r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12478
Expires: Mon, 23 Jan 2023 11:32:38 GMT
Date: Mon, 23 Jan 2023 08:04:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4501
Expires: Mon, 23 Jan 2023 09:19:41 GMT
Date: Mon, 23 Jan 2023 08:04:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 07:42:36 GMT
content-type: application/json
age: 1324
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13348
Expires: Mon, 23 Jan 2023 11:47:08 GMT
Date: Mon, 23 Jan 2023 08:04:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q3IBi9Djgvqk7lx+dkSq2HcNtcMAPpzM+fDavU4Hz9643jEsTBm3EYTUYMbkB7Mvrk5kFC4KjSs=
x-amz-request-id: 9BTN0RCFCG1739NC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 07:47:38 GMT
age: 1022
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16ea99d5e9695a5407899bf8621dfd77
f6171bca8733399d91523f55de8e30f503635daf
2daab0ac9906080f25f591cf10f240120c4f27c610105f1d3c6cf38dcf23b861
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DAAB0AC9906080F25F591CF10F240120C4F27C610105F1D3C6CF38DCF23B861"
Last-Modified: Sat, 21 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 14:04:40 GMT
Date: Mon, 23 Jan 2023 08:04:40 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m
31.31.198.210301 Moved Permanently 268 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3d0b171dd8b356b382da5d5f721c0cd6
638ca9ce93ac1d1e95f958426eb2b11153dba352
bc3e76c2c88b199ddb9041f99a61aede2d18b9ef25b3eec20464f8d1a38b26fd
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /yso/PUBG/1498814558/m HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/html; charset=iso-8859-1
content-length: 268
location: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2697938
expires: Sat, 13 Jan 2024 08:04:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4fUIEarMUQCRR%2F5r8YRuHyX1qJxhjmy%2FvTP%2BahzWg3ZVb0WMBeC8w%2BbFNwvH0o1rhCrFAvZqb8hOpJAgQMFXhCbqZrUHLextRFSFjj7kLLVpylOgj3ZKiMT0j1TVJpcuGeO%2FfzQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78df051b5f3f1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/header.jpg
31.31.198.210200 OK 36 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/header.jpg
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x394, components 3\012- data
Hash e0a5e09c1a4c448cfaeece6f2f59518d
ee494bb7fe6e1779b8d20eb70f2d243bb8aed38f
fef50677d2ec8ec598052d210cdb6e40a1184965ca7c379ccb7da9f13187ddf7
GET /yso/PUBG/1498814558/m/img/header.jpg HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/jpeg
content-length: 36393
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-8e29"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 08:04:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 08:04:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/index_files/css
31.31.198.210200 OK 14 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/index_files/css
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 50d44acfe1282e5088948294ae258430
2154eed87cdb48954cb89e2b566bc03d400f747d
235df9714c1ff46983b2f19fa09c2b2e54e1282aa3afe8bb047ecbc0ced532fb
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/index_files/css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/plain
last-modified: Mon, 05 Sep 2022 13:03:52 GMT
vary: Accept-Encoding
etag: W/"6315f3b8-f33c"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/3.png
31.31.198.210200 OK 47 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/3.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 9385fac5777cc426942bbcf93955b1c7
399a43083150bdaa583bade22ead426883a9abd3
e4deef8dd005291e6593e7adda03c5b9b86ed5527f934017f0efe7c4f796093c
GET /yso/PUBG/1498814558/m/img/reward/3.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 47344
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-b8f0"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/1.png
31.31.198.210200 OK 30 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/1.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 7ad7441aef48f13e2059137ef3fa4c44
274649a72cbfdc64d23a1ec9912e5d855e58e9cb
40251bc4da33115bb6462db9150023c019320cd34edf858b2e4e5c51e4b84d88
GET /yso/PUBG/1498814558/m/img/reward/1.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 30392
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-76b8"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/draw.png
31.31.198.210200 OK 12 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/draw.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 175 x 175, 8-bit colormap, non-interlaced\012- data
Hash 919c4e0ff6db8cc4f53b6d6df8f53dee
3c36d15638c7cce4ce63ede2bf92eb95b66cdd01
4ae3214db4822cc504f8a0352bbe39c312c7976a449f06cd157957293613bb75
GET /yso/PUBG/1498814558/m/img/draw.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 11821
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-2e2d"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/2.png
31.31.198.210200 OK 24 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/2.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 5275161623e8c11a72fcbe8a60f75a67
1ef544a6febb9ebe8cca2ab026231ef84fdf2721
9c81a8a5cf3c482d0a3415388541899078bb80d26a4b0fe247c3d197cd216573
GET /yso/PUBG/1498814558/m/img/reward/2.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 24354
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-5f22"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/4.png
31.31.198.210200 OK 17 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/4.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 72615c2c7ecb6c5f4a3594989977942a
ab838b0534be5e1ea1cecfb5320d4bc42010a2fc
2f4ffd63fd3649017bd1081dd82778e330d623902bb7be8e0fd48330c8728a1e
GET /yso/PUBG/1498814558/m/img/reward/4.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 17186
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-4322"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/5.png
31.31.198.210200 OK 21 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/5.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash cbdef001337a48019cb7d6ce9aea73bd
630feb8c5d29f874f548a016bb2ce1427873e85b
4844af8f068a404c347f939edad8d4f1ee626d9fbbf00712b994be0cf0c1820c
GET /yso/PUBG/1498814558/m/img/reward/5.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 20969
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-51e9"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/6.png
31.31.198.210200 OK 38 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/reward/6.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash e6fd021c2f69bfbe72ec941b6213c8d0
ccbf9e796e64c60e1927f83261e8d4f3468d31cf
953720aca5b3539ad9b941f112123062322eb990a6e800edec19d88546568e80
GET /yso/PUBG/1498814558/m/img/reward/6.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: image/png
content-length: 38002
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-9472"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/script.js
31.31.198.210200 OK 2.4 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/script.js
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash e62ad88e32dbced50d6bc4f8bd1381ab
1ce24401deff6a78c13eb8e755e1f01c3b3ede5f
224cbdf2b1f65afe01c6b189978fd1a72830ed5cf9bb3ca70fad0f920547112f
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/js-zone/script.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 16:27:00 GMT
vary: Accept-Encoding
etag: W/"631a17d4-1af8"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/animate.css
31.31.198.210200 OK 5.1 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/animate.css
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 1b238dde50c0bfe07edf3f75e426edd8
0edfc522e62d25658f472adc53a6d2a9caabc216
ab3acf579d73a4d22e8d056de295077d60c81e968f0a384acb3c16e332fe1b47
GET /yso/PUBG/1498814558/m/css-zone/animate.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 13:03:08 GMT
vary: Accept-Encoding
etag: W/"6315f38c-13052"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
i.ibb.co/Wg8qQxh/facebook-text.png
162.19.58.158200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 162.19.58.158:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/bdB94RGs/footer-socmed-3.png
162.19.88.69200 OK 8.0 kB URL HTTP/2 i.postimg.cc/bdB94RGs/footer-socmed-3.png
IP 162.19.88.69:0
File type PNG image data, 180 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash e9c30eff69db680e38d3e93aea870280
7958cc94ac08dde6f5ff38d4d220c376a66a697a
96e9a2cfe21342fb25fc23d598a500f1102b94f79478a8834df013bf95bc7007
GET /bdB94RGs/footer-socmed-3.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 8004
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/V9rgBqw/twitter-text.png
162.19.58.158200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 162.19.58.158:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 07:17:30 GMT
age: 2831
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
i.postimg.cc/Sxyy8Kzz/footer-socmed-6.png
162.19.88.69200 OK 4.3 kB URL HTTP/2 i.postimg.cc/Sxyy8Kzz/footer-socmed-6.png
IP 162.19.88.69:0
File type PNG image data, 184 x 140, 8-bit/color RGBA, non-interlaced\012- data
Hash 27eb10858d473bfd39cca3251fe35a26
f472c341ec3696a0c7bb85799495995ff72f941f
e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e
GET /Sxyy8Kzz/footer-socmed-6.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 4316
last-modified: Wed, 13 Apr 2022 13:57:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/YvcfCqz7/footer-socmed-4.png
162.19.88.69200 OK 15 kB URL HTTP/2 i.postimg.cc/YvcfCqz7/footer-socmed-4.png
IP 162.19.88.69:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 396ddda13117ca63c10d66afc75b045f
a3e197f3f99566f72693c8ccbe722a2430dfe1dc
db2e36d4d529976cb7f6f07619bdb7c8918e9f35a705b7db99074c427b4f705e
GET /YvcfCqz7/footer-socmed-4.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 14747
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Thwcks3z/footer-socmed-2.png
162.19.88.69200 OK 12 kB URL HTTP/2 i.postimg.cc/Thwcks3z/footer-socmed-2.png
IP 162.19.88.69:0
File type PNG image data, 180 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d76c6316716e7672112fa057d0da131
4a9f7f2d17431734575380c07d92564957f02c46
62dec982412037eb2b025b01c2438385b53354c2a6089ef9102529ddcb37d630
GET /Thwcks3z/footer-socmed-2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 11789
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/pV8Q4L9L/footer-img.png
162.19.88.69200 OK 14 kB URL HTTP/2 i.postimg.cc/pV8Q4L9L/footer-img.png
IP 162.19.88.69:0
File type PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash d8e7ade119fece88de74909f9625a4f4
fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4
GET /pV8Q4L9L/footer-img.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 14457
last-modified: Sun, 26 Dec 2021 01:40:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/SxQ04Qn4/navbar-logo.png
162.19.88.69200 OK 159 kB URL HTTP/2 i.postimg.cc/SxQ04Qn4/navbar-logo.png
IP 162.19.88.69:0
File type PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 159 kB (158577 bytes)
Hash 386d5af4a1126e03333b3a043f9efa73
3a71b66fbd920ea27595e9c958336da8b3d05606
8b877d99b1124d17bb2e21c71cc8838f80c9c0945e1c140714588e73d50c3473
GET /SxQ04Qn4/navbar-logo.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 158577
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/MHdrrT91/selows.png
162.19.88.69200 OK 88 kB URL HTTP/2 i.postimg.cc/MHdrrT91/selows.png
IP 162.19.88.69:0
File type PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 6774f33254c7f07a7763bd503b7c918c
9e212fcefaece30889f0aad36e0ead3a41ceb4fe
e072b60dd0fb713c703bf0496b6bc130c8c9653a44746cffb2cf854c090334b4
GET /MHdrrT91/selows.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 88464
last-modified: Sat, 20 Aug 2022 20:15:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/jnLQLD1x/footer-socmed-1.png
162.19.88.69200 OK 7.0 kB URL HTTP/2 i.postimg.cc/jnLQLD1x/footer-socmed-1.png
IP 162.19.88.69:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash cc467f5a6a7ec0c41a34f4400bfa8473
025aa3fbceba7087d07e152b822820a77fca7d37
72271585bdd425610dd93695a3150c3820ab3a26fb389cafe8ccc67ed8b8690e
GET /jnLQLD1x/footer-socmed-1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 6953
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/w7RQzsJF/footer-socmed-5.png
162.19.88.69200 OK 9.8 kB URL HTTP/2 i.postimg.cc/w7RQzsJF/footer-socmed-5.png
IP 162.19.88.69:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 010d177128984148483764afcbe38b8a
a46bdb7a79807f57863ac5bdf51b769d1e8e97f0
22413a2dd1f4a4d55c29a714d5e81341264eda2dde1113562c48682de1770d91
GET /w7RQzsJF/footer-socmed-5.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 9840
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_menu.svg
23.36.76.171200 OK 426 B URL HTTP/2 www.pubgmobile.com/en/images/nav_menu.svg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Hash 76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 08:04:41 GMT
content-length: 426
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.171200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 08:04:41 GMT
content-length: 675
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.171200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 08:04:41 GMT
content-length: 485
X-Firefox-Spdy: h2
i.postimg.cc/1tGbpgvj/20220817-215258.png
162.19.88.69200 OK 671 kB URL HTTP/2 i.postimg.cc/1tGbpgvj/20220817-215258.png
IP 162.19.88.69:0
File type PNG image data, 1280 x 471, 8-bit/color RGBA, non-interlaced\012- data
Size 671 kB (670727 bytes)
Hash 0bb82873b3a3250469aa294d1ac0b210
fc806cfcde5a319779692105481322b7a09fb343
52561945862e047415d62f6a792a16bcf6aa4c6e73402c2d8848d52b29d0216a
GET /1tGbpgvj/20220817-215258.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 670727
last-modified: Sat, 20 Aug 2022 23:56:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.171200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 08:04:41 GMT
content-length: 526
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.171200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=229
expires: Mon, 23 Jan 2023 08:08:30 GMT
date: Mon, 23 Jan 2023 08:04:41 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5984
Cache-Control: max-age=96110
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 08:04:41 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:46:31 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/subheader1.png
31.31.198.210200 OK 30 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/subheader1.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x196, components 3\012- data
Hash e3e3e6f40c587ad5b83b418fe4857015
bb3fdf245dd08e7d41f1458464ef65ad0c261d48
2f4fb0dfc3837c741569e73754acd23bcda47a97151d9b221296443a1d122197
GET /yso/PUBG/1498814558/m/img/subheader1.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 29861
last-modified: Wed, 24 Aug 2022 02:06:56 GMT
etag: "630587c0-74a5"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/container.jpg
31.31.198.210200 OK 4.6 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/container.jpg
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x120, components 3\012- data
Hash c9d19f08b9089678430dbcf7519e5cfe
d1c9c2da4f96b30363f280201843bec6aea5fa27
2793808a4f68d25c13accb4acb901d612e24d900505ab8777eb86233198b1a49
GET /yso/PUBG/1498814558/m/img/container.jpg HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/jpeg
content-length: 4592
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-11f0"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/item.png
31.31.198.210200 OK 695 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/item.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 70 x 21, 8-bit colormap, non-interlaced\012- data
Hash 57c2952df5b6fadb3a2e2f82d47653df
d4c2178af2da3352277ef2141ff3ec7d31064673
dac887afad07a72ca2aaca7fc42c9cfdbd15bb1ae34f8704dbfd2b98d24bca73
GET /yso/PUBG/1498814558/m/img/item.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/zero-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 695
x-accel-version: 0.01
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "2b7-5e6ed338bf080"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/alert.jpg
31.31.198.210200 OK 49 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/alert.jpg
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 700 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 16df8d3dfc1906bc1b860e9fe11cafe9
dc4df610730bba5dcfeecf452f3b32e2c5d4a3c5
e730c83b58b6028c93450ff2ecfed447599921a385cf6a723809a451a7cf363e
GET /yso/PUBG/1498814558/m/img/alert.jpg HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/jpeg
content-length: 49104
last-modified: Sat, 20 Aug 2022 11:25:10 GMT
etag: "6300c496-bfd0"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/bg.png
31.31.198.210200 OK 7.8 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/img/bg.png
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 94 x 203, 8-bit colormap, non-interlaced\012- data
Hash 54fc46035d9a95ae9113cc3206e0183d
0bfaac9da0818d760a2080849192cb5606ed7874
8f0c3e8fe2098796541c912183f2bc4e2f717f92ccd881f5d361b245f722f6c7
GET /yso/PUBG/1498814558/m/img/bg.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: image/png
content-length: 7764
last-modified: Tue, 23 Aug 2022 19:02:10 GMT
etag: "63052432-1e54"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/footer_link_bg.png
23.36.76.171200 OK 1.6 kB URL HTTP/2 www.pubgmobile.com/en/images/footer_link_bg.png
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 92ae645b6114492e8c1c5464d949466a
1d27f2644c0f5e899e9478c78136a9bc94131150
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=221
expires: Mon, 23 Jan 2023 08:08:22 GMT
date: Mon, 23 Jan 2023 08:04:41 GMT
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/style-zone.css
31.31.198.210200 OK 17 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/style-zone.css
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash b90f2d528b749a98ee7768d18de001b9
0b81f0504243fda43a408f454bfd3fc19df10459
5ee063269b7b7f5a6992e9c5e750e247c9eb0f0021cd49c535e8b04990abd9ef
GET /yso/PUBG/1498814558/m/css-zone/style-zone.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 13:03:14 GMT
vary: Accept-Encoding
etag: W/"6315f392-66b3"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 08:04:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://u1901036.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 21:07:45 GMT
expires: Mon, 22 Jan 2024 21:07:45 GMT
cache-control: public, max-age=31536000
age: 39416
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 08:04:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/fonts/pubg.woff2
31.31.198.210200 OK 8.2 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/fonts/pubg.woff2
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type TrueType Font data, 11 tables, 1st "OS/2", 32 names, Macintosh, Copyright 2014, 2015 Adobe Systems Incorporated (http://www.adobe.com/).pubg-headline-boldRegul\012- data
Hash 46c47ed3c526deb2920d3e0568166bcd
c807bd8c7803733f7fa76134ef1e8102c72e8430
cb43ac49eedab33f20aaf47304230a47a4f0da8e26e76dde2710f37a5aed0978
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/fonts/pubg.woff2 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: font/woff2
content-length: 8156
last-modified: Mon, 05 Sep 2022 13:03:22 GMT
etag: "6315f39a-1fdc"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 63a2ab01ef233d3d3c78d6415268c33a
bab4171d3068b0ea19fa1e3923a97ffc87a1f2e4
47d80f8d235b635c144b50974d8067c7f546da3c8a472199a0dd7df6e7c05be1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47D80F8D235B635C144B50974D8067C7F546DA3C8A472199A0DD7DF6E7C05BE1"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8548
Expires: Mon, 23 Jan 2023 10:27:09 GMT
Date: Mon, 23 Jan 2023 08:04:41 GMT
Connection: keep-alive
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 24 Jan 2023 07:41:21 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Mon, 23 Jan 2023 10:04:41 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/slider.js
31.31.198.210200 OK 292 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/slider.js
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash ef673688e8686b8c37b232d9ca5d4b2d
6a9328ac97d22e62e3d56265dd571df171698c63
41aa53868b372fe61303251d067bd3cfe86957a66b0ddfaa75a0ebe4e5946886
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/js-zone/slider.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 13:02:58 GMT
etag: W/"24c-5e7edb2e26480"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 24 Jan 2023 07:41:21 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Mon, 23 Jan 2023 10:04:41 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/showHide.js
31.31.198.210200 OK 18 kB URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/showHide.js
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 58dcc219d041c43b3b7d3daa6ff3c945
c8284262d3fae3bb532fd1f45b223fe86440b53f
dcde925dee71dff2f24507017f9f93d20ad3059180699962bf06fea193bccd50
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/js-zone/showHide.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 13:02:56 GMT
vary: Accept-Encoding
etag: W/"6315f380-433"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 24 Jan 2023 07:41:21 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Mon, 23 Jan 2023 10:04:41 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.171200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.171:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=253
expires: Mon, 23 Jan 2023 08:08:54 GMT
date: Mon, 23 Jan 2023 08:04:41 GMT
X-Firefox-Spdy: h2
g.top4top.io/m_2246xtcs10.mp3
163.172.24.234206 Partial Content 133 kB URL HTTP/2 g.top4top.io/m_2246xtcs10.mp3
IP 163.172.24.234:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Size 133 kB (132739 bytes)
Hash 5e6ad4032df296732508803deb114b90
99d585eab4db1d9d5555b5ea4aae2542c5c635e5
9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed
Analyzer Verdict Alert fortinet Malware
GET /m_2246xtcs10.mp3 HTTP/1.1
Host: g.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: audio/mpeg
content-length: 132739
set-cookie: klj_40d147_downloads=qnriu; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 24 Jan 2023 07:41:21 GMT
last-modified: Thu, 24 Feb 2022 14:21:08 GMT
content-disposition: inline; filename="nizam.mp3"
etag: "62179454-20683"
expires: Mon, 23 Jan 2023 10:04:41 GMT
cache-control: max-age=7200
x-file-id: x44778774x
content-range: bytes 0-132738/132739
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3854
Expires: Mon, 23 Jan 2023 09:08:56 GMT
Date: Mon, 23 Jan 2023 08:04:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3854
Expires: Mon, 23 Jan 2023 09:08:56 GMT
Date: Mon, 23 Jan 2023 08:04:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3854
Expires: Mon, 23 Jan 2023 09:08:56 GMT
Date: Mon, 23 Jan 2023 08:04:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3854
Expires: Mon, 23 Jan 2023 09:08:56 GMT
Date: Mon, 23 Jan 2023 08:04:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3854
Expires: Mon, 23 Jan 2023 09:08:56 GMT
Date: Mon, 23 Jan 2023 08:04:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hQjtfheswJHTaBL6yZ9UoowbsfqvbNqzUb9EOzaAppGv-fHat8O1A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:20 GMT
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
age: 32122
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:07:43 GMT
age: 14219
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2146bf738fb2120d9f167533c7ec2ab
ce546aa88e2ab0958a99c5a8240fcd95500ef1ea
54405cd0508b2dcf343c3b8563ad8bb484f01866e58b29a034aa650a415925d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5250
x-amzn-requestid: 364176ba-8f3f-4e2f-8d52-8c03d91b5f02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEHMsoAMFysQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-33117b2d2175e2d55cedfa1f;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: avMFeAuR4DRfk759c1EL880OtEdTXp2fnCFv9aflVuurrqOi71rE6A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:00 GMT
age: 36522
etag: "ce546aa88e2ab0958a99c5a8240fcd95500ef1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:21:00 GMT
age: 2622
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c9e3df640be93567ea081ffe31576f6
fb07a0e3cfcb7f53b94f614a2e96ec1d8d5967d4
679e5a9ab43a5599759171b70ad5dbe0c4ca8facb895f08ef0313b0c7e691ea3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7387
x-amzn-requestid: 54845590-a39f-4a1b-ba4a-fe24368b268a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD7N3GmQIAMF6AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb0bf2-4b4bf4fc209388b74cb1c7f7;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:47:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 67ewmF74mKQGH8hoGiYfRHTaVmS0JZc4WkSHXiODoz8sirBFY5MD2w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 16:31:47 GMT
age: 55975
etag: "fb07a0e3cfcb7f53b94f614a2e96ec1d8d5967d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wbZuUg06OrIyirTvHtsdGz2ux_OxhbBMbPHy_52LjsmknZIf6bLDBw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 10:24:16 GMT
age: 78026
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://u1901036.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 17432e83d89f8f49ce88f002811e517d
cdn-cache: HIT
cf-cache-status: HIT
age: 309102
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78df051bc8bfb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/zero-zone.css
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/zero-zone.css
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
GET /yso/PUBG/1498814558/m/css-zone/zero-zone.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:41 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 13:03:18 GMT
vary: Accept-Encoding
etag: W/"6315f396-142a"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /yso/PUBG/1498814558/m/ HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.17, PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/facebook.css
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/facebook.css
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
GET /yso/PUBG/1498814558/m/css-zone/facebook.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 13:03:10 GMT
vary: Accept-Encoding
etag: W/"6315f38e-eb7"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/main-zone.js
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/main-zone.js
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/js-zone/main-zone.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 05 Sep 2022 13:02:54 GMT
etag: W/"262-5e7edb2a55b80"
x-powered-by: PleskLin
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/index_files/gift-zone.js
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/index_files/gift-zone.js
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/index_files/gift-zone.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 13:03:46 GMT
vary: Accept-Encoding
etag: W/"6315f3b2-66b"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.74:0
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jan 2023 08:04:40 GMT
date: Mon, 23 Jan 2023 08:04:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/twitter.css
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/css-zone/twitter.css
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
GET /yso/PUBG/1498814558/m/css-zone/twitter.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 13:03:14 GMT
vary: Accept-Encoding
etag: W/"6315f392-9ee"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/index_files/jquery.min.js.download
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/index_files/jquery.min.js.download
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/index_files/jquery.min.js.download HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 13:03:50 GMT
vary: Accept-Encoding
etag: W/"6315f3b6-1538f"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.74:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jan 2023 08:04:40 GMT
date: Mon, 23 Jan 2023 08:04:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/jquery.js
31.31.198.210200 OK 0 B URL HTTP/2 u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/js-zone/jquery.js
IP 31.31.198.210:0
ASN #197695 Domain names registrar REG.RU, Ltd
Analyzer Verdict Alert fortinet Phishing
GET /yso/PUBG/1498814558/m/js-zone/jquery.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://u1901036.plsk.regruhosting.ru/yso/PUBG/1498814558/m/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 08:04:40 GMT
content-type: application/javascript
last-modified: Mon, 05 Sep 2022 13:02:52 GMT
vary: Accept-Encoding
etag: W/"6315f37c-8cd"
x-powered-by: PleskLin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2