\Java\jre-1.8\bin\java.exe" -jar "C:\Users\Admin\NCALayerServer.jar"3⤵
- Drops startup file
- Adds Run key to start application
PID:3888 -
C:\Windows\SYSTEM32\cmd.execmd /c schtasks /create /sc minute /mo 30 /tn Skype /tr "C:\Users\Admin\AppData\Roaming\NCALayerServer.jar"4⤵PID:4024
-
C:\Windows\system32\schtasks.exeschtasks /create /sc minute /mo 30 /tn Skype /tr "C:\Users\Admin\AppData\Roaming\NCALayerServer.jar"5⤵
- Scheduled Task/Job: Scheduled Task
PID:1992
-
-
-
C:\Program Files\Java\jre-1.8\bin\java.exe"C:\Program Files\Java\jre-1.8\bin\java.exe" -jar "C:\Users\Admin\AppData\Roaming\NCALayerServer.jar"4⤵
- Loads dropped DLL
PID:3932
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://kgd.gov.kz/ru/app/culs-taxarrear-search-web2⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4824 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc901e46f8,0x7ffc901e4708,0x7ffc901e47183⤵PID:2620
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:23⤵PID:4960
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:33⤵
- Suspicious behavior: EnumeratesProcesses
PID:4676
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1528 /prefetch:83⤵PID:4256
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:13⤵PID:3472
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:13⤵PID:2576
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:13⤵PID:4332
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:13⤵PID:3468
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6088 /prefetch:83⤵PID:5616
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6088 /prefetch:83⤵
- Suspicious behavior: EnumeratesProcesses
PID:5916
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:13⤵PID:5936
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:13⤵PID:5948
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:13⤵PID:2776
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:13⤵PID:4360
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:13⤵PID:5248
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:13⤵PID:5580
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:13⤵PID:1636
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:13⤵PID:5000
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,13159053797097809990,1892066905502974529,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2892 /prefetch:23⤵PID:3044
-
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:2128
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4940
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default1⤵PID:4544
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc901e46f8,0x7ffc901e4708,0x7ffc901e47182⤵PID:5648
-
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:1952
Network
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request71.159.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request13.86.106.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request26.35.223.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestpastebin.comIN AResponsepastebin.comIN A172.67.19.24pastebin.comIN A104.20.3.235pastebin.comIN A104.20.4.235
-
Remote address:8.8.8.8:53Requestpastebin.comIN A
-
Remote address:8.8.8.8:53Requestazatnews.kzIN AResponseazatnews.kzIN A194.39.65.24
-
Remote address:8.8.8.8:53Request24.19.67.172.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request24.65.39.194.in-addr.arpaIN PTRResponse24.65.39.194.in-addr.arpaIN PTRsrv-plesk62pskz
-
Remote address:8.8.8.8:53Request24.65.39.194.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Requestgithub.comIN AResponsegithub.comIN A20.26.156.215
-
Remote address:8.8.8.8:53Requestgithub.comIN A
-
Remote address:8.8.8.8:53Requestrepo1.maven.orgIN AResponserepo1.maven.orgIN CNAMEdualstack.sonatype.map.fastly.netdualstack.sonatype.map.fastly.netIN A199.232.192.209dualstack.sonatype.map.fastly.netIN A199.232.196.209
-
Remote address:8.8.8.8:53Requestrepo1.maven.orgIN A
-
Remote address:8.8.8.8:53Requestobjects.githubusercontent.comIN AResponseobjects.githubusercontent.comIN A185.199.108.133objects.githubusercontent.comIN A185.199.110.133objects.githubusercontent.comIN A185.199.109.133objects.githubusercontent.comIN A185.199.111.133
-
Remote address:8.8.8.8:53Request209.192.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request209.192.232.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request209.192.232.199.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request215.156.26.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request215.156.26.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request215.156.26.20.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request133.108.199.185.in-addr.arpaIN PTRResponse133.108.199.185.in-addr.arpaIN PTRcdn-185-199-108-133githubcom
-
Remote address:8.8.8.8:53Request133.108.199.185.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request133.108.199.185.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request149.220.183.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestkgd.gov.kzIN AResponsekgd.gov.kzIN A87.255.213.147
-
Remote address:87.255.213.147:443RequestGET /ru/app/culs-taxarrear-search-web HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:29 GMT
Content-Type: text/html; charset=utf-8
X-Drupal-Cache: HIT
Etag: "1722344167-1"
Content-Language: ru
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-Generator: Drupal 7 (http://drupal.org)
Cache-Control: public, max-age=10800
Last-Modified: Tue, 30 Jul 2024 12:56:07 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 37591
-
Remote address:87.255.213.147:443RequestGET /modules/system/system.messages.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:22 GMT
Content-Type: text/css
Content-Length: 961
Last-Modified: Fri, 05 Mar 2021 09:48:00 GMT
ETag: "6041fe50-3c1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /sites/all/modules/nonresident/css/nonresident.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:23 GMT
Content-Type: text/css
Last-Modified: Thu, 29 Apr 2021 14:12:02 GMT
Vary: Accept-Encoding
ETag: W/"608abeb2-36d2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 3656
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/css/footable.core.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:30 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Sep 2023 14:17:37 GMT
Vary: Accept-Encoding
ETag: W/"6512e801-1524"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 1262
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/css/special.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:24 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Sep 2023 14:17:37 GMT
Vary: Accept-Encoding
ETag: W/"6512e801-13e30"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 15757
-
Remote address:87.255.213.147:443RequestGET /apps/services/StaticResourcesWeb/js/datepicker.locales.js HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:24 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
ETag: W/"2352-1604555438000"
Last-Modified: Thu, 05 Nov 2020 05:50:38 GMT
Content-Encoding: gzip
Content-Length: 1200
-
Remote address:87.255.213.147:443RequestGET /apps/services/StaticResourcesWeb/js/app.js HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:32 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
ETag: W/"11210-1605678080000"
Last-Modified: Wed, 18 Nov 2020 05:41:20 GMT
Content-Encoding: gzip
Content-Length: 3964
-
GEThttps://kgd.gov.kz/sites/default/files/advagg_js/js__0BLiKGMq6ltLHdFnULA09l4oeJRFJqujRKfo_ka1H2M__VZq7dwkTjN_yzboliiXzKkblH3SFDmh0AVSmuD6eiTw__PNv-_ejGZ7ZmfpIDcT0M4XRgk37U8ArC6QdMiqjXWJE.jsmsedge.exeRemote address:87.255.213.147:443RequestGET /sites/default/files/advagg_js/js__0BLiKGMq6ltLHdFnULA09l4oeJRFJqujRKfo_ka1H2M__VZq7dwkTjN_yzboliiXzKkblH3SFDmh0AVSmuD6eiTw__PNv-_ejGZ7ZmfpIDcT0M4XRgk37U8ArC6QdMiqjXWJE.js HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:32 GMT
Content-Type: application/javascript
Last-Modified: Tue, 26 Sep 2023 15:22:21 GMT
Vary: Accept-Encoding
ETag: W/"6512f72d-dfc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 1917
-
GEThttps://kgd.gov.kz/sites/default/files/advagg_js/js__kgBzEew375opErticaz0339aAXuAnDgK4WnFDvdZJTQ__OiiZLw0zgtGvTunhVYGyE3Ib6-LZMkj4eME6yZs3S_k__PNv-_ejGZ7ZmfpIDcT0M4XRgk37U8ArC6QdMiqjXWJE.jsmsedge.exeRemote address:87.255.213.147:443RequestGET /sites/default/files/advagg_js/js__kgBzEew375opErticaz0339aAXuAnDgK4WnFDvdZJTQ__OiiZLw0zgtGvTunhVYGyE3Ib6-LZMkj4eME6yZs3S_k__PNv-_ejGZ7ZmfpIDcT0M4XRgk37U8ArC6QdMiqjXWJE.js HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:32 GMT
Content-Type: application/javascript
Last-Modified: Tue, 26 Sep 2023 15:22:21 GMT
Vary: Accept-Encoding
ETag: W/"6512f72d-de95"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 18070
-
GEThttps://kgd.gov.kz/sites/default/files/styles/menu-ico/public/spravochniki_0.png?itok=KERK9zW8msedge.exeRemote address:87.255.213.147:443RequestGET /sites/default/files/styles/menu-ico/public/spravochniki_0.png?itok=KERK9zW8 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: has_js=1
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:26 GMT
Content-Type: image/png
Content-Length: 3175
Last-Modified: Fri, 23 Dec 2016 17:18:48 GMT
ETag: "585d5c78-c67"
Expires: Thu, 29 Aug 2024 13:00:26 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://kgd.gov.kz
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://kgd.gov.kz/sites/all/themes/KGD17/css/all.css?sguvz1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: has_js=1
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:26 GMT
Content-Type: application/octet-stream
Content-Length: 150020
Last-Modified: Tue, 26 Sep 2023 14:17:37 GMT
ETag: "6512e801-24a04"
Accept-Ranges: bytes
-
GEThttps://kgd.gov.kz/sites/default/files/styles/bn/public/images/akorda_kz.png?itok=GEQlaB34msedge.exeRemote address:87.255.213.147:443RequestGET /sites/default/files/styles/bn/public/images/akorda_kz.png?itok=GEQlaB34 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: has_js=1; kgd_spec_version=normal; kgd_spec_color=c1; kgd_spec_fontsize=font-small; kgd_spec_img=imageson
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:35 GMT
Content-Type: image/png
Content-Length: 22101
Last-Modified: Mon, 06 Mar 2017 10:41:51 GMT
ETag: "58bd3cef-5655"
Expires: Thu, 29 Aug 2024 13:02:35 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/images/pin.png HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://kgd.gov.kz/sites/all/themes/KGD17/css/kgd17.css?sguvz1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: has_js=1; kgd_spec_version=normal; kgd_spec_color=c1; kgd_spec_fontsize=font-small; kgd_spec_img=imageson; _ym_uid=1722344554376634383; _ym_d=1722344554; _zero_cc=a76b3659037327; _zero_ss=66a8e46bbb24d.1722344555.1722344555.1; _ym_isad=2
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:37 GMT
Content-Type: image/png
Content-Length: 753
Last-Modified: Tue, 26 Sep 2023 14:17:36 GMT
ETag: "6512e800-2f1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /modules/system/system.base.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:30 GMT
Content-Type: text/css
Last-Modified: Fri, 05 Mar 2021 09:47:59 GMT
Vary: Accept-Encoding
ETag: W/"6041fe4f-1534"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 2596
-
Remote address:87.255.213.147:443RequestGET /modules/system/system.menus.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:30 GMT
Content-Type: text/css
Last-Modified: Fri, 05 Mar 2021 09:48:00 GMT
Vary: Accept-Encoding
ETag: W/"6041fe50-7f3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 900
-
Remote address:87.255.213.147:443RequestGET /modules/node/node.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:30 GMT
Content-Type: text/css
Content-Length: 144
Last-Modified: Fri, 05 Mar 2021 09:47:59 GMT
ETag: "6041fe4f-90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /sites/all/modules/ckeditor/css/ckeditor.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:30 GMT
Content-Type: text/css
Content-Length: 431
Last-Modified: Fri, 05 Mar 2021 09:48:10 GMT
ETag: "6041fe5a-1af"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /modules/locale/locale.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:23 GMT
Content-Type: text/css
Content-Length: 875
Last-Modified: Fri, 05 Mar 2021 09:48:01 GMT
ETag: "6041fe51-36b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/css/all.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:23 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Sep 2023 14:17:37 GMT
Vary: Accept-Encoding
ETag: W/"6512e801-22404"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 33530
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/css/jquery.dataTables.css?sguvz1 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:31 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Sep 2023 14:17:37 GMT
Vary: Accept-Encoding
ETag: W/"6512e801-381e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 3138
-
Remote address:87.255.213.147:443RequestGET /apps/services/StaticResourcesWeb/js/jquery.localize.js HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:32 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
ETag: W/"6881-1604555438000"
Last-Modified: Thu, 05 Nov 2020 05:50:38 GMT
Content-Encoding: gzip
Content-Length: 2552
-
GEThttps://kgd.gov.kz/sites/default/files/styles/menu-ico/public/spisok-platelshchikov.png?itok=IUJ62bWamsedge.exeRemote address:87.255.213.147:443RequestGET /sites/default/files/styles/menu-ico/public/spisok-platelshchikov.png?itok=IUJ62bWa HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://kgd.gov.kz/ru/app/culs-taxarrear-search-web
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: has_js=1
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:00:26 GMT
Content-Type: image/png
Content-Length: 1814
Last-Modified: Fri, 23 Dec 2016 17:18:48 GMT
ETag: "585d5c78-716"
Expires: Thu, 29 Aug 2024 13:00:26 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
-
Remote address:87.255.213.147:443RequestGET /sites/all/themes/KGD17/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: kgd.gov.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://kgd.gov.kz
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://kgd.gov.kz/sites/all/themes/KGD17/css/all.css?sguvz1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: has_js=1
ResponseHTTP/1.1 200 OK
Date: Tue, 30 Jul 2024 13:02:39 GMT
Content-Type: application/octet-stream
Content-Length: 109808
Last-Modified: Tue, 26 Sep 2023 14:17:37 GMT
ETag: "6512e801-1acf0"
Accept-Ranges: bytes
-
Remote address:8.8.8.8:53Request147.213.255.87.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request86.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request234.75.250.142.in-addr.arpaIN PTRResponse234.75.250.142.in-addr.arpaIN PTRpar10s41-in-f101e100net
-
Remote address:8.8.8.8:53Request67.179.250.142.in-addr.arpaIN PTRResponse67.179.250.142.in-addr.arpaIN PTRpar21s19-in-f31e100net
-
Remote address:8.8.8.8:53Request171.39.242.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestakorda.kzIN AResponseakorda.kzIN A93.191.231.133akorda.kzIN A93.191.231.137
-
Remote address:93.191.231.133:443RequestGET /ru/widget HTTP/1.1
Host: akorda.kz
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://kgd.gov.kz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.56 (Debian)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InY1RTFZXC8xd0FmR3o4dG9zMTVBYnZRPT0iLCJ2YWx1ZSI6IjdWQW5YelVOcVFFY25vRWVYalY5M1h5Q01aRnVHcGtZclZmVWdSRldPSDV2VDBEMEkzbzdsTjQ3QTlBWTZkemIiLCJtYWMiOiI1N2Q5NjA4NDlkYzEyNzRkNjUwOTUzOWVjZTAzYjI1NDU2MjYzZjAyYzRjZWViMWExYmUyZjliZDc4YmE3ZjY5In0%3D; expires=Tue, 30-Jul-2024 15:02:34 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_akordasdc=eyJpdiI6InFuWG9DOTAzVkdybnZVRUJESkpBTVE9PSIsInZhbHVlIjoiMUNrYmkxelliYnB4VTNtd3dlVTBNNytVcWlFblJrd1paZGY5WE9lbFU2ZjFBMkVXNm80R01WMmlRRVJVemt6YyIsIm1hYyI6Ijg2ZjdmNmViZDJiMmI0NGRjYjAyYjZkN2Q4MmE3YTdhY2M3MmNmZjc4NmQ4OWMyNGU1NDNiOWJkNGM1ODY4OWEifQ%3D%3D; expires=Tue, 30-Jul-2024 15:02:34 GMT; Max-Age=7200; path=/; httponly
Access-Control-Allow-Origin: https://admin.akorda.kz
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Set-Cookie: cookiesession1=678B76A69F41562B430D5D5F36090367;Expires=Wed, 30 Jul 2025 13:02:34 GMT;Path=/;HttpOnly
-
Remote address:8.8.8.8:53Requestinformer.yandex.ruIN AResponseinformer.yandex.ruIN A87.250.250.119informer.yandex.ruIN A87.250.251.119informer.yandex.ruIN A93.158.134.119
-
Remote address:8.8.8.8:53Requestmc.yandex.ruIN AResponsemc.yandex.ruIN A87.250.250.119mc.yandex.ruIN A87.250.251.119mc.yandex.ruIN A77.88.21.119mc.yandex.ruIN A93.158.134.119
-
Remote address:87.250.250.119:443RequestGET /informer/34410855/3_1_FFFFFFFF_EFEFEFFF_0_pageviews HTTP/2.0
host: informer.yandex.ru
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:87.250.250.119:443RequestGET /metrika/watch.js HTTP/2.0
host: mc.yandex.ru
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request133.231.191.93.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestc.zero.kzIN AResponsec.zero.kzIN A91.201.214.115
-
Remote address:91.201.214.115:443RequestGET /z.js HTTP/2.0
host: c.zero.kz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 301
date: Tue, 30 Jul 2024 13:02:34 GMT
content-type: text/html
content-length: 162
location: ?c=a76b3659037327
-
Remote address:91.201.214.115:443RequestGET /z.js?c=a76b3659037327 HTTP/2.0
host: c.zero.kz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
date: Tue, 30 Jul 2024 13:02:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Tue, 06 Aug 2024 13:02:35 GMT
cache-control: private
set-cookie: client_cc=a76b3659037327; expires=Sat, 31 Aug 2024 13:02:35 GMT; path=/; domain=zero.kz
content-encoding: gzip
-
GEThttps://c.zero.kz/z.png?u=72460&t=1&cc=a76b3659037327&s=66a8e46bbb24d&sh=1&slt=0&d=0&wd=1280&hg=720&cd=24&w=1263&h=609&ln=en-us&je=0&cs=UTF-8&ce=1&du=https%3A%2F%2Fkgd.gov.kz%2Fru%2Fapp%2Fculs-taxarrear-search-web&tz=0&dt=%D0%A1%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BE%D0%B1%20%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D0%B8%D0%B8%20(%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%B8%D0%B8)%20%D0%B7%D0%B0%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%83%D1%87%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%BC%20%D0%B2%D0%B5%D0%B4%D0%B5%D1%82%D1%81%D1%8F%20%D0%B2%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B0%D1%85%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%7C%20%D0%9A%D0%BE%D0%BC%D0%B8%D1%82%D0%B5%D1%82%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%9C%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B5%D1%80%D1%81%D1%82%D0%B2%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%20%D0%A0%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD&11.189615591770579msedge.exeRemote address:91.201.214.115:443RequestGET /z.png?u=72460&t=1&cc=a76b3659037327&s=66a8e46bbb24d&sh=1&slt=0&d=0&wd=1280&hg=720&cd=24&w=1263&h=609&ln=en-us&je=0&cs=UTF-8&ce=1&du=https%3A%2F%2Fkgd.gov.kz%2Fru%2Fapp%2Fculs-taxarrear-search-web&tz=0&dt=%D0%A1%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BE%D0%B1%20%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D0%B8%D0%B8%20(%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%B8%D0%B8)%20%D0%B7%D0%B0%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%83%D1%87%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%BC%20%D0%B2%D0%B5%D0%B4%D0%B5%D1%82%D1%81%D1%8F%20%D0%B2%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B0%D1%85%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%7C%20%D0%9A%D0%BE%D0%BC%D0%B8%D1%82%D0%B5%D1%82%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%9C%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B5%D1%80%D1%81%D1%82%D0%B2%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%20%D0%A0%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD&11.189615591770579 HTTP/2.0
host: c.zero.kz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 200
date: Tue, 30 Jul 2024 13:02:40 GMT
content-type: image/png
set-cookie: client_cc=a76b3659037327; expires=Sat, 31 Aug 2024 13:02:40 GMT; Max-Age=2764800; path=/; domain=zero.kz
p3p: CP="NOI DSP COR CURa ADMa DEVa OUR IND UNI COM NAV INT PRE"
-
Remote address:8.8.8.8:53Request115.214.201.91.in-addr.arpaIN PTRResponse115.214.201.91.in-addr.arpaIN PTRzero-web-01neolabsnet
-
Remote address:8.8.8.8:53Request233.38.18.104.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request119.250.250.87.in-addr.arpaIN PTRResponse119.250.250.87.in-addr.arpaIN PTRmcyandexru
-
Remote address:8.8.8.8:53Requestwww.google.comIN AResponsewww.google.comIN A172.217.20.196
-
Remote address:172.217.20.196:443RequestGET /recaptcha/api.js?hl=ru&_=1722344551141 HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVUdoUAAAAAL8OTsq8xN-1czb129z5zxWsXkMk&co=aHR0cHM6Ly9rZ2QuZ292Lmt6OjQ0Mw..&hl=ru&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=normal&cb=gk4o85946hzamsedge.exeRemote address:172.217.20.196:443RequestGET /recaptcha/api2/anchor?ar=1&k=6LeVUdoUAAAAAL8OTsq8xN-1czb129z5zxWsXkMk&co=aHR0cHM6Ly9rZ2QuZ292Lmt6OjQ0Mw..&hl=ru&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=normal&cb=gk4o85946hza HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestmc.yandex.comIN AResponsemc.yandex.comIN CNAMEmc.yandex.rumc.yandex.ruIN A77.88.21.119mc.yandex.ruIN A87.250.251.119mc.yandex.ruIN A93.158.134.119mc.yandex.ruIN A87.250.250.119
-
Remote address:8.8.8.8:53Requestmc.yandex.kzIN AResponsemc.yandex.kzIN CNAMEmc.yandex.rumc.yandex.ruIN A87.250.250.119mc.yandex.ruIN A93.158.134.119mc.yandex.ruIN A87.250.251.119mc.yandex.ruIN A77.88.21.119
-
Remote address:87.250.250.119:443RequestGET /sync_cookie_image_check HTTP/2.0
host: mc.yandex.kz
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://kgd.gov.kz/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request196.20.217.172.in-addr.arpaIN PTRResponse196.20.217.172.in-addr.arpaIN PTRwaw02s08-in-f41e100net196.20.217.172.in-addr.arpaIN PTRwaw02s08-in-f196�H196.20.217.172.in-addr.arpaIN PTRpar10s50-in-f4�H
-
Remote address:8.8.8.8:53Request67.214.58.216.in-addr.arpaIN PTRResponse67.214.58.216.in-addr.arpaIN PTRpar10s39-in-f31e100net67.214.58.216.in-addr.arpaIN PTRfra15s10-in-f67�G67.214.58.216.in-addr.arpaIN PTRfra15s10-in-f3�G
-
Remote address:8.8.8.8:53Request172.214.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requesttse1.mm.bing.netIN AResponsetse1.mm.bing.netIN CNAMEmm-mm.bing.net.trafficmanager.netmm-mm.bing.net.trafficmanager.netIN CNAMEax-0001.ax-msedge.netax-0001.ax-msedge.netIN A150.171.27.10ax-0001.ax-msedge.netIN A150.171.28.10
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340418594_1AB2H0FOTMRSGN1Z8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:150.171.27.10:443RequestGET /th?id=OADD2.10239340418594_1AB2H0FOTMRSGN1Z8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 679486
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1B73A4736DC4CDAAADED5C25F5C78A2 Ref B: LON04EDGE1211 Ref C: 2024-07-30T13:02:40Z
date: Tue, 30 Jul 2024 13:02:40 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360494465_1WL11PE3QHWZ3Q9V1&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:150.171.27.10:443RequestGET /th?id=OADD2.10239360494465_1WL11PE3QHWZ3Q9V1&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 544366
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEBAE0ABC0574C44B0ADB4CD2F92423A Ref B: LON04EDGE1211 Ref C: 2024-07-30T13:02:40Z
date: Tue, 30 Jul 2024 13:02:40 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239339384869_1U4BU5OP1KBSS4EDT&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90Remote address:150.171.27.10:443RequestGET /th?id=OADD2.10239339384869_1U4BU5OP1KBSS4EDT&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 539839
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5265584C3364A4D89284F38DC0A233E Ref B: LON04EDGE1211 Ref C: 2024-07-30T13:02:40Z
date: Tue, 30 Jul 2024 13:02:40 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239340418593_1C85PJIL648X6LOTZ&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:150.171.27.10:443RequestGET /th?id=OADD2.10239340418593_1C85PJIL648X6LOTZ&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 718107
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BAE1F7C337A042E18F22FFDE3B8FE040 Ref B: LON04EDGE1211 Ref C: 2024-07-30T13:02:40Z
date: Tue, 30 Jul 2024 13:02:40 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239339384870_1WSZL43T6U4G68XY0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:150.171.27.10:443RequestGET /th?id=OADD2.10239339384870_1WSZL43T6U4G68XY0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 526491
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AF551AC280AC43F5B1E04DB4ACA6937A Ref B: LON04EDGE1211 Ref C: 2024-07-30T13:02:40Z
date: Tue, 30 Jul 2024 13:02:40 GMT
-
GEThttps://tse1.mm.bing.net/th?id=OADD2.10239360494466_1NE7RS5P7DA5W3Y3W&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90Remote address:150.171.27.10:443RequestGET /th?id=OADD2.10239360494466_1NE7RS5P7DA5W3Y3W&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
ResponseHTTP/2.0 200
content-length: 491307
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 885F105B2CFD46F7832C233CF193917D Ref B: LON04EDGE1211 Ref C: 2024-07-30T13:02:41Z
date: Tue, 30 Jul 2024 13:02:40 GMT
-
Remote address:8.8.8.8:53Request21.236.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request21.236.111.52.in-addr.arpaIN PTR
-
1.5kB 4.3kB 14 11
-
7.9kB 279.7kB 148 208
-
70.2kB 2.8MB 1325 1994
-
46.1kB 1.6MB 810 1127
-
101.2kB 4.5MB 1967 3204
-
1.4kB 8.2kB 16 15
-
17.1kB 822.2kB 337 597
-
20.0kB 282.1kB 154 226
HTTP Request
GET https://kgd.gov.kz/ru/app/culs-taxarrear-search-webHTTP Response
200HTTP Request
GET https://kgd.gov.kz/modules/system/system.messages.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/modules/nonresident/css/nonresident.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/css/footable.core.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/css/special.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/apps/services/StaticResourcesWeb/js/datepicker.locales.jsHTTP Response
200HTTP Request
GET https://kgd.gov.kz/apps/services/StaticResourcesWeb/js/app.jsHTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/default/files/advagg_js/js__0BLiKGMq6ltLHdFnULA09l4oeJRFJqujRKfo_ka1H2M__VZq7dwkTjN_yzboliiXzKkblH3SFDmh0AVSmuD6eiTw__PNv-_ejGZ7ZmfpIDcT0M4XRgk37U8ArC6QdMiqjXWJE.jsHTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/default/files/advagg_js/js__kgBzEew375opErticaz0339aAXuAnDgK4WnFDvdZJTQ__OiiZLw0zgtGvTunhVYGyE3Ib6-LZMkj4eME6yZs3S_k__PNv-_ejGZ7ZmfpIDcT0M4XRgk37U8ArC6QdMiqjXWJE.jsHTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/default/files/styles/menu-ico/public/spravochniki_0.png?itok=KERK9zW8HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/webfonts/fa-solid-900.woff2HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/default/files/styles/bn/public/images/akorda_kz.png?itok=GEQlaB34HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/images/pin.pngHTTP Response
200 -
87.255.213.147:443https://kgd.gov.kz/sites/all/themes/KGD17/webfonts/fa-brands-400.woff2tls, httpmsedge.exe16.8kB 178.9kB 105 145
HTTP Request
GET https://kgd.gov.kz/modules/system/system.base.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/modules/system/system.menus.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/modules/node/node.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/modules/ckeditor/css/ckeditor.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/modules/locale/locale.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/css/all.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/css/jquery.dataTables.css?sguvz1HTTP Response
200HTTP Request
GET https://kgd.gov.kz/apps/services/StaticResourcesWeb/js/jquery.localize.jsHTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/default/files/styles/menu-ico/public/spisok-platelshchikov.png?itok=IUJ62bWaHTTP Response
200HTTP Request
GET https://kgd.gov.kz/sites/all/themes/KGD17/webfonts/fa-brands-400.woff2HTTP Response
200 -
11.4kB 51.8kB 41 49
-
33.2kB 572.7kB 255 452
-
14.1kB 142.5kB 79 124
-
20.5kB 242.3kB 154 198
-
1.5kB 4.5kB 16 16
-
260 B 160 B 5 4
-
2.9kB 6.3kB 14 12
HTTP Request
GET https://akorda.kz/ru/widgetHTTP Response
200 -
87.250.250.119:443https://informer.yandex.ru/informer/34410855/3_1_FFFFFFFF_EFEFEFFF_0_pageviewstls, http2msedge.exe6.9kB 12.7kB 32 30
HTTP Request
GET https://informer.yandex.ru/informer/34410855/3_1_FFFFFFFF_EFEFEFFF_0_pageviews -
4.0kB 66.2kB 48 63
HTTP Request
GET https://mc.yandex.ru/metrika/watch.js -
959 B 4.5kB 8 10
-
959 B 4.5kB 8 10
-
91.201.214.115:443https://c.zero.kz/z.png?u=72460&t=1&cc=a76b3659037327&s=66a8e46bbb24d&sh=1&slt=0&d=0&wd=1280&hg=720&cd=24&w=1263&h=609&ln=en-us&je=0&cs=UTF-8&ce=1&du=https%3A%2F%2Fkgd.gov.kz%2Fru%2Fapp%2Fculs-taxarrear-search-web&tz=0&dt=%D0%A1%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BE%D0%B1%20%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D0%B8%D0%B8%20(%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%B8%D0%B8)%20%D0%B7%D0%B0%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%83%D1%87%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%BC%20%D0%B2%D0%B5%D0%B4%D0%B5%D1%82%D1%81%D1%8F%20%D0%B2%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B0%D1%85%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%7C%20%D0%9A%D0%BE%D0%BC%D0%B8%D1%82%D0%B5%D1%82%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%9C%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B5%D1%80%D1%81%D1%82%D0%B2%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%20%D0%A0%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD&11.189615591770579tls, http2msedge.exe5.4kB 11.0kB 21 20
HTTP Request
GET https://c.zero.kz/z.jsHTTP Response
301HTTP Request
GET https://c.zero.kz/z.js?c=a76b3659037327HTTP Response
200HTTP Request
GET https://c.zero.kz/z.png?u=72460&t=1&cc=a76b3659037327&s=66a8e46bbb24d&sh=1&slt=0&d=0&wd=1280&hg=720&cd=24&w=1263&h=609&ln=en-us&je=0&cs=UTF-8&ce=1&du=https%3A%2F%2Fkgd.gov.kz%2Fru%2Fapp%2Fculs-taxarrear-search-web&tz=0&dt=%D0%A1%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BE%D0%B1%20%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D0%B8%D0%B8%20(%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%B8%D0%B8)%20%D0%B7%D0%B0%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%83%D1%87%D0%B5%D1%82%20%D0%BF%D0%BE%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%BC%20%D0%B2%D0%B5%D0%B4%D0%B5%D1%82%D1%81%D1%8F%20%D0%B2%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B0%D1%85%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%7C%20%D0%9A%D0%BE%D0%BC%D0%B8%D1%82%D0%B5%D1%82%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D1%85%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%9C%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B5%D1%80%D1%81%D1%82%D0%B2%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%20%D0%A0%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD&11.189615591770579HTTP Response
200 -
13.4kB 123.7kB 68 109
-
884 B 420 B 7 6
-
172.217.20.196:443https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVUdoUAAAAAL8OTsq8xN-1czb129z5zxWsXkMk&co=aHR0cHM6Ly9rZ2QuZ292Lmt6OjQ0Mw..&hl=ru&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=normal&cb=gk4o85946hzatls, http2msedge.exe3.4kB 42.9kB 40 45
HTTP Request
GET https://www.google.com/recaptcha/api.js?hl=ru&_=1722344551141HTTP Request
GET https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeVUdoUAAAAAL8OTsq8xN-1czb129z5zxWsXkMk&co=aHR0cHM6Ly9rZ2QuZ292Lmt6OjQ0Mw..&hl=ru&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=normal&cb=gk4o85946hza -
1.1kB 575 B 10 6
-
1.2kB 627 B 7 6
-
2.5kB 5.9kB 19 19
HTTP Request
GET https://mc.yandex.kz/sync_cookie_image_check -
1.2kB 6.9kB 15 13
-
1.2kB 6.9kB 15 13
-
150.171.27.10:443https://tse1.mm.bing.net/th?id=OADD2.10239360494466_1NE7RS5P7DA5W3Y3W&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90tls, http2136.8kB 3.6MB 2623 2619
HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340418594_1AB2H0FOTMRSGN1Z8&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360494465_1WL11PE3QHWZ3Q9V1&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239339384869_1U4BU5OP1KBSS4EDT&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239340418593_1C85PJIL648X6LOTZ&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239339384870_1WSZL43T6U4G68XY0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Response
200HTTP Request
GET https://tse1.mm.bing.net/th?id=OADD2.10239360494466_1NE7RS5P7DA5W3Y3W&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90HTTP Response
200 -
1.2kB 6.9kB 15 13
-
1.2kB 6.9kB 15 13
-
260 B 200 B 5 5
-
260 B 200 B 5 5
-
260 B 200 B 5 5
-
260 B 120 B 5 3
-
260 B 160 B 5 4
-
260 B 120 B 5 3
-
260 B 160 B 5 4
-
260 B 200 B 5 5
-
260 B 120 B 5 3
-
260 B 160 B 5 4
-
260 B 160 B 5 4
-
52 B 1
-
132 B 90 B 2 1
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
71.159.190.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
13.86.106.20.in-addr.arpa
-
148 B 128 B 2 1
DNS Request
172.210.232.199.in-addr.arpa
DNS Request
172.210.232.199.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
26.35.223.20.in-addr.arpa
-
116 B 106 B 2 1
DNS Request
pastebin.com
DNS Request
pastebin.com
DNS Response
172.67.19.24104.20.3.235104.20.4.235
-
57 B 73 B 1 1
DNS Request
azatnews.kz
DNS Response
194.39.65.24
-
71 B 133 B 1 1
DNS Request
24.19.67.172.in-addr.arpa
-
142 B 102 B 2 1
DNS Request
24.65.39.194.in-addr.arpa
DNS Request
24.65.39.194.in-addr.arpa
-
112 B 72 B 2 1
DNS Request
github.com
DNS Request
github.com
DNS Response
20.26.156.215
-
122 B 140 B 2 1
DNS Request
repo1.maven.org
DNS Request
repo1.maven.org
DNS Response
199.232.192.209199.232.196.209
-
75 B 139 B 1 1
DNS Request
objects.githubusercontent.com
DNS Response
185.199.108.133185.199.110.133185.199.109.133185.199.111.133
-
222 B 128 B 3 1
DNS Request
209.192.232.199.in-addr.arpa
DNS Request
209.192.232.199.in-addr.arpa
DNS Request
209.192.232.199.in-addr.arpa
-
216 B 158 B 3 1
DNS Request
215.156.26.20.in-addr.arpa
DNS Request
215.156.26.20.in-addr.arpa
DNS Request
215.156.26.20.in-addr.arpa
-
222 B 118 B 3 1
DNS Request
133.108.199.185.in-addr.arpa
DNS Request
133.108.199.185.in-addr.arpa
DNS Request
133.108.199.185.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
149.220.183.52.in-addr.arpa
-
56 B 72 B 1 1
DNS Request
kgd.gov.kz
DNS Response
87.255.213.147
-
73 B 126 B 1 1
DNS Request
147.213.255.87.in-addr.arpa
-
70 B 144 B 1 1
DNS Request
86.23.85.13.in-addr.arpa
-
73 B 112 B 1 1
DNS Request
234.75.250.142.in-addr.arpa
-
73 B 111 B 1 1
DNS Request
67.179.250.142.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
171.39.242.20.in-addr.arpa
-
55 B 87 B 1 1
DNS Request
akorda.kz
DNS Response
93.191.231.13393.191.231.137
-
64 B 112 B 1 1
DNS Request
informer.yandex.ru
DNS Response
87.250.250.11987.250.251.11993.158.134.119
-
58 B 122 B 1 1
DNS Request
mc.yandex.ru
DNS Response
87.250.250.11987.250.251.11977.88.21.11993.158.134.119
-
73 B 130 B 1 1
DNS Request
133.231.191.93.in-addr.arpa
-
55 B 71 B 1 1
DNS Request
c.zero.kz
DNS Response
91.201.214.115
-
73 B 110 B 1 1
DNS Request
115.214.201.91.in-addr.arpa
-
72 B 134 B 1 1
DNS Request
233.38.18.104.in-addr.arpa
-
73 B 99 B 1 1
DNS Request
119.250.250.87.in-addr.arpa
-
529 B 8
-
60 B 76 B 1 1
DNS Request
www.google.com
DNS Response
172.217.20.196
-
59 B 149 B 1 1
DNS Request
mc.yandex.com
DNS Response
77.88.21.11987.250.251.11993.158.134.11987.250.250.119
-
58 B 148 B 1 1
DNS Request
mc.yandex.kz
DNS Response
87.250.250.11993.158.134.11987.250.251.11977.88.21.119
-
73 B 171 B 1 1
DNS Request
196.20.217.172.in-addr.arpa
-
72 B 169 B 1 1
DNS Request
67.214.58.216.in-addr.arpa
-
4.8kB 10.0kB 20 18
-
2.5kB 15.6kB 9 16
-
74 B 128 B 1 1
DNS Request
172.214.232.199.in-addr.arpa
-
62 B 170 B 1 1
DNS Request
tse1.mm.bing.net
DNS Response
150.171.27.10150.171.28.10
-
144 B 158 B 2 1
DNS Request
21.236.111.52.in-addr.arpa
DNS Request
21.236.111.52.in-addr.arpa
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
46B
MD58afecdbe543aef35cb3391ee7db7958d
SHA13e20d6119b6fb61103340165d31ad63d350a3314
SHA256c20e59c3f9bc5aed6e9d456788f96152fd590c3fcd85a75ad26111dd098b5991
SHA512d0cf3cd485c4296eaf85859bae494a5d887e81bd9dc60278e998100b0afa9770011f9672d750e2f1c85a5f970f66d91375dd2b0b5a5221f98b44b9b3377941f0
-
Filesize
46B
MD5ecfbf1716799f89b43973ab37d5d7bc2
SHA1987738402f057507b9fe28e51e12e23d110b9783
SHA25650a96296c09566a3c5d896011140768ded8f632e97d6501643d7693a9477445f
SHA5120ea3236f9d8a3d2b6f90f0ec4b6f83a6457e828f0a7e9e03166588cad972ff2307d4edffd1c5810bb8a489fabd80b39c81fdf65f8706ca5e3b7054291decc762
-
Filesize
152B
MD59622e603d436ca747f3a4407a6ca952e
SHA1297d9aed5337a8a7290ea436b61458c372b1d497
SHA256ace0e47e358fba0831b508cd23949a503ae0e6a5c857859e720d1b6479ff2261
SHA512f774c5c44f0fcdfb45847626f6808076dccabfbcb8a37d00329ec792e2901dc59636ef15c95d84d0080272571542d43b473ce11c2209ac251bee13bd611b200a
-
Filesize
152B
MD504b60a51907d399f3685e03094b603cb
SHA1228d18888782f4e66ca207c1a073560e0a4cc6e7
SHA25687a9d9f1bd99313295b2ce703580b9d37c3a68b9b33026fdda4c2530f562e6a3
SHA5122a8e3da94eaf0a6c4a2f29da6fec2796ba6a13cad6425bb650349a60eb3204643fc2fd1ab425f0251610cb9cce65e7dba459388b4e00c12ba3434a1798855c91
-
Filesize
214KB
MD551da1dedb94b050c315b0c2b7fbd29d2
SHA1e78c768e4d0fa5248ac621a20ce3b8a79d86774c
SHA256286a7889d01197a5b6327599e21839fba30260dda7973ec964d694d4ae4ddcfd
SHA512713fb541019217b86321d14ddbe98b6e081a319aab4f00721db6369b2f81c9e5b620e2d0ed503e755fe2c3c3f35de4a3729121818dd1fcc18d633d86c90bad6f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize480B
MD5506e8b0415d85ec33d18b178f4707de1
SHA1fe00de8b42253553d55fe7a4efdba8e7de49aa6c
SHA2564c72aea63c0e587184ef79bbabb9d336c9adad25f79a137ca63d0a92aa9bfa7a
SHA512082c3d145bdf92f41d459b1d898251a5cd023a106c0dd3894ccae95da2e2fead1c63822daf3d60cb241700affa3fcc27ee4e76f519e8a83cf7c56e0918c832e8
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
111B
MD5285252a2f6327d41eab203dc2f402c67
SHA1acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA2565dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA51211ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d
-
Filesize
1KB
MD59b24851bfef79090463fddb64e2b150c
SHA106e3386613596a69a2c0a55da0553c1cbbb4ccc7
SHA256c319936133bd4c1dcbcc4df12be5edea14af31185ff6ad093b0858217e9d9df6
SHA512b289485ef99fe0b5030d2aea91b3e378f9fc81cf0a3c683a138ad47931622391355993c970d9cdd66c0e0421db7df796e2d0f0d5ddb9eccd8074610511872c28
-
Filesize
5KB
MD56c2a7be4ab1650cbd3199b7c594f943b
SHA14e12bad1b8fc7853745a13b7e8b446d5bad4438e
SHA2568bf290c38709beeb85bf467ae52b45bdae0eb9d49d75c05265cc58eb631135b2
SHA512fc5ddb63ae11c102b0d0a6451ca230be3b86e69a6b35b72c73882f63a9408f13433c0103668e9d9d97502bad210d27da04dbee0ec49d4acbd7ad6c93ab285c21
-
Filesize
6KB
MD509837885d35cd8c91fbd6305c9416a78
SHA1714d92ab172585b77a0dc84ddcb6f52f89cd81f7
SHA256236acf2d59cfa7a3376c425b3606c7f5a9e2ee6a53a3171bcfbb6d6bb92024e9
SHA512d6dca145fe37ad956ac5f42cb0a878ba28058ce9040806c98654ea4f5799f1df3c0df6a0d66ce85523a831a1cc919025224aabc6b42c2c251fd19227a0b40b60
-
Filesize
6KB
MD58a78345ba852430e7479241536402114
SHA1f2f55af41fcc46aae7d6928f7cbc55cafc6523b7
SHA256f743caee373a377d3968da5cc083d42855b2304c94a2bfaac97ca8fb91c1d797
SHA51296e4c7feaef1f54042181fdf9a8f009f963c5eccfcd2b383680dd8cb46f56a35141fbe9bd1dffc6f7acb4fcab8418c446537cbacc858f81412eca7c9e33d98ac
-
Filesize
876B
MD58c3c2b3080f610014493c60242b12757
SHA19bd7b5a51f6c41f572ce82c0b80fb705559635cb
SHA25644c07d44d1820cc385fbf750b26288419bac9107901b9a0934491228b1dc618a
SHA5128579ee84a22747141b400c883ca7c5c2e5f19c30fb6e5f23fa2cab0e63952a1afa3c9529b6c1440e7fe71a033f874380c2ab1e845f8b58accca86e5cbccda032
-
Filesize
876B
MD50ae4546131145d1b306f9efb512d8890
SHA15e2cbd716b7fb677da9683d3dab74cf45d24523c
SHA256d518a01db9e27763e62b9796348ef25bd14261df9f35e952bec74a46332cecd5
SHA5127e8c25d980c903c576a13651a91d58be0b0b04e2492a19328704a050bce77d09e706cea787f2270a3dbb3ed1f00f136433de2276fd52111516c156e66e613857
-
Filesize
16B
MD5206702161f94c5cd39fadd03f4014d98
SHA1bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA2561005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA5120af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001
Filesize41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
Filesize
10KB
MD512cb0d442e8db457cd9a8d647e82d031
SHA1036d1ac67de401227f1863b13bd697da20fb5d9d
SHA256efda06ad9a3ec9bebc4a843fa579e64302ec061317d9c2e581670d2dc4e284dc
SHA512ddb2d69dc0c4d5fcb57cfcc934e0ae5030c21182bf888b476bc05d512b72ed66fc141f457b782920010cf0b2099842c63b38a4dc2c1c97b003030b0e486d95e7
-
Filesize
11KB
MD5d0c0196978f860631b77e57a30c795ac
SHA1c5d6342b31c1b61e5813f21e75c261fdb54e2cb4
SHA2563e788fa33fbd29e0ee779048c254d1c322437df2475f6901d0b9cbf2cdc01543
SHA51220d5f99621d4ef721584f3ca72d3acad1951f4a26f51c4b3ca8157ecda2e337cf89afb9dc24b7231d261a5a61cf436defe85510a79e35ab483253327087ba7bc
-
Filesize
241KB
MD5e02979ecd43bcc9061eb2b494ab5af50
SHA13122ac0e751660f646c73b10c4f79685aa65c545
SHA256a66959bec2ef5af730198db9f3b3f7cab0d4ae70ce01bec02bf1d738e6d1ee7a
SHA5121e6f7dcb6a557c9b896412a48dd017c16f7a52fa2b9ab513593c9ecd118e86083979821ca7a3e2f098ee349200c823c759cec6599740dd391cb5f354dc29b372
-
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-464762018-485119342-1613148473-1000\83aa4cc77f591dfc2374580bbd95f6ba_a18f179e-3e6f-4f43-8bbf-9eee996556bc
Filesize45B
MD5c8366ae350e7019aefc9d1e6e6a498c6
SHA15731d8a3e6568a5f2dfbbc87e3db9637df280b61
SHA25611e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238
SHA51233c980d5a638bfc791de291ebf4b6d263b384247ab27f261a54025108f2f85374b579a026e545f81395736dd40fa4696f2163ca17640dd47f1c42bc9971b18cd
-
Filesize
260KB
MD5db1f4f896485b042cee363e2f33d2f55
SHA1b6a25190e6aaea8fcfd53b734b68e3c7065f837e
SHA256d1b67ec03fa5c71df2f2f90263bd69a9626cba5922c9acfb7ca2af73c8db614c
SHA512c898f6d8c34499104da762314ec5bd613dbe24e4d3b0eb86603900ba9d334c8b801132943a4419f3dad4865782953db1bfa4ce9161693b32a2b24c3a3e45fa9d
-
Filesize
1.4MB
MD5acfb5b5fd9ee10bf69497792fd469f85
SHA10e0845217c4907822403912ad6828d8e0b256208
SHA256b308faebfe4ed409de8410e0a632d164b2126b035f6eacff968d3908cafb4d9e
SHA512e52575f58a195ceb3bd16b9740eadf5bc5b1d4d63c0734e8e5fd1d1776aa2d068d2e4c7173b83803f95f72c0a6759ae1c9b65773c734250d4cfcdf47a19f82aa
-
Filesize
2.6MB
MD52f4a99c2758e72ee2b59a73586a2322f
SHA1af38e7c4d0fc73c23ecd785443705bfdee5b90bf
SHA25624d81621f82ac29fcdd9a74116031f5907a2343158e616f4573bbfa2434ae0d5
SHA512b860459a0d3bf7ccb600a03aa1d2ac0358619ee89b2b96ed723541e182b6fdab53aefef7992acb4e03fca67aa47cbe3907b1e6060a60b57ed96c4e00c35c7494
-
Filesize
4.1MB
MD5b33387e15ab150a7bf560abdc73c3bec
SHA166b8075784131f578ef893fd7674273f709b9a4c
SHA2562eae3dea1c3dde6104c49f9601074b6038ff6abcf3be23f4b56f6720a4f6a491
SHA51225cfb0d6ce35d0bcb18527d3aa12c63ecb2d9c1b8b78805d1306e516c13480b79bb0d74730aa93bd1752f9ac2da9fdd51781c48844cea2fd52a06c62852c8279
-
Filesize
772KB
MD5e1aa38a1e78a76a6de73efae136cdb3a
SHA1c463da71871f780b2e2e5dba115d43953b537daf
SHA2562ddda8af6faef8bde46acf43ec546603180bcf8dcb2e5591fff8ac9cd30b5609
SHA512fee16fe9364926ec337e52f551fd62ed81984808a847de2fd68ff29b6c5da0dcc04ef6d8977f0fe675662a7d2ea1065cdcdd2a5259446226a7c7c5516bd7d60d