turnir813.beget.tech/
87.236.19.211200 OK 12 kB IP 87.236.19.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2591)
Hash a2b5ddb03b31d82fc2cd5f05ba97c4c8
2d6aabcaef39746a47990aba10dc2a9ff53808da
cad867c07f59d4e1b1e994aa15e4de4a22838f44cb737034d30098f06b064fdd
GET / HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
Last-Modified: Sat, 19 Nov 2022 14:33:18 GMT
ETag: W/"10747-5edd3b418e05e"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17217
Expires: Sat, 19 Nov 2022 23:51:48 GMT
Date: Sat, 19 Nov 2022 19:04:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3900
Cache-Control: max-age=145882
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:51 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:36:13 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14761
Expires: Sat, 19 Nov 2022 23:10:52 GMT
Date: Sat, 19 Nov 2022 19:04:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 18:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1193
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3CZWzKUqWLjQeWHsIGGUgdDQugvQKSUCvq3a3aolGBOZpyp388k2RFdfuY3Ov84Ta2f8EyMeh7k=
x-amz-request-id: Q0XG6K8X5BX9H2VE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 18:38:25 GMT
age: 1586
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 19:04:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
turnir813.beget.tech/popup.css
87.236.19.211200 OK 364 B URL HTTP/1.1 turnir813.beget.tech/popup.css
IP 87.236.19.211:0
Hash 9b24e10fddd71a668ce9f71e86cbb00f
f279ab33be735c63f8dc85db772d43d804969538
b17e5093b2912813f1be5f11c849db27e5cff584d6b6b7a3760c8c9bf304f424
GET /popup.css HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/css
Last-Modified: Sat, 19 Nov 2022 14:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6378e930-2d9"
Expires: Sat, 26 Nov 2022 19:04:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
turnir813.beget.tech/mainnn.css
87.236.19.211200 OK 10 kB URL HTTP/1.1 turnir813.beget.tech/mainnn.css
IP 87.236.19.211:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fdeac8ded24bf3601a88cb9deb1c9bf2
b689ac3f15c90ceb8a95e2cb816188b2d7544a35
7e613c4da1fc2557040692a4a2dbcf550cf62086c8d6c47b07af7eee8844e66a
GET /mainnn.css HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/css
Last-Modified: Sat, 19 Nov 2022 14:33:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6378e930-13731"
Expires: Sat, 26 Nov 2022 19:04:52 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
standoff2pro.ru/img/874091510115660
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/874091510115660
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/874091510115660 HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/fbevents.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/fbevents.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/fbevents.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/hotjar-848438.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/hotjar-848438.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/hotjar-848438.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/js
5.23.51.54301 Moved Permanently 169 B IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/js HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/analytics.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/analytics.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/analytics.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/gtm.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/gtm.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/gtm.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/css
5.23.51.54301 Moved Permanently 169 B IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/css HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/modules.0cb976794ef50d89b299.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/modules.0cb976794ef50d89b299.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/modules.0cb976794ef50d89b299.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/main.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/main.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/main.js.%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/empty-state_search.png
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/empty-state_search.png
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
GET /img/empty-state_search.png HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/filter.png
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/filter.png
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
GET /img/filter.png HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/empty_state_copy.png
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/empty_state_copy.png
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
GET /img/empty_state_copy.png HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/tourney-preloader.svg
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/tourney-preloader.svg
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/tourney-preloader.svg HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/GameTile.jpg
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/GameTile.jpg
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
GET /img/GameTile.jpg HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
standoff2pro.ru/img/search-left-arrow.svg
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/search-left-arrow.svg
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/search-left-arrow.svg HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
i.imgur.com/qy1oLnr.jpeg
151.101.84.193200 OK 1.6 kB IP 151.101.84.193:0
File type JPEG image data, baseline, precision 8, 110x109, components 3\012- data
Hash cec969382f5948a67337679a45e21be9
8d8988584153f1f126fcf6b5986204881e05e537
c04f9ade262f932263b2842bae97a0ccab885de7e6332b6a299d644ed8e24a30
GET /qy1oLnr.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 21 Jul 2022 21:01:27 GMT
etag: "cec969382f5948a67337679a45e21be9"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 19 Nov 2022 19:04:52 GMT
age: 3911210
x-served-by: cache-iad-kiad7000027-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 62, 1
x-timer: S1668884692.251567,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1588
X-Firefox-Spdy: h2
turnir813.beget.tech/img/AppIcons.jpg
87.236.19.211200 OK 62 kB URL HTTP/1.1 turnir813.beget.tech/img/AppIcons.jpg
IP 87.236.19.211:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash 2baea08dcec76fc8519c8476e7c8bdb6
aae89285483a8b13030b88fb914a885b5b6ead70
ea803d469287a70287689d6fff70eff262f0ab98b879f5f3da59cbd3c6b7db8c
GET /img/AppIcons.jpg HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: image/jpeg
Content-Length: 61572
Last-Modified: Sat, 19 Nov 2022 14:32:32 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6378e900-f084"
Expires: Mon, 19 Dec 2022 19:04:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
turnir813.beget.tech/img/new-logo.png
87.236.19.211200 OK 16 kB URL HTTP/1.1 turnir813.beget.tech/img/new-logo.png
IP 87.236.19.211:0
File type PNG image data, 536 x 102, 8-bit colormap, non-interlaced\012- data
Hash 0461d842bcdde82704144071cf009033
9d7751c40a81e6cb289d91d9d2c69abd2db6fd1e
694b2b002621f12f48e31d62a739e41cdbe3b4e4db236ba8eaa8feba4666202e
GET /img/new-logo.png HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: image/png
Content-Length: 16020
Last-Modified: Sat, 19 Nov 2022 14:32:33 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6378e901-3e94"
Expires: Mon, 19 Dec 2022 19:04:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
turnir813.beget.tech/img/Logo.png
87.236.19.211200 OK 16 kB URL HTTP/1.1 turnir813.beget.tech/img/Logo.png
IP 87.236.19.211:0
File type PNG image data, 536 x 102, 8-bit colormap, non-interlaced\012- data
Hash 0461d842bcdde82704144071cf009033
9d7751c40a81e6cb289d91d9d2c69abd2db6fd1e
694b2b002621f12f48e31d62a739e41cdbe3b4e4db236ba8eaa8feba4666202e
GET /img/Logo.png HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: image/png
Content-Length: 16020
Last-Modified: Sat, 19 Nov 2022 14:32:32 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6378e900-3e94"
Expires: Mon, 19 Dec 2022 19:04:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
turnir813.beget.tech/img/RU.png
87.236.19.211200 OK 172 B URL HTTP/1.1 turnir813.beget.tech/img/RU.png
IP 87.236.19.211:0
File type PNG image data, 60 x 40, 4-bit colormap, non-interlaced\012- data
Hash 6615dd3c6e69a7cc64f49be4d156dbc4
e18d3158945605877b6c515ba2edfc0c2301f112
edda1409334e4454befcc2683e7f70e765a42a1e6df5fde461589ce62a33181d
GET /img/RU.png HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: image/png
Content-Length: 172
Last-Modified: Sat, 19 Nov 2022 14:32:33 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6378e901-ac"
Expires: Mon, 19 Dec 2022 19:04:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
turnir813.beget.tech/img/OT.png
87.236.19.211200 OK 172 B URL HTTP/1.1 turnir813.beget.tech/img/OT.png
IP 87.236.19.211:0
File type PNG image data, 60 x 40, 4-bit colormap, non-interlaced\012- data
Hash 6615dd3c6e69a7cc64f49be4d156dbc4
e18d3158945605877b6c515ba2edfc0c2301f112
edda1409334e4454befcc2683e7f70e765a42a1e6df5fde461589ce62a33181d
GET /img/OT.png HTTP/1.1
Host: turnir813.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: image/png
Content-Length: 172
Last-Modified: Sat, 19 Nov 2022 14:32:33 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6378e901-ac"
Expires: Mon, 19 Dec 2022 19:04:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 0c30be71670cf0c5b30df4fdddfc6462
f191ac407f786d1dc929078398fdf7cf155bfa90
a30a36794d6c1c11bbf20c011898ec6ae96cd131058b1c7db48d445e992e185a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 17:21:52 GMT
ETag: "f191ac407f786d1dc929078398fdf7cf155bfa90"
Last-Modified: Sat, 19 Nov 2022 17:21:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36ced981b529-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 0c30be71670cf0c5b30df4fdddfc6462
f191ac407f786d1dc929078398fdf7cf155bfa90
a30a36794d6c1c11bbf20c011898ec6ae96cd131058b1c7db48d445e992e185a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 17:21:52 GMT
ETag: "f191ac407f786d1dc929078398fdf7cf155bfa90"
Last-Modified: Sat, 19 Nov 2022 17:21:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36ceece1fac0-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 0c30be71670cf0c5b30df4fdddfc6462
f191ac407f786d1dc929078398fdf7cf155bfa90
a30a36794d6c1c11bbf20c011898ec6ae96cd131058b1c7db48d445e992e185a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 17:21:52 GMT
ETag: "f191ac407f786d1dc929078398fdf7cf155bfa90"
Last-Modified: Sat, 19 Nov 2022 17:21:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36ceece4fac0-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 0c30be71670cf0c5b30df4fdddfc6462
f191ac407f786d1dc929078398fdf7cf155bfa90
a30a36794d6c1c11bbf20c011898ec6ae96cd131058b1c7db48d445e992e185a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 17:21:52 GMT
ETag: "f191ac407f786d1dc929078398fdf7cf155bfa90"
Last-Modified: Sat, 19 Nov 2022 17:21:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36cee887fab8-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 0c30be71670cf0c5b30df4fdddfc6462
f191ac407f786d1dc929078398fdf7cf155bfa90
a30a36794d6c1c11bbf20c011898ec6ae96cd131058b1c7db48d445e992e185a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 23 Nov 2022 17:21:52 GMT
ETag: "f191ac407f786d1dc929078398fdf7cf155bfa90"
Last-Modified: Sat, 19 Nov 2022 17:21:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36cf1a1f0af6-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 18:25:01 GMT
cache-control: public,max-age=3600
age: 2391
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PPMS48G
142.250.74.168200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PPMS48G
IP 142.250.74.168:0
File type ASCII text, with very long lines (8903)
Hash f4014f6d1f26f8f7e662034cc58b41c5
f7cd15303502f4c02e6aff01f390939c6e4f8d0a
5a8cb85722c8cf597ed967dc8a6744af56e72baf7f30bd791af624bcca5db751
GET /gtm.js?id=GTM-PPMS48G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 19:04:52 GMT
expires: Sat, 19 Nov 2022 19:04:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
standoff2pro.ru/img/box-5e3cec51ed8e99df6977c199d27812d7.html
5.23.51.54301 Moved Permanently 169 B URL HTTP/1.1 standoff2pro.ru/img/box-5e3cec51ed8e99df6977c199d27812d7.html
IP 5.23.51.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Phishing
GET /img/box-5e3cec51ed8e99df6977c199d27812d7.html HTTP/1.1
Host: standoff2pro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sat, 19 Nov 2022 19:04:52 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vh362.timeweb.ru/img/banner-craftum-2-m.png
5.23.51.54200 OK 28 kB URL HTTP/2 vh362.timeweb.ru/img/banner-craftum-2-m.png
IP 5.23.51.54:0
File type PNG image data, 1236 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d6d3fd53ebbe5252a62dfede62f340c
ab7b2a65c059e3a64d04e7265ef47f0edb0ce663
5f280ab8570993207d7afd3259da59c4a50236e0ff12da7c2a6ded7175912466
GET /img/banner-craftum-2-m.png HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/png
content-length: 28539
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: "6f7b-4f7238deedc00"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5a124e13bf23e06ed0e601ee03bc6165
3a955cccb8b8f5fb597d1185cb2dd1f6c054669c
c30896584e52f3a1d25f7c7d8b8052b7d4aaf6732b255cf37ed348ab07685ee1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165751
Date: Sat, 19 Nov 2022 19:04:52 GMT
Etag: "6378f3c4-1d7"
Expires: Mon, 21 Nov 2022 17:07:23 GMT
Last-Modified: Sat, 19 Nov 2022 15:18:28 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9x7YBzEHZJrVmW2Cl4AW7IRBN_Br3ADNYsrwSx4lIiy3YK7negvnrQ==
Age: 6535
vh362.timeweb.ru/img/banner-craftum-2-xl.png
5.23.51.54200 OK 66 kB URL HTTP/2 vh362.timeweb.ru/img/banner-craftum-2-xl.png
IP 5.23.51.54:0
File type PNG image data, 2520 x 440, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a556cc24285c28f60aa193e3d4834a0
80f091eda639b1db535c77797d9ed30d5e165620
7fa4f26d4412b4636c89477e59084262805a4677ace6940eb1311f3f74ae6dce
GET /img/banner-craftum-2-xl.png HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/png
content-length: 65750
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: "100d6-4f7238deedc00"
accept-ranges: bytes
X-Firefox-Spdy: h2
vh362.timeweb.ru/img/banner-craftum-2-s.png
5.23.51.54200 OK 18 kB URL HTTP/2 vh362.timeweb.ru/img/banner-craftum-2-s.png
IP 5.23.51.54:0
File type PNG image data, 600 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash c8070afb37c94f42ccdf4810b68b5c78
9ea280b23249be01939e069a70b5c0da54f76d6b
c05faa824c8b89272133ee9153c629ccedbc0537ad152d0c9f6a63ca17b904a0
GET /img/banner-craftum-2-s.png HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/png
content-length: 17531
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: "447b-4f7238deedc00"
accept-ranges: bytes
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/sert-1.png
5.23.51.54200 OK 2.5 kB URL HTTP/2 vh362.timeweb.ru/parking/svg/sert-1.png
IP 5.23.51.54:0
File type PNG image data, 55 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 1241afc5104f595cc28d75d4653bcb18
2c0d705dfa1ea54d4ca9eae11a3b348cf6c7adc6
7130b0ed8f9d96b97ae5a24b1e3190e49049206b43310bff483c4d4b24b5d009
GET /parking/svg/sert-1.png HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/png
content-length: 2450
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: "992-4f7238deedc00"
accept-ranges: bytes
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/sert-2.png
5.23.51.54200 OK 2.7 kB URL HTTP/2 vh362.timeweb.ru/parking/svg/sert-2.png
IP 5.23.51.54:0
File type PNG image data, 54 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 71512373c3a7d51c44daaec8952c3c70
a50f39ee39739773b0cfaaea975df5bb62366204
272e3d9ee16c3dad177a2f15532991c66c42c3edb9cfd87a4d77ce6549f06b2b
GET /parking/svg/sert-2.png HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/png
content-length: 2715
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: "a9b-4f7238deedc00"
accept-ranges: bytes
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/?ref=standoff2pro.ru
5.23.51.54200 OK 14 kB URL HTTP/2 vh362.timeweb.ru/parking/?ref=standoff2pro.ru
IP 5.23.51.54:0
Hash c18b121bcaa6bd1086148555060ca346
a8f3cc5112f3f201b10dff7156f92a0cd062c5b4
be7cb20739d588aae0ae552d0be11ef6a104e22e98fbc89b7476225aa7244555
GET /parking/?ref=standoff2pro.ru HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://turnir813.beget.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"11508-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/timeweb-logo.svg
5.23.51.54200 OK 2.2 kB URL HTTP/2 vh362.timeweb.ru/parking/svg/timeweb-logo.svg
IP 5.23.51.54:0
Hash 7df489c247dccc50b1e959a4696d7f61
b2dc2fee59f83fe80ca40f712ef5ac0cdeb3c325
398a501c2a28a556ea28fd3280b7bfbd23cd72e7b0c1438f53a7f8dcf03c9cb1
GET /parking/svg/timeweb-logo.svg HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"f8f-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
142.250.74.164200 OK 578 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (909), with no line terminators
Hash ec941e5d30fc3bb1d1aaa543ae406681
2c61a6ebfa4f2e36b59c773ef8f3d35378b6959b
6e32c0dc483787dcfab84cdc891c1865104738de265e3f2ae1331a7c8d6013bf
GET /recaptcha/api.js?onload=onloadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 19 Nov 2022 19:04:52 GMT
date: Sat, 19 Nov 2022 19:04:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 578
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5a124e13bf23e06ed0e601ee03bc6165
3a955cccb8b8f5fb597d1185cb2dd1f6c054669c
c30896584e52f3a1d25f7c7d8b8052b7d4aaf6732b255cf37ed348ab07685ee1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 19 Nov 2022 19:04:52 GMT
Etag: "6377a248-1d7"
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TjVVjPp7HrCXxUR5tRRcXPzFclTX803MWVFkaN1C_WpdIBBt_plXEg==
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5a124e13bf23e06ed0e601ee03bc6165
3a955cccb8b8f5fb597d1185cb2dd1f6c054669c
c30896584e52f3a1d25f7c7d8b8052b7d4aaf6732b255cf37ed348ab07685ee1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159216
Date: Sat, 19 Nov 2022 19:04:52 GMT
Etag: "6378f3c4-1d7"
Expires: Mon, 21 Nov 2022 15:18:28 GMT
Last-Modified: Sat, 19 Nov 2022 15:18:28 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ffYf0VsZjiLtv9ENPMkvjCJONSRQkaIaswN3NFZ0RYZkI1RepoKr7Q==
cdn.game.tv/game-tv-content/images_3/520e1ddf46e6764e175f5605d44b62d3/Banners.jpg
143.204.55.103200 OK 49 kB URL HTTP/2 cdn.game.tv/game-tv-content/images_3/520e1ddf46e6764e175f5605d44b62d3/Banners.jpg
IP 143.204.55.103:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x601, components 3\012- data
Hash b2f4a42434da1d66a35c973fa093efc4
15cc76f3f3f97ba6a2fa605e7068827b91b097c2
ed56b67129f870bb9ee5f0cf7de228168fe722f433df34dab0ebd4b263f08490
GET /game-tv-content/images_3/520e1ddf46e6764e175f5605d44b62d3/Banners.jpg HTTP/1.1
Host: cdn.game.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 49186
date: Wed, 16 Nov 2022 06:17:11 GMT
last-modified: Mon, 01 Jun 2020 11:36:37 GMT
etag: "b2f4a42434da1d66a35c973fa093efc4"
cache-control: max-age=604800,public
x-amz-version-id: Qzvh4b.yQXREA75NcbGeP4ynC2MpyhQ9
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7ymRLoxnKnO6VjeVtJPjw4qjSiXy32mw0kUPtkSPbxbLEeQ6FYB5NQ==
age: 305262
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5a124e13bf23e06ed0e601ee03bc6165
3a955cccb8b8f5fb597d1185cb2dd1f6c054669c
c30896584e52f3a1d25f7c7d8b8052b7d4aaf6732b255cf37ed348ab07685ee1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159216
Date: Sat, 19 Nov 2022 19:04:52 GMT
Etag: "6378f3c4-1d7"
Expires: Mon, 21 Nov 2022 15:18:28 GMT
Last-Modified: Sat, 19 Nov 2022 15:18:28 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sZWyAG20ID7SvKzOQ1PnFyhlu0KgOPWLRS_n4Y_NvP85_AhHNxCkzw==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5a124e13bf23e06ed0e601ee03bc6165
3a955cccb8b8f5fb597d1185cb2dd1f6c054669c
c30896584e52f3a1d25f7c7d8b8052b7d4aaf6732b255cf37ed348ab07685ee1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159216
Date: Sat, 19 Nov 2022 19:04:52 GMT
Etag: "6378f3c4-1d7"
Expires: Mon, 21 Nov 2022 15:18:28 GMT
Last-Modified: Sat, 19 Nov 2022 15:18:28 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dV7o7nwTBjcCbDVjwHZDNikBMcTqiit6hfcvZWk81IDj-kl0jOgqMA==
cdn.game.tv/locales/RU.png
143.204.55.103200 OK 172 B URL HTTP/2 cdn.game.tv/locales/RU.png
IP 143.204.55.103:0
File type PNG image data, 60 x 40, 4-bit colormap, non-interlaced\012- data
Hash 6615dd3c6e69a7cc64f49be4d156dbc4
e18d3158945605877b6c515ba2edfc0c2301f112
edda1409334e4454befcc2683e7f70e765a42a1e6df5fde461589ce62a33181d
GET /locales/RU.png HTTP/1.1
Host: cdn.game.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 172
date: Sat, 19 Nov 2022 04:32:09 GMT
last-modified: Mon, 18 Nov 2019 11:15:32 GMT
etag: "6615dd3c6e69a7cc64f49be4d156dbc4"
cache-control: max-age=604800,public
x-amz-version-id: hXdqODFhCyx.qYD7w_XlK9Bc8a2M1LNr
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lUAvD31q7b8rripAoBsUEXDeCc7Nx5bEqxYxoqpqMZN6nkoBXkmKog==
age: 52364
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/js/jquery-2.1.3.js
5.23.51.54200 OK 74 kB URL HTTP/2 vh362.timeweb.ru/parking/js/jquery-2.1.3.js
IP 5.23.51.54:0
Hash 7ce3aa4bed302d882ed4cc79c37e0be4
f04af4fe66e36243d0e5e28b1e2dae6f93c8ff8f
f9921cf498b7ed6651834aaede4158ed5e190e6a4dd0ce7acff1f66dff288e7d
GET /parking/js/jquery-2.1.3.js HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"3c65b-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.game.tv/tournaments/web.png
143.204.55.103200 OK 2.8 kB URL HTTP/2 cdn.game.tv/tournaments/web.png
IP 143.204.55.103:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 437e35e2b834e37a542e3b6ac52f6c7f
6a49d49e49112ac5d0f0c3586e798ff9a8274e29
516ff5f3e345718a1acbd6039e97839ee650b4a7abb7c5c6c3664f7ec2558978
GET /tournaments/web.png HTTP/1.1
Host: cdn.game.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2805
date: Fri, 18 Nov 2022 21:09:19 GMT
last-modified: Mon, 09 Dec 2019 11:27:54 GMT
etag: "437e35e2b834e37a542e3b6ac52f6c7f"
cache-control: max-age=604800,public
x-amz-version-id: VBg.ooFBDePZt_cedMQVRQ6QVfmG.NHc
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Uai2Y1XFLD0jmGnpQIV-_R23KLi7KCkLF9wGx-ib2pwdi-4wOHBoGg==
age: 78935
X-Firefox-Spdy: h2
cdn.game.tv/images/search-icon.png
143.204.55.103200 OK 842 B URL HTTP/2 cdn.game.tv/images/search-icon.png
IP 143.204.55.103:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a5ad7cb4cb746f600985e46c00d739b1
823971cccee47c6a081f2d82e66abb76878e4acd
a4e794836fa0fe541c5c7e1eee992ba2eddb85dcd461c6b44aadae471bc8827b
GET /images/search-icon.png HTTP/1.1
Host: cdn.game.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 842
last-modified: Thu, 24 Sep 2020 09:54:43 GMT
x-amz-version-id: RbLQpZRRJz7ALtUDm0XnSgHZVNDZcKq3
accept-ranges: bytes
server: AmazonS3
date: Sat, 19 Nov 2022 08:46:57 GMT
cache-control: max-age=86400
etag: "a5ad7cb4cb746f600985e46c00d739b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: coi2yZT1WsrsfAaQPdMA9QBITgLibWJ-aYJwAzitqiOlXspJmaCWkA==
age: 37077
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2422
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Last-Modified: Sat, 19 Nov 2022 18:24:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2422
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Last-Modified: Sat, 19 Nov 2022 18:24:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 19 Nov 2022 18:41:09 GMT
expires: Sat, 19 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 1424
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: JRavyK1MPJ/cAPXQqlp2NJnXkDcYOuKOEM0fYNPAj7o0K/o46zcmPY3eNMha411UVEfrvM8+mwthwo8siZTJPQ==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 19 Nov 2022 19:04:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ThNxoB2YrwHtweLzo2csxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SSyE+zu1EeARj7+ecs2QdAkXctU=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3b1d0042dde3a7cc0f3c9a298949354
5643577b85e8c0d80cf8a5c94262727138b8d001
3efe18400af9e79682d4505e35b7b2debe378453facc569dbb575b6ba849d874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z21YVJHWCF&cid=1916586158.1668884693>m=2oeb90&aip=1&z=2077235028
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z21YVJHWCF&cid=1916586158.1668884693>m=2oeb90&aip=1&z=2077235028
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z21YVJHWCF&cid=1916586158.1668884693>m=2oeb90&aip=1&z=2077235028 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 19:04:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1144024531&t=pageview&_s=1&dl=http%3A%2F%2Fturnir813.beget.tech%2F&ul=en-us&de=UTF-8&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=879557392&gjid=348623653&cid=1916586158.1668884693&tid=UA-24874896-12&_gid=641356968.1668884693&_r=1>m=2wgb90PPMS48G&z=360995614
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1144024531&t=pageview&_s=1&dl=http%3A%2F%2Fturnir813.beget.tech%2F&ul=en-us&de=UTF-8&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=879557392&gjid=348623653&cid=1916586158.1668884693&tid=UA-24874896-12&_gid=641356968.1668884693&_r=1>m=2wgb90PPMS48G&z=360995614
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1144024531&t=pageview&_s=1&dl=http%3A%2F%2Fturnir813.beget.tech%2F&ul=en-us&de=UTF-8&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=879557392&gjid=348623653&cid=1916586158.1668884693&tid=UA-24874896-12&_gid=641356968.1668884693&_r=1>m=2wgb90PPMS48G&z=360995614 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://turnir813.beget.tech
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://turnir813.beget.tech
date: Sat, 19 Nov 2022 19:04:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZXJRW3ECY3&cid=1916586158.1668884693>m=2oeb90&aip=1&z=2108877304
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZXJRW3ECY3&cid=1916586158.1668884693>m=2oeb90&aip=1&z=2108877304
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZXJRW3ECY3&cid=1916586158.1668884693>m=2oeb90&aip=1&z=2108877304 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 19:04:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 993a844cd8f21893ec9a20cbd2b2ea2a
1eec7e101ec6d8ba6087360b2fa45fd8b71be61c
ff9ecc3c054b50daaa71a9c81c68a8c89d962124472de28bdf9cafc6a8d17aa6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127396
Date: Sat, 19 Nov 2022 19:04:53 GMT
Etag: "63786f99-1d7"
Expires: Mon, 21 Nov 2022 06:28:09 GMT
Last-Modified: Sat, 19 Nov 2022 05:54:33 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rg7_4_UIKv4lHun-lTWOb_oydclBBhHVtpFVUGRBFh7chwFHj9F5sg==
Age: 2016
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1763bb9f6433bdb95b7de8ec3118bb1c
dcf4842d857e90546495e90a2ed83bfaa322954a
2b278d901b21cd2aa2e9563a40813721f4c31cf94710665928add580f834ace9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2422
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Last-Modified: Sat, 19 Nov 2022 18:24:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
static-prod.weplay.tv/frontend-common-assets/favicons/favicon.ico
143.204.55.85200 OK 15 kB URL HTTP/2 static-prod.weplay.tv/frontend-common-assets/favicons/favicon.ico
IP 143.204.55.85:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash feea433ebb6f8a5df2577ab55696121b
8f4bdb3fb8ae02421a0212a8796deaf5b2bcfa09
718f64321368d9c91f50623ff5abace6e000278733ac3f5b4b2d12ff2099b610
GET /frontend-common-assets/favicons/favicon.ico HTTP/1.1
Host: static-prod.weplay.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 15086
last-modified: Wed, 08 Jul 2020 14:43:00 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 05 Nov 2022 09:43:39 GMT
etag: "feea433ebb6f8a5df2577ab55696121b"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6QooE2___isDyKqRpNJ5vVGBdSrvIiBfb47yQy2VOL3SZvIlTnj72A==
age: 1243275
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash d0600e21f40ec50c6079fda03db3a327
c72900a07668d021641d08bc6f6e04c0a51c20e3
11e36d486e12fa8d3aa132ef12b59d4f09d21f3b38fd55a1a6bd162b7c3bf265
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Wed, 23 Nov 2022 17:06:43 GMT
ETag: "c72900a07668d021641d08bc6f6e04c0a51c20e3"
Last-Modified: Sat, 19 Nov 2022 17:06:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3035
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36d4d84eb529-OSL
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vh362.timeweb.ru
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:33 GMT
expires: Fri, 17 Nov 2023 15:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 185660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3b1d0042dde3a7cc0f3c9a298949354
5643577b85e8c0d80cf8a5c94262727138b8d001
3efe18400af9e79682d4505e35b7b2debe378453facc569dbb575b6ba849d874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24874896-12&cid=1916586158.1668884693&jid=879557392&gjid=348623653&_gid=641356968.1668884693&_u=YADAAEAAAAAAACAAI~&z=1751913373
142.250.150.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24874896-12&cid=1916586158.1668884693&jid=879557392&gjid=348623653&_gid=641356968.1668884693&_u=YADAAEAAAAAAACAAI~&z=1751913373
IP 142.250.150.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24874896-12&cid=1916586158.1668884693&jid=879557392&gjid=348623653&_gid=641356968.1668884693&_u=YADAAEAAAAAAACAAI~&z=1751913373 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://turnir813.beget.tech
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://turnir813.beget.tech
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 19 Nov 2022 19:04:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 993a844cd8f21893ec9a20cbd2b2ea2a
1eec7e101ec6d8ba6087360b2fa45fd8b71be61c
ff9ecc3c054b50daaa71a9c81c68a8c89d962124472de28bdf9cafc6a8d17aa6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125380
Date: Sat, 19 Nov 2022 19:04:53 GMT
Etag: "63786f99-1d7"
Expires: Mon, 21 Nov 2022 05:54:33 GMT
Last-Modified: Sat, 19 Nov 2022 05:54:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jNdBJn9UWThapA6926aU1pMwEhdq_zj6FBNgTZ9W0wbNO3JDzky85A==
www.facebook.com/tr/?id=874091510115660&ev=PageView&dl=http%3A%2F%2Fturnir813.beget.tech%2F&rl=&if=false&ts=1668884693364&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668884693363.659857533&it=1668884693171&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=874091510115660&ev=PageView&dl=http%3A%2F%2Fturnir813.beget.tech%2F&rl=&if=false&ts=1668884693364&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668884693363.659857533&it=1668884693171&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=874091510115660&ev=PageView&dl=http%3A%2F%2Fturnir813.beget.tech%2F&rl=&if=false&ts=1668884693364&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668884693363.659857533&it=1668884693171&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Nov 2022 19:04:53 GMT
X-Firefox-Spdy: h2
static-prod.weplay.tv/frontend-common-assets/favicons/favicon-16x16.png
143.204.55.85200 OK 1.0 kB URL HTTP/2 static-prod.weplay.tv/frontend-common-assets/favicons/favicon-16x16.png
IP 143.204.55.85:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 10e64b7accf7347ce2ce01a6857222d6
bc4659403249800ce8bc1bc9852989fcc208dd7e
12451ce6aca8142275db31cb836e9f8192a616c151fefa91759c00c3ff69736a
GET /frontend-common-assets/favicons/favicon-16x16.png HTTP/1.1
Host: static-prod.weplay.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1038
last-modified: Wed, 08 Jul 2020 14:43:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 19 Nov 2022 19:04:53 GMT
etag: "10e64b7accf7347ce2ce01a6857222d6"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2ZYOTL9kEpbKwQo4OMcGGVjKgE6t6mx8ThaYudn2W5o1N1AGCVmspQ==
age: 2053743
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 19:04:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3e2933af4666096323e627f67161d362
b7c899e04f077c1c6df3b07e532674ae9e0d36fd
afffc0e6bd1a4d8cdf7c45ba06e14690e6883886777f4ac447018a1d71f2c88f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 23 Nov 2022 18:16:54 GMT
ETag: "b7c899e04f077c1c6df3b07e532674ae9e0d36fd"
Last-Modified: Sat, 19 Nov 2022 18:16:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36d76ac2fac0-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3e2933af4666096323e627f67161d362
b7c899e04f077c1c6df3b07e532674ae9e0d36fd
afffc0e6bd1a4d8cdf7c45ba06e14690e6883886777f4ac447018a1d71f2c88f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 23 Nov 2022 18:16:54 GMT
ETag: "b7c899e04f077c1c6df3b07e532674ae9e0d36fd"
Last-Modified: Sat, 19 Nov 2022 18:16:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36d77ad1fac0-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3e2933af4666096323e627f67161d362
b7c899e04f077c1c6df3b07e532674ae9e0d36fd
afffc0e6bd1a4d8cdf7c45ba06e14690e6883886777f4ac447018a1d71f2c88f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 23 Nov 2022 18:16:54 GMT
ETag: "b7c899e04f077c1c6df3b07e532674ae9e0d36fd"
Last-Modified: Sat, 19 Nov 2022 18:16:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36d78f36fab8-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 3e2933af4666096323e627f67161d362
b7c899e04f077c1c6df3b07e532674ae9e0d36fd
afffc0e6bd1a4d8cdf7c45ba06e14690e6883886777f4ac447018a1d71f2c88f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 19:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 23 Nov 2022 18:16:54 GMT
ETag: "b7c899e04f077c1c6df3b07e532674ae9e0d36fd"
Last-Modified: Sat, 19 Nov 2022 18:16:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76cb36d799fb0af6-OSL
region1.analytics.google.com/g/collect?v=2&tid=G-ZXJRW3ECY3>m=2oeb90&_p=1144024531&_gaz=1&cid=1916586158.1668884693&ul=en-us&sr=1280x1024&_s=1&sid=1668884693&sct=1&seg=0&dl=http%3A%2F%2Fturnir813.beget.tech%2F&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&en=page_view&_fv=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-ZXJRW3ECY3>m=2oeb90&_p=1144024531&_gaz=1&cid=1916586158.1668884693&ul=en-us&sr=1280x1024&_s=1&sid=1668884693&sct=1&seg=0&dl=http%3A%2F%2Fturnir813.beget.tech%2F&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&en=page_view&_fv=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZXJRW3ECY3>m=2oeb90&_p=1144024531&_gaz=1&cid=1916586158.1668884693&ul=en-us&sr=1280x1024&_s=1&sid=1668884693&sct=1&seg=0&dl=http%3A%2F%2Fturnir813.beget.tech%2F&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://turnir813.beget.tech
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: http://turnir813.beget.tech
date: Sat, 19 Nov 2022 19:04:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-Z21YVJHWCF>m=2oeb90&_p=1144024531&_gaz=1&cid=1916586158.1668884693&ul=en-us&sr=1280x1024&_s=1&sid=1668884693&sct=1&seg=0&dl=http%3A%2F%2Fturnir813.beget.tech%2F&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-Z21YVJHWCF>m=2oeb90&_p=1144024531&_gaz=1&cid=1916586158.1668884693&ul=en-us&sr=1280x1024&_s=1&sid=1668884693&sct=1&seg=0&dl=http%3A%2F%2Fturnir813.beget.tech%2F&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Z21YVJHWCF>m=2oeb90&_p=1144024531&_gaz=1&cid=1916586158.1668884693&ul=en-us&sr=1280x1024&_s=1&sid=1668884693&sct=1&seg=0&dl=http%3A%2F%2Fturnir813.beget.tech%2F&dt=WePlay%20Esports%20%E1%90%88%20%D0%98%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%A2%20%D0%98%D0%B2%D0%B5%D0%BD%D1%82%D1%8B%20%E2%80%A2%20%D0%A2%D1%83%D1%80%D0%BD%D0%B8%D1%80%D1%8B&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://turnir813.beget.tech
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://turnir813.beget.tech
date: Sat, 19 Nov 2022 19:04:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.217200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.217:0
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vh362.timeweb.ru
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 19 Nov 2022 19:04:53 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Mon, 20 Nov 2023 00:54:03 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: fe612cf0e20f9c36
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/682717/b71a78bb556d9bfc4ca1.js
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/682717/b71a78bb556d9bfc4ca1.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65494)
Hash 445a6766ce5d46938a65264e1b575d32
74f57d2d5122c272d0e79ade7c883b430b7c872f
6cee423c738404421824d9b8e2a31c5e2efb26dd1bcd2ff186ecfa5377766418
GET /partner-code-bundles/682717/b71a78bb556d9bfc4ca1.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vh362.timeweb.ru
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 19 Nov 2022 19:04:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 23500
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "445a6766ce5d46938a65264e1b575d32"
expires: Tue, 19 Nov 2052 01:39:02 GMT
last-modified: Thu, 17 Nov 2022 16:39:37 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/dummy-block-2.svg
5.23.51.54200 OK 103 kB URL HTTP/2 vh362.timeweb.ru/parking/svg/dummy-block-2.svg
IP 5.23.51.54:0
Size 103 kB (102740 bytes)
Hash ece63df78d343852784e32fb8d824790
a979244490f3d2a5c20b20c69e7fc68d9748576a
4daf1aaacfe806553e16e00c07e7a6b7633da4a72a3fdfbb04786076b72da427
GET /parking/svg/dummy-block-2.svg HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"708c-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
178.154.131.217200 OK 8.9 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (33703), with no line terminators
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vh362.timeweb.ru
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 19 Nov 2022 19:04:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Tue, 19 Nov 2052 01:40:51 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/682717/3521127290410543dbe9.js
178.154.131.217200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/682717/3521127290410543dbe9.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (14344)
Hash 7446e460b1a5aecf9113c9008037de61
faa220b11ec3401eeaf6c969148b2fb895e8f89b
36543e04d8216a7ac0a2ad2a8898b0d2e732807e67a49f01dde784e7c17581ce
GET /partner-code-bundles/682717/3521127290410543dbe9.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vh362.timeweb.ru
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 19 Nov 2022 19:04:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 4801
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "7446e460b1a5aecf9113c9008037de61"
expires: Tue, 19 Nov 2052 01:40:27 GMT
last-modified: Thu, 17 Nov 2022 16:39:36 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12966
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:04:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12966
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:04:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12966
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 19:04:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5fb6d72b647aabea33ab4017f4a0847
ed93ac946111340a254b92f8ce27e8be93ae87e8
0782ed4ffaea8f9487461d5a9b0c241d30dfe057676753b24e180d0a94efad99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7045
x-amzn-requestid: e8dace8b-0cc8-4ea0-b47a-e42a66576f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K3EuCIAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-71c191e462be52006858817b;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S0Sq8vuP-MbcuYVx_WFXTkmrY966mBTY1Qpowx_E_to1tDk1b8R-Bw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:49:21 GMT
age: 76533
etag: "ed93ac946111340a254b92f8ce27e8be93ae87e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/dummy-block-1.svg
5.23.51.54200 OK 9.7 kB URL HTTP/2 vh362.timeweb.ru/parking/svg/dummy-block-1.svg
IP 5.23.51.54:0
Hash 8c7ea4c0c4932bb8ec1c94a0c6c290b3
31dfbae4227ba4afbbbc25002fcf5018d2668334
b6ae0354815b8383fc698770b2fe565e92edd9c15be1d975d79f3ea4959e152c
GET /parking/svg/dummy-block-1.svg HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"36dc-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 42432
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 77309
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 77309
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e9f6e24e829065d4f201b4c9d9c8fd1
317ec439968641329b83210f7fcab59023310077
d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 31111
etag: "317ec439968641329b83210f7fcab59023310077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-848438.js?sv=7
54.230.111.39200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-848438.js?sv=7
IP 54.230.111.39:0
GET /c/hotjar-848438.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://turnir813.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 19:03:58 GMT
cache-control: max-age=60
etag: W/2abe210af4f66b2dfcdbb601b75e45cf
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CFQdFNFL7HciLp_wMnwi1ugCpA-LYIm6p7abGe6G8tRbPfwCY3RcnA==
age: 55
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/css/styles.css
5.23.51.54200 OK 0 B URL HTTP/2 vh362.timeweb.ru/parking/css/styles.css
IP 5.23.51.54:0
GET /parking/css/styles.css HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"a71f-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
yandex.ru/ads/system/context.js
5.255.255.88200 OK 0 B URL HTTP/2 yandex.ru/ads/system/context.js
IP 5.255.255.88:0
GET /ads/system/context.js HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
access-control-allow-origin: *
set-cookie: i=MIln6+NbJFNaCFwTw/SmDZglv1y0VjkR9Wgq0fjxyQcbd/XBw5usz0fwFqL8KnDj0fJS85hxi1AM+FdfbZkctTzLlog=; Expires=Mon, 18-Nov-2024 19:04:53 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
expires: Sat, 19 Nov 2022 20:04:53 GMT
x-yandex-req-id: 1668884693310373-1837512246816642877-vla1-4614-vla-l7-balancer-8080-BAL-5095
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/timeweb-googleplay.svg
5.23.51.54200 OK 0 B URL HTTP/2 vh362.timeweb.ru/parking/svg/timeweb-googleplay.svg
IP 5.23.51.54:0
GET /parking/svg/timeweb-googleplay.svg HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"27a6-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 19:04:52 GMT
date: Sat, 19 Nov 2022 19:04:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/dummy-block-3.svg
5.23.51.54200 OK 0 B URL HTTP/2 vh362.timeweb.ru/parking/svg/dummy-block-3.svg
IP 5.23.51.54:0
GET /parking/svg/dummy-block-3.svg HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"6685-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2
vh362.timeweb.ru/parking/svg/timeweb-appstore.svg
5.23.51.54200 OK 0 B URL HTTP/2 vh362.timeweb.ru/parking/svg/timeweb-appstore.svg
IP 5.23.51.54:0
GET /parking/svg/timeweb-appstore.svg HTTP/1.1
Host: vh362.timeweb.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vh362.timeweb.ru/parking/?ref=standoff2pro.ru
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Sat, 19 Nov 2022 19:04:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2014 07:06:24 GMT
etag: W/"30c2-4f7238deedc00"
content-encoding: gzip
X-Firefox-Spdy: h2