u1901690.plsk.regruhosting.ru/tarboun/
31.31.198.190200 OK 4.0 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 003da326679c344f93f45c9aa91c48d4
4ae7d8efbea5291aa3d3fa9ed8176809a0eff6ad
72ec77e69e53e8e93d7d028a2df8a9c0e34203eca96759751e7aed0b99d02c16
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /tarboun/ HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.17, PleskLin
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4342
Expires: Tue, 24 Jan 2023 09:54:49 GMT
Date: Tue, 24 Jan 2023 08:42:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11581
Expires: Tue, 24 Jan 2023 11:55:28 GMT
Date: Tue, 24 Jan 2023 08:42:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 08:35:05 GMT
content-type: application/json
age: 442
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21112
Expires: Tue, 24 Jan 2023 14:34:19 GMT
Date: Tue, 24 Jan 2023 08:42:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cdM0GyXnypt6/D8ev7XSneNcwAvggi6pNoO2xl83ErP456vmzj1bWo65BV+fnnvPkLTJpbuCmw0T5wMFWI3qlg==
x-amz-request-id: 4B5RBC8JXJ9MK9Z6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 08:19:12 GMT
age: 1395
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 08:42:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
u1901690.plsk.regruhosting.ru/tarboun/css/style.css
31.31.198.190200 OK 2.6 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/css/style.css
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type assembler source, ASCII text
Hash 68088c914b952e66a6ffa353043d53c8
2af6ec93cb58ca1d06f24382a156316bd349240c
747db045441eba3c2e50a29fa3c8cec7f6fb9fce7a72fa3762b3f03bf893ede1
GET /tarboun/css/style.css HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 22:16:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12d0-3122"
X-Powered-By: PleskLin
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 08:42:27 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2786605
expires: Sun, 14 Jan 2024 08:42:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INgTnInrLm0Pya%2FRCUtCf4HS9HvSbGY2TTKJpOKpssYZpnCoBPAXC4WgGQDQL9oO4SIKU0edcYLDJU2TmzNSP6P3BKg8jiHZWu6jyhwBqmzza5av%2B86R2DW%2B1gCbOgK%2BYucIFQ88"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78e779d2ec09b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1901690.plsk.regruhosting.ru/tarboun/css/login/twitter.css
31.31.198.190200 OK 716 B URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/css/login/twitter.css
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash b3fb62f29a908e3690588ef71c3090c3
3ceb16599736b52ac70bd54b9677210d55099913
f98b5a99fdec07466edb3c158148b0bd6aba19fed6c85b68cd51519d67ccb4cc
GET /tarboun/css/login/twitter.css HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 22:16:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12d1-9f5"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1901690.plsk.regruhosting.ru/tarboun/css/animate.css
31.31.198.190200 OK 4.7 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/css/animate.css
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash fdec17f65030ba990d90758057daa1a5
fef117fca16e4cddc3e732dc93125acd10a12aad
f0107b433d264c1de870a39e76c2b023b788f6647f3b0c474b3832a52ba58fe9
GET /tarboun/css/animate.css HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 22:16:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12cf-13052"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1901690.plsk.regruhosting.ru/tarboun/css/login/facebook.css
31.31.198.190200 OK 840 B URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/css/login/facebook.css
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 582e427dc17eaab22e81f77b2d75d517
8d81fcda53d004459ed51269c9ef373dc3fb9ae2
1020df49af20003fc6ab5ce7854f29db12a6a70aa97b5bffcb0b3830362a0a62
GET /tarboun/css/login/facebook.css HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 22:16:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12d1-eb7"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1901690.plsk.regruhosting.ru/tarboun/js/script.js
31.31.198.190200 OK 1.2 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/js/script.js
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 01b9241088b7f98a85b76606d43d9015
b1428d2696ea945ab527e22b9d6051c6f8faab16
61be856dd707aac92ac626d95aa2e06d236e02111fd58a09f9a384c06c81af1e
Analyzer Verdict Alert fortinet Phishing
GET /tarboun/js/script.js HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 22:17:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12e2-1239"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1901690.plsk.regruhosting.ru/tarboun/js/showHide.js
31.31.198.190200 OK 271 B URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/js/showHide.js
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash 460af155748a40ddb42f497ae4f5633a
9d845ad6da2fb4f976cde44345e090a5c5c5dc44
55e6394b8d75a2fac3b023a95407530b666dc09f0b420c1a2a2ac11af66a5eda
Analyzer Verdict Alert fortinet Phishing
GET /tarboun/js/showHide.js HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 22:17:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12e2-433"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1901690.plsk.regruhosting.ru/tarboun/js/Nizam.js
31.31.198.190200 OK 1.6 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/js/Nizam.js
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (5223)
Hash 62720487dbeb17f8cee764b869c36f87
6bc358575936e3735d2e4f2a2c7f3ac8cf754b0e
530fc64dfbaa956d7ceb2853b9bca20af222c01eb1b57911e98e82740ef35d3a
Analyzer Verdict Alert fortinet Phishing
GET /tarboun/js/Nizam.js HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 22:17:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63cb12e1-147d"
X-Powered-By: PleskLin
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8d21d2558eeb388eb558037eeed4425f
be86ec7afc7ad2689070a8d3b70f8294857fe9b9
6e27735043b51d87079b1880c13e710a8cae766dd85794289bac929e2b4e5627
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6205
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:27 GMT
Last-Modified: Tue, 24 Jan 2023 06:59:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
code.jquery.com/jquery-1.10.2.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 08:42:27 GMT
content-encoding: gzip
content-length: 32788
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-16bb3"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CIPQvp4GEocBCiQ1YmJhZjg4OC1jYTM0LTQwNTctOTE2OS0wOGY1YjBjNmY3YTEQ+OiCoKvU+wIaBgjzs76eBiIMOTEuOTAuNDIuMTU0KPSLAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNjU1YjI1YmEtZDBjZS00OGM1LTg2ODAtY2Y5MWQ3YWUyNTc0GJSAAiIYCAISFGNkczI0My5zazEuaHdjZG4ubmV0.HziyS4JNgbQmMUju9oRyRD30RKRLD6hN+oFUDVgVEaw=
x-hw: 1674549747.dop202.sk1.t,1674549747.cds230.sk1.hn,1674549747.cds243.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 10:05:29 GMT
expires: Fri, 19 Jan 2024 10:05:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 427018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 02:42:37 GMT
expires: Wed, 24 Jan 2024 02:42:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 21590
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/9.jpg
31.31.198.190200 OK 31 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/9.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 663x702, components 3\012- data
Hash 964e267600840379b1d6039a631c3f43
b8d77cea7012b6e7e0b694d5faf19fbeb1ad02c8
7fa6bfc6e686228ffa28d0259137ee544b949311154d1971335444e30ca93492
GET /tarboun/img/rewards/9.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 31141
Last-Modified: Fri, 20 Jan 2023 22:17:04 GMT
Connection: keep-alive
ETag: "63cb12e0-79a5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/4.jpg
31.31.198.190200 OK 36 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/4.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 665x704, components 3\012- data
Hash 1a0eeafe16c36bac530cdfec4d9b3c75
d59d88d27ad95aab516c27ee743ebbe1aedc2fcc
be3ccf03ec4b6507f710edaba88db3632a1c486f9cde711620d0617f393aea22
GET /tarboun/img/rewards/4.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 35742
Last-Modified: Fri, 20 Jan 2023 22:17:00 GMT
Connection: keep-alive
ETag: "63cb12dc-8b9e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/5.jpg
31.31.198.190200 OK 26 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/5.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 426x426, components 3\012- data
Hash 54e9ee6e10b644fd49b711aba9dc795d
1928a2f897b52543fd393a4edc181bffba583a8e
e11c1ca823826ca3bd553fa6e44bec2628ce1f5e56b46224b3b6a20cca02302c
GET /tarboun/img/rewards/5.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 25971
Last-Modified: Fri, 20 Jan 2023 22:17:00 GMT
Connection: keep-alive
ETag: "63cb12dc-6573"
X-Powered-By: PleskLin
Accept-Ranges: bytes
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.3 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 3b35e9a65ac8e01290bf98e77a8900ca
97a6400692e6dae415f06d67ff2aac486c30b348
750ab401892b9483f3dcf7a83641cd697421c027a045eff2ac31f82dadc910d7
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 08:42:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 19996501
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e779d38a75b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/2.jpg
31.31.198.190200 OK 74 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/2.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Hash cb9883da586942b8ba0f14552fc8b602
c60688022b268970f96c22d0485ea6a8e1e6a456
3d56c3da4a5c54255c68349195a4daeb413b5129e9989fa39ee1b98722e9964c
GET /tarboun/img/rewards/2.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 74079
Last-Modified: Fri, 20 Jan 2023 22:16:58 GMT
Connection: keep-alive
ETag: "63cb12da-1215f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1901690.plsk.regruhosting.ru/tarboun/img/popup-close.png
31.31.198.190200 OK 422 B URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/popup-close.png
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash d45afd0750df1473f2835dceb7933be8
25fe98b2ed17c8d857094d1d254fcc2a2f34c363
fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8
GET /tarboun/img/popup-close.png HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/png
Content-Length: 422
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 20 Jan 2023 22:16:56 GMT
ETag: "1a6-5f2b9684ad76f"
Accept-Ranges: bytes
X-Powered-By: PleskLin
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/3.jpg
31.31.198.190200 OK 24 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/3.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 426x426, components 3\012- data
Hash e6f2999343fb376c74a193cdc3824c5c
884d902c6453fb4ee6b7f1dc63cbc5fd2126ae24
5a78cda8e00686ab5b85944c4977f32769a588597b422358b692285f67a65af5
GET /tarboun/img/rewards/3.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 24413
Last-Modified: Fri, 20 Jan 2023 22:16:59 GMT
Connection: keep-alive
ETag: "63cb12db-5f5d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/7.jpg
31.31.198.190200 OK 26 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/7.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash 75977713fd215e74a3bae59119619ca8
21651aa1ac69487abbadb14a1dcdff2994d76d40
2171ac78bc73a4144adad7ec88f69692b63c8017124383cec89a74924effff70
GET /tarboun/img/rewards/7.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 26338
Last-Modified: Fri, 20 Jan 2023 22:17:02 GMT
Connection: keep-alive
ETag: "63cb12de-66e2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/8.jpg
31.31.198.190200 OK 296 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/8.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 296 kB (296469 bytes)
Hash 0c0fc0dce7139c9f12e48f9362387f95
78d16356b1f67b1e95ab551375a82893face020e
f76f40f5507beb6cf669ccbd6d4acd47bc356fb9d0f83571ad92ec044c5b40ae
GET /tarboun/img/rewards/8.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 296469
Last-Modified: Fri, 20 Jan 2023 22:17:03 GMT
Connection: keep-alive
ETag: "63cb12df-48615"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/container.jpg
31.31.198.190200 OK 12 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/container.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x249, components 3\012- data
Hash 531e37667fabfed28e1c50d0f507a682
e270314d8b547798297a6acf66e4e4c46fb2004a
663d3b275d582e6c0bfa5e72585311b9e9504b1c2d2cc0714946d029ebb0cf49
GET /tarboun/img/container.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:28 GMT
Content-Type: image/jpeg
Content-Length: 12109
Last-Modified: Fri, 20 Jan 2023 22:16:51 GMT
Connection: keep-alive
ETag: "63cb12d3-2f4d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/event-notification-content.png
31.31.198.190200 OK 14 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/event-notification-content.png
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 700 x 117, 8-bit colormap, non-interlaced\012- data
Hash 1af66614da195185d503b3d671bd79bd
c716243f03562ac39aecd69f8f7c293e7bc41d62
f297092f262db7f75cd80b23074a773b8990d9159c555f6f4ee9dd3976fc3f65
GET /tarboun/img/event-notification-content.png HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:28 GMT
Content-Type: image/png
Content-Length: 14173
Last-Modified: Fri, 20 Jan 2023 22:16:51 GMT
Connection: keep-alive
ETag: "63cb12d3-375d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/6.jpg
31.31.198.190200 OK 116 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/6.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (115621 bytes)
Hash 395765a5f7711369e20b5686aec125ed
ed0ab3f00cbee69e7f87bb718c8599ed23c1a98c
ea147ace3b1f8402765a738f07b7519486fe67888ab97427835f15d7195eb0d3
GET /tarboun/img/rewards/6.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 115621
Last-Modified: Fri, 20 Jan 2023 22:17:01 GMT
Connection: keep-alive
ETag: "63cb12dd-1c3a5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/rewards/1.jpg
31.31.198.190200 OK 36 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/rewards/1.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 665x704, components 3\012- data
Hash 1a0eeafe16c36bac530cdfec4d9b3c75
d59d88d27ad95aab516c27ee743ebbe1aedc2fcc
be3ccf03ec4b6507f710edaba88db3632a1c486f9cde711620d0617f393aea22
GET /tarboun/img/rewards/1.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:28 GMT
Content-Type: image/jpeg
Content-Length: 35742
Last-Modified: Fri, 20 Jan 2023 22:16:57 GMT
Connection: keep-alive
ETag: "63cb12d9-8b9e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/header.jpg
31.31.198.190200 OK 198 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/header.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PicsArt], baseline, precision 8, 1284x1014, components 3\012- data
Size 198 kB (197978 bytes)
Hash fdee95f08523b89c099d163c63a37a7f
5c61df279f3fb137598825a7e328c75c2046402f
b092e09404277f990a928a385903553aac6949232080f5d7dd7cf6726b6fbb02
GET /tarboun/img/header.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:27 GMT
Content-Type: image/jpeg
Content-Length: 197978
Last-Modified: Fri, 20 Jan 2023 22:16:53 GMT
Connection: keep-alive
ETag: "63cb12d5-3055a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1901690.plsk.regruhosting.ru/tarboun/img/btn_item.jpg
31.31.198.190200 OK 1.8 kB URL HTTP/1.1 u1901690.plsk.regruhosting.ru/tarboun/img/btn_item.jpg
IP 31.31.198.190:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 203 x 66, 4-bit colormap, non-interlaced\012- data
Hash 10dda51951925c543cba06644184d0d0
afc4a0d90d43680258a42b709213ff8b9a68dc98
efab4a3f3cc37bbbd25a9adede1c3f08f8ad9d37d418c1a18f946737adf397bd
GET /tarboun/img/btn_item.jpg HTTP/1.1
Host: u1901690.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/tarboun/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 08:42:28 GMT
Content-Type: image/jpeg
Content-Length: 1776
Last-Modified: Fri, 20 Jan 2023 22:16:50 GMT
Connection: keep-alive
ETag: "63cb12d2-6f0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://u1901690.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 10:04:54 GMT
expires: Thu, 18 Jan 2024 10:04:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
age: 513454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.battlegroundsmobileindia.com/common/img/btn/sns_i_w.png
23.36.77.51200 OK 2.6 kB URL HTTP/2 www.battlegroundsmobileindia.com/common/img/btn/sns_i_w.png
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash d4e9b873d6494773a9f585a1cfafc26f
0d3b37b5345415a2e9c8572041fb7906a67c2f8a
7167f2fd7e13d728e91d8ba6ed8e7b1fcd714087c59910463e11e2b08cfdfa54
GET /common/img/btn/sns_i_w.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2638
last-modified: Fri, 14 May 2021 10:49:24 GMT
etag: "a4e-5c247ff39d500"
accept-ranges: bytes
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
www.battlegroundsmobileindia.com/common/img/btn/sns_f_w.png
23.36.77.51200 OK 2.4 kB URL HTTP/2 www.battlegroundsmobileindia.com/common/img/btn/sns_f_w.png
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 57b33ef147508d9a59ce3b90d6cc10c3
c402619796c175d8d1f77f39082c51583e365df3
347be294958042503fc06f16c339c6eb9e9341fc8b4ee7ccb535abb8cd9f372b
GET /common/img/btn/sns_f_w.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2369
last-modified: Fri, 14 May 2021 10:49:24 GMT
etag: "941-5c247ff39d500"
accept-ranges: bytes
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
www.battlegroundsmobileindia.com/common/img/btn/sns_y_w.png
23.36.77.51200 OK 2.4 kB URL HTTP/2 www.battlegroundsmobileindia.com/common/img/btn/sns_y_w.png
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 888954c471597ea2fdcca77103f505b1
c16d8786c8232f657583507a1257b5d2be978c58
f8fd1f87d08b5e87f6b12577883a00bc6340d84cbd3b8b837b4f6472d2dc27cc
GET /common/img/btn/sns_y_w.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2369
last-modified: Fri, 14 May 2021 10:49:25 GMT
etag: "941-5c247ff491740"
accept-ranges: bytes
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
www.battlegroundsmobileindia.com/common/img/icon/icon_shop_50.png
23.36.77.51200 OK 1.4 kB URL HTTP/2 www.battlegroundsmobileindia.com/common/img/icon/icon_shop_50.png
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
File type PNG image data, 50 x 50, 8-bit/color RGBA, interlaced\012- data
Hash a48f175e92215f456d59c0cbfdd7ced9
631e7dced44f909d6182fea873e51e167307a07c
8c9556f9a57cf08d7a116f85e1685d0e348a90de18769cc29c999ef0c2ff52ac
GET /common/img/icon/icon_shop_50.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1429
last-modified: Fri, 17 Sep 2021 01:57:06 GMT
etag: "595-5cc273f9c339d"
accept-ranges: bytes
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13196, version 1.0\012- data
Hash 5b9fce771bd530ab9767e2b5aebd28c1
28ee5935b59df8b2d6876707e1f0f0e6768d2d31
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
GET /s/teko/v15/LYjCdG7kmE0gdVBesCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://u1901690.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 06:00:55 GMT
expires: Sun, 21 Jan 2024 06:00:55 GMT
cache-control: public, max-age=31536000
age: 268893
last-modified: Wed, 27 Apr 2022 16:17:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/66bK3tfJ/Amod.png
162.19.88.68200 OK 86 kB URL HTTP/2 i.postimg.cc/66bK3tfJ/Amod.png
IP 162.19.88.68:0
File type PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash c984d71cd905f49da568e4065129d87e
659edc07148f7197cdf025bd0ed9ac1d296f9131
c428adc61eebb6d5fb1fab43436b08fc12d7c63419f435395e436babd0adf789
GET /66bK3tfJ/Amod.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 08:42:28 GMT
content-type: image/png
content-length: 86253
last-modified: Wed, 17 Aug 2022 14:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pubgmobile.com//images/event/common/newfoot_logo1.png
23.36.76.171200 OK 20 kB URL HTTP/2 www.pubgmobile.com//images/event/common/newfoot_logo1.png
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1956 x 326, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a90c7ac3502326a361bcf347ff868ee
e50737b1738a52402103e9e39c7b30692a9fd952
bf77b9df478001616e486b91e898edf93ba314fba4c41921f398a155c6d6bee4
GET //images/event/common/newfoot_logo1.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 19610
last-modified: Wed, 07 Sep 2022 07:21:45 GMT
etag: "63184689-4c9a"
accept-ranges: bytes
cache-control: max-age=1
expires: Tue, 24 Jan 2023 08:42:29 GMT
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/images/event/common/newfoot_logo3.png
23.36.76.171200 OK 46 kB URL HTTP/2 www.pubgmobile.com/images/event/common/newfoot_logo3.png
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1415 x 419, 8-bit/color RGBA, non-interlaced\012- data
Hash 565304ae6a80e2dd06c1c1d92f723df7
e525164546fb64728f1c8d0773549895de0b4d9b
cd6e992308d7909d3815feb350c8f6dca0b2f1a2d5d94a6f8fd2b68aeb2ebd24
GET /images/event/common/newfoot_logo3.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 46249
last-modified: Wed, 07 Sep 2022 07:21:46 GMT
etag: "6318468a-b4a9"
accept-ranges: bytes
cache-control: max-age=9
expires: Tue, 24 Jan 2023 08:42:37 GMT
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/images/event/common/nav_logo.svg
23.36.76.171200 OK 130 kB URL HTTP/2 www.pubgmobile.com/images/event/common/nav_logo.svg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129759 bytes)
Hash 30b0f3ced63d0ae1e9c221fa358cc8c7
424cdec6620c51fab21a7fcea111e90dbf1dce3d
2efbfe6c3fb89659ef7895efca11b1e99b9db6038dbd2570567e8f211b92c65e
GET /images/event/common/nav_logo.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 06:45:15 GMT
etag: "635a28fb-61052"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 129759
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 07:48:59 GMT
age: 3209
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 782bd51ec042b4f62d50467a4ca5139f
98811c0626b472078427d96a6a71e0e2fd3578e6
4b9b6b254cac237a40c6a497948ecd44f1c6ae27b3b37aef7a6685202f36f0eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B9B6B254CAC237A40C6A497948ECD44F1C6AE27B3B37AEF7A6685202F36F0EB"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 24 Jan 2023 14:42:28 GMT
Date: Tue, 24 Jan 2023 08:42:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 99c7f36a1fcbd7e7645f17340e217ba2
1ea5c4b1f5e861f01f54583805006a6d6dbaf122
f64943dca81faf70d09003038998b5caf7738c7c386c1c549fa00f38174024d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F64943DCA81FAF70D09003038998B5CAF7738C7C386C1C549FA00F38174024D4"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Tue, 24 Jan 2023 14:41:36 GMT
Date: Tue, 24 Jan 2023 08:42:28 GMT
Connection: keep-alive
i.ibb.co/Wg8qQxh/facebook-text.png
162.19.58.159200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 162.19.58.159:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 08:42:27 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/V9rgBqw/twitter-text.png
162.19.58.159200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 162.19.58.159:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 08:42:27 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/jwMxWFh/menu.png
162.19.58.159200 OK 3.9 kB URL HTTP/2 i.ibb.co/jwMxWFh/menu.png
IP 162.19.58.159:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 7777bd0a549e245607ebc0cad73cb093
8d68e31d4704d127426209330de4e8ecf8e5d7b2
8cb72ee9fa30b299783be0d40f5e708db873984c27c2824d066af6c7bacfa738
GET /jwMxWFh/menu.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 08:42:28 GMT
content-type: image/png
content-length: 3906
last-modified: Mon, 04 Jul 2022 04:38:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 24 Jan 2023 08:42:28 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 25 Jan 2023 08:19:08 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 24 Jan 2023 10:42:28 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.171200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=287
expires: Tue, 24 Jan 2023 08:47:15 GMT
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 24 Jan 2023 08:42:28 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 25 Jan 2023 08:19:08 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 24 Jan 2023 10:42:28 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2255
Cache-Control: max-age=90115
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 08:42:28 GMT
Etag: "63ce4e28-1d7"
Expires: Wed, 25 Jan 2023 09:44:23 GMT
Last-Modified: Mon, 23 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.battlegroundsmobileindia.com/common/img/main/app.png
23.36.77.51200 OK 30 kB URL HTTP/2 www.battlegroundsmobileindia.com/common/img/main/app.png
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
File type PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ae43b6c707f6c559b4b19ba64ba6f4e
8a67a6bbe6d443180fb3a0d88355cef490ec85b1
e85ade5d6786ebf81122a53e42d731a33edf5368d8b18e8dc397c0fbf06b9268
GET /common/img/main/app.png HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 30182
last-modified: Mon, 17 May 2021 08:48:00 GMT
etag: "75e6-5c282a696f000"
accept-ranges: bytes
date: Tue, 24 Jan 2023 08:42:28 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.197.133101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.197.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rkE9peoDlS292lcF9K+YWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kjc8VZ93P4dawBs75v6y2e1kygg=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12454
Expires: Tue, 24 Jan 2023 12:10:03 GMT
Date: Tue, 24 Jan 2023 08:42:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12454
Expires: Tue, 24 Jan 2023 12:10:03 GMT
Date: Tue, 24 Jan 2023 08:42:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12454
Expires: Tue, 24 Jan 2023 12:10:03 GMT
Date: Tue, 24 Jan 2023 08:42:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12454
Expires: Tue, 24 Jan 2023 12:10:03 GMT
Date: Tue, 24 Jan 2023 08:42:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:59:05 GMT
age: 38604
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:36:21 GMT
age: 14768
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb690b8f5503bf4bcf424e58ddb6b8c
eb96120190e3a5c286ac5ec51ee8b163540377fd
c762b17d3e43d773966490d1186ebc352a78d47781c77a4f048e32fee9732b7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: 3f4482cf-98a5-420e-abe7-17fd2d214da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxIF3aIAMFWoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6d-0c1838dc7b4ab4650d54ee56;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RI2PzIKXk_H09T20cGoqTCC1WdRp3S5N6TOBX_lIcEk8wYaCIfCPJw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 38065
etag: "eb96120190e3a5c286ac5ec51ee8b163540377fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dc5df8f-c8d7-421e-9680-93a71ea7fda1.webp
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dc5df8f-c8d7-421e-9680-93a71ea7fda1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4921f814afc918b8f3d9923401a79b3
869ed812add4031aa4ef5334be86adc8d2bfef0a
aab1dc97717a519d593a0ec203f144a25cf3205f35a98e27af7fbae137fb4fdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dc5df8f-c8d7-421e-9680-93a71ea7fda1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7530
x-amzn-requestid: 0502461c-f5bf-40b9-b8cc-9288b9ed064e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNz4SEapoAMFmkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf0034-2b7bad604dbee1bf32c7d402;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:46:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EYSzvqd0HaWv468J26jaFiWbeKNLx1-CiBKu87cVbgXeVOn0blhShg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:19:21 GMT
age: 37388
etag: "869ed812add4031aa4ef5334be86adc8d2bfef0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874475eb-9740-41dc-8fad-94561f78702c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874475eb-9740-41dc-8fad-94561f78702c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1097271d834ab63d9ac18ae798d5fe6
21a451f3ea7cce0630a0cd3277d98a8751deeb18
3b86a231e6dbef2af349c2039f4da669f207c02ae91300b9cd078daa4981bfb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F874475eb-9740-41dc-8fad-94561f78702c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8333
x-amzn-requestid: 7198b53d-2bb1-4b4e-a26e-3412f9a07ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFTHuRoAMFR5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefeee-13bab7f47f403afb790c48c6;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TlSKKwkaSHX0V8XqdClwRxX_-U8QVSdmiYQSvHIfmS1G5cC-Ty5tSQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:19:21 GMT
age: 37388
etag: "21a451f3ea7cce0630a0cd3277d98a8751deeb18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22e89ac2-c17b-48fc-854a-20b3464821b0.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22e89ac2-c17b-48fc-854a-20b3464821b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff16db4df786db9d342f85c9f2c22150
aa5f8f439f86983a1abeb2d00f8186f6119989f2
c2c4bdbbbb56277f9929d21df9d3d8065112cd0e10e3086e58ad4e82cd872c8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22e89ac2-c17b-48fc-854a-20b3464821b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9498
x-amzn-requestid: d2eba35c-9dde-4cd1-b591-c7903e25d511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFTGHbIAMFtPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefeee-2734aa4e2e32ad311984ec3b;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Xdm-3NhMlUf49o1YTuIF5ozyzizgnUOWjbd9PWEqVw0IuHRuaJWc8g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:18:27 GMT
age: 37442
etag: "aa5f8f439f86983a1abeb2d00f8186f6119989f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901690.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 08:42:27 GMT
date: Tue, 24 Jan 2023 08:42:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2