Report - u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

Report Overview

Submitted URL
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/
IP
31.31.198.210
ASN
#197695 Domain names registrar REG.RU, Ltd
Submitted
2023-01-28 07:59:57
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
a.top4top.io	588496	2019-12-05T19:36:40Z	2023-03-13T05:39:38Z	444 B	18 kB	51.159.64.45
www.pubgmobile.com	21653	2018-04-27T13:06:13Z	2023-03-13T05:39:38Z	2.6 kB	1.1 MB	23.36.76.227
i.postimg.cc	23840	2018-04-11T12:01:12Z	2023-03-13T05:19:26Z	1.3 kB	185 kB	162.19.88.69
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-13T07:25:30Z	475 B	946 B	104.18.10.207
u1901036.plsk.regruhosting.ru	unknown	2023-01-15T22:09:08Z	2023-03-08T11:20:33Z	16 kB	2.2 MB	31.31.198.210
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.1 kB	93.184.220.29
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.131
i.ibb.co	13485	2018-11-25T11:13:48Z	2023-03-13T05:33:20Z	833 B	34 kB	162.19.58.156
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	488 B	14 kB	142.250.74.67
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	845 B	302 kB	142.250.74.106
l.top4top.io	926491	2020-01-15T00:19:40Z	2023-03-13T05:39:38Z	444 B	20 kB	65.21.235.194
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.210.150.237
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	466 B	6.9 kB	104.17.25.14
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-28 07:59:47	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-28 07:59:47	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-28 07:59:47	low	31.31.198.210	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
2023-01-28 07:59:47	low	31.31.198.210	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2023-01-28 07:59:47	low	31.31.198.210	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-27	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	Tencent

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/css	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/jquery.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/main-zone.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/gift-zone.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/showHide.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/selowx.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/slider.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/jquery.min.js.download	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/zero-zone.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/alert-zone.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/login.mp3	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/spin.mp3	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/tutup.mp3	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/click_new.mp3	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/fonts/selow.woff2	Phishing
2023-01-28	medium	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/button.mp3	Phishing
2023-01-28	medium	l.top4top.io/m_1725u5z7i1.mp3	Malware
2023-01-28	medium	a.top4top.io/m_1725zobal2.mp3	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	616 B	2023-03-07	2024-03-28
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-03-28 17:17:02 Times Seen205 Hash 75243aa64225c51fadea3970bfd848ca 3ae640bae9d071ed9b0fef24971d3a4c00566b23 1088ef60bb0d5301abc6a05990bca389ddc1a9c5bd4856b6acdbfa24d1524c0f Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	22 B	2023-03-07	2024-04-26
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-26 06:14:08 Times Seen1304 Hash 6757da209489d96df42a614bf285cf75 f8397e6774f88545c26e5d21b3cf694ac0aa7867 d28cdc76319fa01ac711c9605b84d7cac08c39a52d83ca192aa0acf388bfba51 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/zero-zone.js	861 B	2023-03-07	2024-04-26
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/zero-zone.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-26 06:14:09 Times Seen1767 Hash e2fa33d030064bc3c6e44da71cf39659 4907034831c9244c5bce315c3aabbbbdf06cd687 b6b1475306c19ac27e78c3483123346379ea4a356ad9bf0d01319cee2b8f30c6 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/slider.js	571 B	2023-03-08	2023-11-25
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/slider.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:44:47 Last Seen2023-11-25 18:21:08 Times Seen9 Hash ba5f0ef6bb5fcbc0e758178cd6a923f7 32734683e9214ec5146caa64e0958997d1d7ee89 b4b89b77d17ed285314856545e7fd653237c1c28c47dd8da63efa6a24021dd0d Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	179 B	2023-03-07	2024-03-28
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-03-28 17:17:02 Times Seen238 Hash 047855e11c783f17c38aef9e921ea87e d849de51e1703b1e7dfd6bcb57ea3f50f719bc3a 0d5aecec5d98042b19afc93cd9fb2a3e130e899cc4c8d065c1c5bab339f1c0a6 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	191 B	2023-03-07	2024-03-28
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-03-28 17:17:02 Times Seen196 Hash 5ff980c2ddd00a8df675df8f1d3ffa3a e2c1150d84b085a8f2698ec6df5fc788534de5cd 387c5191d2a1003cb39a018b0e501ce4c67e33393fece2bc79b3a28bba8d4fe3 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	1.2 kB	2023-03-08	2023-09-11
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:43:49 Last Seen2023-09-11 01:42:56 Times Seen7 Hash 975dadc6f9d16d259100a6885ae194f2 450bb062b5566ce417908e28fb827f2aaa074e95 554fc090ce68f899ecc17c8c8a0448efb9ccd6e9e5f1d52cef32b7b83dea6c3a Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	5.7 kB	2023-03-10	2023-09-11
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:33:06 Last Seen2023-09-11 01:42:56 Times Seen5 Hash 64a82c0ffe7fc80dbbdcbfdabef035c5 bb045108d6cb6e22a20102796b265b5747ac3d03 aa93b0af9aab58d4430062e5bf90c27524064b269313c5b62aa4e3e4cf5cd944 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/jquery.min.js.download	87 kB	2023-03-07	2024-04-26
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/jquery.min.js.download IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-26 14:39:17 Times Seen2986 Hash 378087a64e1394fc51f300bb9c11878c 0c3192b500a4fd550e483cf77a49806a5872185b 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/jquery.js	2.1 kB	2023-03-07	2024-04-09
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/jquery.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:28 Last Seen2024-04-09 07:55:22 Times Seen32 Hash 85c32ab6bd52dfee88a363fe4c2098ec 30e7ab4ee1210a2e143d94cabe8d9a5486055b95 c8fe38740d7ac549e1d26eb2f7bc50156944a93d9c3537f89292deec2d35ad43 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	20 B	2023-03-07	2024-03-26
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-03-26 04:44:52 Times Seen78 Hash 1e302d3b8e4b50901df076b04617cc30 c598b2e079134d7faaabd2986014225a4fec5420 ea0da56ebd906b9b9770465bd9a6098d7eeffc3b4f12247aa615b6f6d0a7c526 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/gift-zone.js	1.7 kB	2023-03-09	2023-09-11
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/gift-zone.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:49:35 Last Seen2023-09-11 01:42:56 Times Seen7 Hash 60e3c537f6f8908baff34ff295c145cf 08c7e37f73460efd575e9aa8f4ab988e4b83a572 ffbf6898ace7f95a6bb84ad78d189f33f1cd0ce7dd92fbc3bf47b50aa19138cb Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/	380 B	2023-03-07	2024-03-28
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/ IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:03:56 Last Seen2024-03-28 17:17:02 Times Seen164 Hash 66d149f2c441622aefe58a19ad629cce 95533ced32d191214d242c6f860fe076abcfda76 6552056d7ab53201deb48dde0f7d4725a1c4b8df3c594d019612dd04f8a47981 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/main-zone.js	600 B	2023-03-07	2024-04-09
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/main-zone.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:28 Last Seen2024-04-09 07:55:22 Times Seen30 Hash 73c6695276c16cd589b28afdab5e0e73 fc4b400ac5944ec78eef422ae879200ea079d690 46f6b6f8af7209e3d9b12771f26c87164f35b5fac01a8418235c2c9658d87821 Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/alert-zone.js	121 kB	2023-03-07	2024-04-26
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/alert-zone.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:45 Last Seen2024-04-26 06:14:09 Times Seen2421 Hash 2d8819d4b15ffe076a804a074e0229da 0e76d42421e78a58d71c99e233335f39b8b47645 b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde Loading...

	u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/showHide.js	1.2 kB	2023-03-09	2023-09-19
Pretty URL u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/showHide.js IP 31.31.198.210 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:49:35 Last Seen2023-09-19 15:11:37 Times Seen28 Hash b87edea7c292fb15e8093d9450a93402 ecccf5ab97ec59c7ecf15273fbcf7ca262efbf11 a837b47bd41c8c3fcb4a7d84b1937d85d344812848ff7b3a6dc5b46a69966750 Loading...

		Size	First Seen	Last Seen
	#1 Write - bcac842be7f8998e3880a54fae737f5c	140 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-26 06:14:08 Times Seen1300 Hash bcac842be7f8998e3880a54fae737f5c c4a801e5013546c703ba5cba5c176e7d525aadc9 69db51683da9aaff997d8865c60e37445e2bc99d451ec64029183b375779df4d Loading...

	#2 Write - d7d45230746aadb587b5421834758994	171 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-25 05:09:06 Times Seen1307 Hash d7d45230746aadb587b5421834758994 65480c14ebd56b32288f937a0a51867362c530ae 06d287bc821986c6d2cea4631dc0329b9cd9e15ca19737eb1479e118526bc3e9 Loading...

HTTP Transactions (86)

URL IP Response Size

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

31.31.198.210

200 OK

9.9 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (5774), with CRLF line terminators
Size
9.9 kB (9887 bytes)
Hash
b38a429416801463c0d8fc30a36609b6
701d60b5cb188cf697d5a56342ffb643838752bd
eff2d3eb5d2a8246f50575cc752e1b868e3169120c23a2a125ae3638c72aedfd

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3

HTTP Headers

GET /yso/PUBG/1682839537/k/ HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.17, PleskLin
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12515
Expires: Sat, 28 Jan 2023 11:28:20 GMT
Date: Sat, 28 Jan 2023 07:59:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15597
Expires: Sat, 28 Jan 2023 12:19:42 GMT
Date: Sat, 28 Jan 2023 07:59:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9842
Expires: Sat, 28 Jan 2023 10:43:47 GMT
Date: Sat, 28 Jan 2023 07:59:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 07:35:29 GMT
content-type: application/json
age: 1456
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6aYQ61Y9Vvw5aq4lI9jh80ctdnhEXSat5t+9hXdjwJAo7xj5zpbykSLGUhzmB8nQ/T+utQaLzp0=
x-amz-request-id: GTZN8016G6EZ14G2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 07:20:53 GMT
age: 2332
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/css

31.31.198.210

200 OK

14 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/css
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (1116)
Size
14 kB (13463 bytes)
Hash
19ec41b2e2ceb202ce223c1a297aebc4
2005a2c496bcf73deb0d1c76ca92af011c21b0e6
68c453f3e5a0751c766dc4cfa1814f9a37fca7122b1b929d7ecd2f7ff31444cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/index_files/css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: text/plain
Last-Modified: Fri, 16 Dec 2022 20:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc28-f33c"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/twitter.css

31.31.198.210

200 OK

622 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/twitter.css
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (2019), with no line terminators
Size
622 B (622 bytes)
Hash
0062392362eb074114979e2566abd809
5cfcd3342d7059bb78dbe953a13ae972edc89f3b
ca67511df899c844678845b06361c7fb1f31cac91b50be8c0264f8cb966dd209

HTTP Headers

GET /yso/PUBG/1682839537/k/css-zone/twitter.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: text/css
Last-Modified: Fri, 16 Dec 2022 20:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc28-7e3"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/animate.css

31.31.198.210

200 OK

4.2 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/animate.css
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (60556), with CRLF line terminators
Size
4.2 kB (4176 bytes)
Hash
bb685225c08d653e4a0be9faa6939cd7
c7f84fdcf5f9890c88817c52064666288a845bdf
37babfbc789ee5bc71210c2886823dffb19fe2089727913f7169b3ec4593dba4

HTTP Headers

GET /yso/PUBG/1682839537/k/css-zone/animate.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: text/css
Last-Modified: Fri, 16 Dec 2022 20:59:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc24-ed34"
X-Powered-By: PleskLin
Content-Encoding: gzip

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3129643
expires: Thu, 18 Jan 2024 07:59:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyuqPdlA8WbgZkmzGLgxyOnaWMG%2FosfZ3uDUdJ%2Bme5n2C6tNIQlUQFHYnBgqsHIiwr3BNxy7fzEWCoqFU7TvBpac9k3yzRmjKFVnmO%2F%2Fz4NbV4mxrzkeMtDutwQ3ZWeYYES6FvxI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 790830c77acab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/jquery.js

31.31.198.210

200 OK

343 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/jquery.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (1767)
Size
343 B (343 bytes)
Hash
a349607657bcaf7a5d4d1aea4ce9082b
7ab1077ff75d41b21979ef91497315a57e72ff9a
b1f4ddbc70a4f9abef62beebe7b7723b8f5c9a7c755857353dd10cd14a907358

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/jquery.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 20:59:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc32-847"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/facebook.css

31.31.198.210

200 OK

741 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/facebook.css
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (2891), with no line terminators
Size
741 B (741 bytes)
Hash
8366030d5479eabecdc6778322a67838
c0d64748862d9b3da5cf096916c12d4b1be771ae
d702f7162cd5d3ecf0b65611d60d7f6faeafa9ce4fe326eeb4a3d32bfdafea44

HTTP Headers

GET /yso/PUBG/1682839537/k/css-zone/facebook.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: text/css
Last-Modified: Fri, 16 Dec 2022 20:59:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc26-b4b"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/main-zone.js

31.31.198.210

200 OK

335 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/main-zone.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (470)
Size
335 B (335 bytes)
Hash
be92bb8e54888deb6580b03446b41b3e
21c8a5675ebba4472966b41b451698cdef183b90
b53cd42048a9ecf5ddc3ac34312efa84bad81bdda5d0a37e78043f575d999306

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/main-zone.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Fri, 16 Dec 2022 20:59:30 GMT
ETag: W/"258-5eff83ee9f080"
X-Powered-By: PleskLin
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5774
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:45 GMT
Last-Modified: Sat, 28 Jan 2023 06:23:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.227

200 OK

675 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 28 Jan 2023 07:59:45 GMT
content-length: 675
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.227

200 OK

75 kB

URL HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=250
expires: Sat, 28 Jan 2023 08:03:55 GMT
date: Sat, 28 Jan 2023 07:59:45 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

23.36.76.227

200 OK

526 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 28 Jan 2023 07:59:45 GMT
content-length: 526
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_download.svg

23.36.76.227

200 OK

485 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 28 Jan 2023 07:59:45 GMT
content-length: 485
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.227

200 OK

426 B

URL HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 28 Jan 2023 07:59:45 GMT
content-length: 426
X-Firefox-Spdy: h2

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/gift-zone.js

31.31.198.210

200 OK

631 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/gift-zone.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text
Size
631 B (631 bytes)
Hash
716c7aeb3fc682df5a9fefb32be25f53
6728d32500526e134a44a9fd710e5a090cbf99f7
1c3674202dbeb9d5387082f308e66a421ef4ae3ef380485d859b751efde2e653

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/index_files/gift-zone.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 20:59:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc2e-68f"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/showHide.js

31.31.198.210

200 OK

276 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/showHide.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with CRLF line terminators
Size
276 B (276 bytes)
Hash
ea5be5f2d5fd99ba583cb5f0a286cc40
af60edc0a64facc2e04936040acbc1e632fcf8b3
7a230ad52118f042bd8f9734fbc533280a1ea8ce772e8f56257385b464b69b55

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/showHide.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 20:59:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc30-49d"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/selowx.js

31.31.198.210

200 OK

1.8 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/selowx.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
Unicode text, UTF-8 text, with very long lines (5220)
Size
1.8 kB (1785 bytes)
Hash
fb1d0654a9831f8fd1c0ede8cdfa5845
b09b1db5c5eb5b9f23c6714ca1542e1cd650c61d
07e92c4c939fc3a2c8dc9d2adbde29f4d88feb6d21d7627585aa560365600351

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/selowx.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 20:59:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc30-14ea"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/slider.js

31.31.198.210

200 OK

285 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/slider.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text
Size
285 B (285 bytes)
Hash
b9b9dfdd4dfe419b02dacf0e9540dd6d
003137c173032a4c0be9ae81fa194a7b6e837e7c
0a446334b5497a6b6b42b5480fa201e287e9531b88db5c64fa633903759a5a11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/slider.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Fri, 16 Dec 2022 20:59:26 GMT
ETag: W/"23b-5eff83eace780"
X-Powered-By: PleskLin
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/jquery.min.js.download

31.31.198.210

200 OK

30 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/index_files/jquery.min.js.download
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
30 kB (30295 bytes)
Hash
4ffc9bf46619cf68b7553449a9627cd3
4d974af67ccbeee3e08db24bcf07a12e8c6a5897
30b6a13926272af79ddd17d9ef2463f1b321b971dfa4516c209e2af5cb910c92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/index_files/jquery.min.js.download HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 20:59:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc2c-15391"
X-Powered-By: PleskLin
Content-Encoding: gzip

i.ibb.co/V9rgBqw/twitter-text.png

162.19.58.156

200 OK

4.3 kB

URL HTTP/2
i.ibb.co/V9rgBqw/twitter-text.png
IP
162.19.58.156:0
ASN
#16276 OVH SAS

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

u1901036.plsk.regruhosting.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

31.31.198.210

404 Not Found

65 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
65 kB (64692 bytes)
Hash
86902beebcd625e774d6f7a55f29fc13
afa9fbcbd67e04b9d244814254500a4628e0c568
f20d8f588aef9744359368dc28ebed2c84f33e50efe1c1b8b92749fb5eeb081b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: W/"49318-5f233c396839c"
X-Powered-By: PleskLin
Content-Encoding: gzip

i.postimg.cc/66bK3tfJ/Amod.png

162.19.88.69

200 OK

86 kB

URL HTTP/2
i.postimg.cc/66bK3tfJ/Amod.png
IP
162.19.88.69:0
ASN
#16276 OVH SAS

File type
PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
86 kB (86253 bytes)
Hash
c984d71cd905f49da568e4065129d87e
659edc07148f7197cdf025bd0ed9ac1d296f9131
c428adc61eebb6d5fb1fab43436b08fc12d7c63419f435395e436babd0adf789

HTTP Headers

GET /66bK3tfJ/Amod.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: image/png
content-length: 86253
last-modified: Wed, 17 Aug 2022 14:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/Wg8qQxh/facebook-text.png

162.19.58.156

200 OK

29 kB

URL HTTP/2
i.ibb.co/Wg8qQxh/facebook-text.png
IP
162.19.58.156:0
ASN
#16276 OVH SAS

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/y8vBWnXX/navbar-logo-min.png

162.19.88.69

200 OK

86 kB

URL HTTP/2
i.postimg.cc/y8vBWnXX/navbar-logo-min.png
IP
162.19.88.69:0
ASN
#16276 OVH SAS

File type
PNG image data, 1074 x 800, 8-bit colormap, non-interlaced\012- data
Size
86 kB (86273 bytes)
Hash
622383c1c5ebc62f21750dba042a1142
88b851b84018faf7052bcdb5c3096dae7dc98df2
90af35797f120a1251b7496c57096cea46b4a57a20f3a7c8601021fdb8674461

HTTP Headers

GET /y8vBWnXX/navbar-logo-min.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: image/png
content-length: 86273
last-modified: Tue, 27 Sep 2022 13:41:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5775
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:46 GMT
Last-Modified: Sat, 28 Jan 2023 06:23:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/5.png

31.31.198.210

200 OK

18 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/5.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1072x1072, components 3\012- data
Size
18 kB (18073 bytes)
Hash
4fdc9888909d097a6044f922d7fc031e
0d36bb809c4dd2f91ab3e2c885b0010749524839
d944a66abb9568d1ab96c47f07849a2512ac5015d3c43007d1dca42076a3c76c

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/5.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 18073
Last-Modified: Fri, 16 Dec 2022 20:35:52 GMT
Connection: keep-alive
ETag: "639cd6a8-4699"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/6.png

31.31.198.210

200 OK

32 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/6.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x1280, components 3\012- data
Size
32 kB (32136 bytes)
Hash
f08e7583452dec0f0e844e87bb34e8d9
dab80af575050b52d139c6ed2cdb8b2bc927bc6d
cb5d90138e29c163326a6a109a33f41ddff115745532c7268a957eae30a1746e

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/6.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 32136
Last-Modified: Fri, 16 Dec 2022 20:35:56 GMT
Connection: keep-alive
ETag: "639cd6ac-7d88"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/footer.png

31.31.198.210

200 OK

23 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/footer.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
PNG image data, 1280 x 189, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22718 bytes)
Hash
c6b56cf1fbbb63620e8558afde759e96
4d50888d8a17c2dcdbd05e6068ca4b4b587c7f29
34f7601064bb7cc3cce9ba942dd92d7f53889c703daea37bf34e1e71a1de03f8

HTTP Headers

GET /yso/PUBG/1682839537/k/img/footer.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 22718
Last-Modified: Fri, 16 Dec 2022 20:33:54 GMT
Connection: keep-alive
ETag: "639cd632-58be"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/2.png

31.31.198.210

200 OK

37 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/2.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1399x1399, components 3\012- data
Size
37 kB (36557 bytes)
Hash
15c453f6088a1ba600fd46c95e5760ef
d37fa41b7c16fe191f0ee039d4d99e819162658a
af0b0915a7f708a592f16d606fb6edb8a8f272e7125fb676b8a001ca33d873f0

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/2.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 36557
Last-Modified: Fri, 16 Dec 2022 20:35:44 GMT
Connection: keep-alive
ETag: "639cd6a0-8ecd"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/4.png

31.31.198.210

200 OK

35 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/4.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 40", baseline, precision 8, 1280x630, components 3\012- data
Size
35 kB (34983 bytes)
Hash
f1e9cae22df8aeb7ee444d9a3d397fbf
3cb3bc8c51b4df8eec2c19604df184f290ffec0d
55a9ad3c50e162d8d64cad495d0744429e02380eed5cf6965031ae747b92c49c

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/4.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 34983
Last-Modified: Fri, 16 Dec 2022 20:35:46 GMT
Connection: keep-alive
ETag: "639cd6a2-88a7"
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/zero-zone.js

31.31.198.210

200 OK

352 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/zero-zone.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
exported SGML document, ASCII text, with very long lines (612)
Size
352 B (352 bytes)
Hash
f268f16f9d58aa6e3c9a0b271a605b67
8e067ded8a7631705a74120d1f6d7cd83c98531e
dc39d5910056ebf4a1cb447a64b9688b2341cbaa128d08a80a9cdefd130f5861

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/zero-zone.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Fri, 22 Apr 2022 08:48:20 GMT
ETag: W/"35d-5dd3a49d39d00"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/7.png

31.31.198.210

200 OK

45 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/7.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 40", baseline, precision 8, 1280x1280, components 3\012- data
Size
45 kB (44851 bytes)
Hash
e4b767ca844fb384c41a3f21e405ae33
05e1f1880d97e67d59926e1b10ce98b6198ee919
8573888315b1a955c93ef07c80623b7c8fa281cdc96c620899632c1aa2bb184b

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/7.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 44851
Last-Modified: Fri, 16 Dec 2022 20:36:00 GMT
Connection: keep-alive
ETag: "639cd6b0-af33"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/se3low.png

31.31.198.210

200 OK

7.7 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/se3low.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
PNG image data, 750 x 131, 8-bit colormap, non-interlaced\012- data
Size
7.7 kB (7688 bytes)
Hash
2d5d2241530aef48e892f2b579c0b824
c496b1f9fd5c3ef23009871b27f1bc216abce0ac
4bc2ada13f45776ee7d7d0223862caaf4889673b31ab34fc3b374aa4521d5576

HTTP Headers

GET /yso/PUBG/1682839537/k/img/se3low.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 7688
Last-Modified: Fri, 16 Dec 2022 20:34:06 GMT
Connection: keep-alive
ETag: "639cd63e-1e08"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/header/selow.jpg

31.31.198.210

200 OK

33 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/header/selow.jpg
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1072x824, components 3\012- data
Size
33 kB (33274 bytes)
Hash
619bf6f9a5c8fa9f6b89134ae0bd4b57
e93083891c3febceef7bf105504fbeb6ab569292
dcd239d5280b62628666090f93a18221b1ac7c8da30da74041c6a3ac5117a360

HTTP Headers

GET /yso/PUBG/1682839537/k/header/selow.jpg HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/jpeg
Content-Length: 33274
Last-Modified: Fri, 16 Dec 2022 20:36:18 GMT
Connection: keep-alive
ETag: "639cd6c2-81fa"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/8.png

31.31.198.210

200 OK

33 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/8.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 40", baseline, precision 8, 1280x630, components 3\012- data
Size
33 kB (32585 bytes)
Hash
bde910a6247b40b25f6c20b4f76e9d7a
1996a4d5ba71b534e7bbb6ef73381aa2b27a895b
a27d07ea5a8cf896c1bbe4eaaf86781e2ebd6c1be367021b6aadc4161b6c9daa

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/8.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 32585
Last-Modified: Fri, 16 Dec 2022 20:36:02 GMT
Connection: keep-alive
ETag: "639cd6b2-7f49"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/alert-zone.js

31.31.198.210

200 OK

17 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/js-zone/alert-zone.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (64301)
Size
17 kB (16615 bytes)
Hash
aaec3ea5c55ddf4845bd12f9d6db9a76
11bfcfa193a00e7ecb4c4b8a795e3575c4ffa649
3321f2b7fc966d5f2bd3523635750fabd4c7016f0a3ed1e899ff3a0ea67aeff7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/js-zone/alert-zone.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 16 Dec 2022 20:59:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc2a-1d758"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/draw-se3low.png

31.31.198.210

200 OK

37 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/draw-se3low.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Size
37 kB (37441 bytes)
Hash
740c0ad330a21f8a12bb0da4e691ece0
498d25ec4bd60c362dd8073f9809fd6b7762d88d
c61a6dc2ce06107d27e9e03ad380695204a7375da3a9827eec74b7e45fc13117

HTTP Headers

GET /yso/PUBG/1682839537/k/img/draw-se3low.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 37441
Last-Modified: Fri, 16 Dec 2022 20:33:50 GMT
Connection: keep-alive
ETag: "639cd62e-9241"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/9.png

31.31.198.210

200 OK

46 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/9.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x1280, components 3\012- data
Size
46 kB (45920 bytes)
Hash
a203e024de320017b627c99335cfd173
3692568254f986dc774ebcb20c47f29cc684cffd
4468ccef1fd8ab43427715660555f2ce0ed4dc74f9b49100bfc156302572f7f0

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/9.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 45920
Last-Modified: Fri, 16 Dec 2022 20:36:06 GMT
Connection: keep-alive
ETag: "639cd6b6-b360"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/1.png

31.31.198.210

200 OK

7.7 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/reward/1.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Size
7.7 kB (7736 bytes)
Hash
e9eb1b4d3dda89362c7c222c55899095
073298bf5a0e5beb802b4b6eb6d26b53867ec90d
a82e6f8bd0f752c9334e071a8449a94afa80ed2e15546fb22ecbdaf15fd5d590

HTTP Headers

GET /yso/PUBG/1682839537/k/img/reward/1.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 7736
Last-Modified: Fri, 16 Dec 2022 20:35:42 GMT
Connection: keep-alive
ETag: "639cd69e-1e38"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/zero-zone.css

31.31.198.210

200 OK

985 B

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/zero-zone.css
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with CRLF line terminators
Size
985 B (985 bytes)
Hash
d12cb07f453b3b3746b68064d72b1783
f5eff304f10d4b242f84565357f3c5bf7ff4ba23
05ed33ca97cf2a94f9ef74db4fc43d325a06a7fbff6872952ef583d68805233d

HTTP Headers

GET /yso/PUBG/1682839537/k/css-zone/zero-zone.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/css
Last-Modified: Fri, 16 Dec 2022 20:59:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc26-156f"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/style-zone.css

31.31.198.210

200 OK

5.6 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/style-zone.css
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text, with very long lines (415), with CRLF line terminators
Size
5.6 kB (5628 bytes)
Hash
f1c2dd45db176c348ad2575744616bf9
d26943dca6e554a7a6dcea93d64821fb4a2229fb
72c169c6cd838a516e7704a482c28c6b98fb2995a8b7f7566bad84c431a05eea

HTTP Headers

GET /yso/PUBG/1682839537/k/css-zone/style-zone.css HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/css
Last-Modified: Fri, 16 Dec 2022 20:59:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639cdc28-a040"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

31.31.198.210

404 Not Found

65 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
65 kB (64692 bytes)
Hash
86902beebcd625e774d6f7a55f29fc13
afa9fbcbd67e04b9d244814254500a4628e0c568
f20d8f588aef9744359368dc28ebed2c84f33e50efe1c1b8b92749fb5eeb081b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: W/"49318-5f233c396839c"
X-Powered-By: PleskLin
Content-Encoding: gzip

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/container.jpg

31.31.198.210

200 OK

42 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/container.jpg
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1608x804, components 3\012- data
Size
42 kB (41685 bytes)
Hash
ff9363eb3e068a8e2e248f9c5e82c2fb
0c1de1cfe94d0df1c5749678e870baf120ad28f7
50757eead2592d7ab62bb500a938a90e20936055438041e34826f99b1a5a39ce

HTTP Headers

GET /yso/PUBG/1682839537/k/img/container.jpg HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/style-zone.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/jpeg
Content-Length: 41685
Last-Modified: Fri, 16 Dec 2022 20:33:46 GMT
Connection: keep-alive
ETag: "639cd62a-a2d5"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/bg.png

31.31.198.210

200 OK

15 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/bg.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 781x1072, components 3\012- data
Size
15 kB (15392 bytes)
Hash
063f3161e974475a245bda96fbdfb4c7
fddeadae1fe2fe8b2533569125e9ed1eddd06817
58178a9a1545258aaf3e2c91f3b48d40fcd8161239b1eaf44e165b7822707ecd

HTTP Headers

GET /yso/PUBG/1682839537/k/img/bg.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/css-zone/style-zone.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 15392
Last-Modified: Fri, 16 Dec 2022 20:33:38 GMT
Connection: keep-alive
ETag: "639cd622-3c20"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/alert-selow.png

31.31.198.210

200 OK

8.7 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/alert-selow.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
PNG image data, 1280 x 208, 8-bit colormap, non-interlaced\012- data
Size
8.7 kB (8720 bytes)
Hash
8c7417752ea35da6e9d5d9f725959715
1776d9b02d56c779b2dba68899fc9940fb3dfb09
605886e24521321b0ac8562472612af6fe52686a4e9d814c3f8c0a18bcc4f0c9

HTTP Headers

GET /yso/PUBG/1682839537/k/img/alert-selow.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 8720
Last-Modified: Fri, 16 Dec 2022 20:33:34 GMT
Connection: keep-alive
ETag: "639cd61e-2210"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/sub-selow.png

31.31.198.210

200 OK

58 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/sub-selow.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
PNG image data, 1280 x 385, 8-bit colormap, non-interlaced\012- data
Size
58 kB (57535 bytes)
Hash
dde5c5eae9d070d1d2c5a8b42e90bb59
952a1ef19aec74ae1b6b1e0f4f768f3c76bab37d
ec1213676fa1c7060b9bdabd15a733bf38b4b4b7a9a98a271d04ac12a414935c

HTTP Headers

GET /yso/PUBG/1682839537/k/img/sub-selow.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 57535
Last-Modified: Fri, 16 Dec 2022 20:34:08 GMT
Connection: keep-alive
ETag: "639cd640-e0bf"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/box.png

31.31.198.210

200 OK

30 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/img/box.png
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
PNG image data, 480 x 452, 8-bit colormap, non-interlaced\012- data
Size
30 kB (29544 bytes)
Hash
52a550d2e63ef07d113a0fb9e1baeacf
c160a15edf35ca8c92a180da626b812c526bc71b
e37e7a43ec00552897a6cbfc170627410d27d4ec1dad9c3fc97c33bb3713fbd2

HTTP Headers

GET /yso/PUBG/1682839537/k/img/box.png HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: image/png
Content-Length: 29544
Last-Modified: Fri, 16 Dec 2022 20:33:44 GMT
Connection: keep-alive
ETag: "639cd628-7368"
X-Powered-By: PleskLin
Accept-Ranges: bytes

i.postimg.cc/02KwtTc7/footer-bg.jpg

162.19.88.69

200 OK

12 kB

URL HTTP/2
i.postimg.cc/02KwtTc7/footer-bg.jpg
IP
162.19.88.69:0
ASN
#16276 OVH SAS

File type
JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size
12 kB (11651 bytes)
Hash
27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

HTTP Headers

GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:59:46 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.67

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size
13 kB (13324 bytes)
Hash
b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6

HTTP Headers

GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://u1901036.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 21:08:04 GMT
expires: Wed, 24 Jan 2024 21:08:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
age: 298302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.pubgmobile.com/common/images/icon_logo.jpg

23.36.76.227

200 OK

982 kB

URL HTTP/2
www.pubgmobile.com/common/images/icon_logo.jpg
IP
23.36.76.227:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size
982 kB (982437 bytes)
Hash
b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d

HTTP Headers

GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=193
expires: Sat, 28 Jan 2023 08:02:59 GMT
date: Sat, 28 Jan 2023 07:59:46 GMT
X-Firefox-Spdy: h2

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/login.mp3

31.31.198.210

404 Not Found

300 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/login.mp3
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
300 kB (299800 bytes)
Hash
dd9b80110396dbd48765124ade171d5a
16bad8e880de2160c7f62d306f4780714ee58934
3c0e59af71f3793e8dc6b244bc4d7b98bcba74a21e19a46568641bc5aae37ac5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/media/login.mp3 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Content-Length: 299800
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: "49318-5f233c396839c"
Accept-Ranges: bytes
X-Powered-By: PleskLin

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/spin.mp3

31.31.198.210

404 Not Found

300 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/spin.mp3
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
300 kB (299800 bytes)
Hash
dd9b80110396dbd48765124ade171d5a
16bad8e880de2160c7f62d306f4780714ee58934
3c0e59af71f3793e8dc6b244bc4d7b98bcba74a21e19a46568641bc5aae37ac5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/media/spin.mp3 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Content-Length: 299800
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: "49318-5f233c396839c"
Accept-Ranges: bytes
X-Powered-By: PleskLin

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/tutup.mp3

31.31.198.210

404 Not Found

300 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/tutup.mp3
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
300 kB (299800 bytes)
Hash
dd9b80110396dbd48765124ade171d5a
16bad8e880de2160c7f62d306f4780714ee58934
3c0e59af71f3793e8dc6b244bc4d7b98bcba74a21e19a46568641bc5aae37ac5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/media/tutup.mp3 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Content-Length: 299800
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: "49318-5f233c396839c"
Accept-Ranges: bytes
X-Powered-By: PleskLin

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/click_new.mp3

31.31.198.210

404 Not Found

300 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/click_new.mp3
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
300 kB (299800 bytes)
Hash
dd9b80110396dbd48765124ade171d5a
16bad8e880de2160c7f62d306f4780714ee58934
3c0e59af71f3793e8dc6b244bc4d7b98bcba74a21e19a46568641bc5aae37ac5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/media/click_new.mp3 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Content-Length: 299800
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: "49318-5f233c396839c"
Accept-Ranges: bytes
X-Powered-By: PleskLin

fonts.googleapis.com/css2?family=Teko&display=swap

142.250.74.106

200 OK

300 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Teko&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
300 kB (300200 bytes)
Hash
a46960b59f2a104e4ebaf9e78d6f3321
a91d63e02c26b674a54e9df259574f1d6a47105b
93e13a2f484a99457f65dd2ef12282ddaa677976218f71bc2b3c8a8a6cff46ce

HTTP Headers

GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 07:59:45 GMT
date: Sat, 28 Jan 2023 07:59:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/fonts/selow.woff2

31.31.198.210

200 OK

8.2 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/fonts/selow.woff2
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
TrueType Font data, 11 tables, 1st "OS/2", 32 names, Macintosh, Copyright 2014, 2015 Adobe Systems Incorporated (http://www.adobe.com/).pubg-headline-boldRegul\012- data
Size
8.2 kB (8156 bytes)
Hash
46c47ed3c526deb2920d3e0568166bcd
c807bd8c7803733f7fa76134ef1e8102c72e8430
cb43ac49eedab33f20aaf47304230a47a4f0da8e26e76dde2710f37a5aed0978

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/fonts/selow.woff2 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: font/woff2
Content-Length: 8156
Last-Modified: Mon, 05 Sep 2022 13:03:22 GMT
Connection: keep-alive
ETag: "6315f39a-1fdc"
X-Powered-By: PleskLin
Accept-Ranges: bytes

u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/button.mp3

31.31.198.210

404 Not Found

300 kB

URL HTTP/1.1
u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/media/button.mp3
IP
31.31.198.210:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Size
300 kB (299800 bytes)
Hash
dd9b80110396dbd48765124ade171d5a
16bad8e880de2160c7f62d306f4780714ee58934
3c0e59af71f3793e8dc6b244bc4d7b98bcba74a21e19a46568641bc5aae37ac5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /yso/PUBG/1682839537/k/media/button.mp3 HTTP/1.1
Host: u1901036.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/yso/PUBG/1682839537/k/

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 28 Jan 2023 07:59:46 GMT
Content-Type: text/html
Content-Length: 299800
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 Jan 2023 06:50:22 GMT
ETag: "49318-5f233c396839c"
Accept-Ranges: bytes
X-Powered-By: PleskLin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5429aaee3de27568723b6f50c2249fc4
c1783c5963da1891f8b3f3ca302dd710d65eff3b
db008eb8fe6aa9ce5a3a69bc92cce565025338d8b8bf0eff9dff2cb200e291b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB008EB8FE6AA9CE5A3A69BC92CCE565025338D8B8BF0EFF9DFF2CB200E291B3"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3910
Expires: Sat, 28 Jan 2023 09:04:56 GMT
Date: Sat, 28 Jan 2023 07:59:46 GMT
Connection: keep-alive

l.top4top.io/m_1725u5z7i1.mp3

65.21.235.194

206 Partial Content

20 kB

URL HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
65.21.235.194:0
ASN
#24940 Hetzner Online GmbH

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Sat, 28 Jan 2023 07:59:46 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 29 Jan 2023 07:36:26 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Sat, 28 Jan 2023 09:59:46 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 07:49:03 GMT
age: 643
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

a.top4top.io/m_1725zobal2.mp3

51.159.64.45

206 Partial Content

18 kB

URL HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
51.159.64.45:0
ASN
#12876 Online S.a.s.

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
server: nginx
date: Sat, 28 Jan 2023 07:59:46 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 29 Jan 2023 07:36:26 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Sat, 28 Jan 2023 09:59:46 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13380
Expires: Sat, 28 Jan 2023 11:42:46 GMT
Date: Sat, 28 Jan 2023 07:59:46 GMT
Connection: keep-alive

push.services.mozilla.com/

34.210.150.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.150.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M0sIjW9Moc3PCEBGzshFwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DMSDd++5/NTKV0W0pEFylVfoxks=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9104
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:59:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9104
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:59:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9104
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:59:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9104
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:59:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4975 bytes)
Hash
c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XRAeWdoEkbnzXKOs_EdgQ1r9BGOeDNh4FRXm-fv0KiCz4juqk8UKIw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:35 GMT
age: 36013
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 48227
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13376 bytes)
Hash
195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 36246
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9364 bytes)
Hash
f185f0b4f90d06dbb397b44ed9c73dbe
a48e2c369a048447e0e25e4791eb603859391c1c
b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: e556be7b-567a-4c9a-931e-ff6fee42d3a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T8GbFoAMFySg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-6f4476e9388c77a057153277;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LPkLrx7l9Qf_GKdtJq_77RUkvgnKZlCaDN34xsB5bEO8c9VQEJPAew==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
age: 36190
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 35028
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 36182
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://u1901036.plsk.regruhosting.ru
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 261aba72760a3a6804db841b6a5e6feb
cdn-cache: HIT
cf-cache-status: HIT
age: 220802
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 790830c84ccab51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1901036.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 07:59:46 GMT
date: Sat, 28 Jan 2023 07:59:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML