u1818385.plsk.regruhosting.ru/320
31.31.198.189301 Moved Permanently 249 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9be42e666cc32f577930e1decfe265a9
18dc29fc09d9939f3d6344b3852f933445b41bf2
a281fcd457f3b138ed6429f9a1bb0bb7dcbd8b9a0ba493f780ecbe5b7f20bf4b
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /320 HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 06 Nov 2022 21:23:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 249
Connection: keep-alive
Location: http://u1818385.plsk.regruhosting.ru/320/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10778
Expires: Mon, 07 Nov 2022 00:22:39 GMT
Date: Sun, 06 Nov 2022 21:23:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5695
Cache-Control: max-age=139377
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:05:58 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5695
Cache-Control: max-age=139377
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:05:58 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3397
Expires: Sun, 06 Nov 2022 22:19:38 GMT
Date: Sun, 06 Nov 2022 21:23:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bbeOeKVTL54yCc/ccwePQc8dFKQQ2y4Ukanxr82nFgQ9gmJsKpGtV9eko/1+TcffI3ckVrMdNCQ=
x-amz-request-id: BT4KYYBPKXQH9AJC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 21:10:36 GMT
age: 745
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/
31.31.198.189200 OK 9.6 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (5779)
Hash fd36c9da1fafcdca6f16b517d7c6e58b
04eb3f4ca48721e9a192c5b1c923475f5a88c09f
223ece2f6a7e21afb55291baf3e7581914f70ff5ba3918325a3a557a48e68d23
Analyzer Verdict Alert fortinet Phishing
GET /320/ HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28, PleskLin
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 359944
expires: Fri, 27 Oct 2023 21:23:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5uYEqSFzuP%2Bia6hjuJYRRELcA7jJ8KLAJuRQKofaI2Yhti%2Bd6cUQl6Z1VsfGIJeuqIkfk2z2N9xvtF0Ldxnt4cCVvFJ4LAC1v%2FKg%2FEotBt71U3ySSh2aSz3e9MLHrMzNe8tXpnB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7660e34e4ef3b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/index_files/css
31.31.198.189200 OK 14 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/index_files/css
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (1116)
Hash 19ec41b2e2ceb202ce223c1a297aebc4
2005a2c496bcf73deb0d1c76ca92af011c21b0e6
68c453f3e5a0751c766dc4cfa1814f9a37fca7122b1b929d7ecd2f7ff31444cd
Analyzer Verdict Alert fortinet Phishing
GET /320/index_files/css HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/plain
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-f33c"
X-Powered-By: PleskLin
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7bb75cda180838bb141d84bc6237047c
3bfc21e05d99392259a744b8b6246c4e87c121f4
97b56f9370203a7d906a51562dc75f23414138e8d82423410bce14ac5c1fcca2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1686
Cache-Control: max-age=119179
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Etag: "63674daa-117"
Expires: Tue, 08 Nov 2022 06:29:20 GMT
Last-Modified: Sun, 06 Nov 2022 06:01:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
u1818385.plsk.regruhosting.ru/320/css-zone/facebook.css
31.31.198.189200 OK 844 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/css-zone/facebook.css
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash dfd140601557c05f65768678d5ad3f66
81e67ecc3d934999fa92847da6787466e4162a14
7c747c0f804ba1015b6aca6407be4760f59b86fa75f0d567646ad2491857b38c
GET /320/css-zone/facebook.css HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-eb7"
X-Powered-By: PleskLin
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1818385.plsk.regruhosting.ru/320/css-zone/twitter.css
31.31.198.189200 OK 716 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/css-zone/twitter.css
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash ead2c2ae8ed6455548664247119ac745
611e2a8698dd707945a2d695c6c62a28e5f2e4d6
20debadb8dfdea60be97c54a03ba8ce46dbe6ee6843749629c7629a9a622f154
GET /320/css-zone/twitter.css HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-a17"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/css-zone/animate.css
31.31.198.189200 OK 4.7 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/css-zone/animate.css
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash fdec17f65030ba990d90758057daa1a5
fef117fca16e4cddc3e732dc93125acd10a12aad
f0107b433d264c1de870a39e76c2b023b788f6647f3b0c474b3832a52ba58fe9
GET /320/css-zone/animate.css HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-13052"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/js-zone/jquery.js
31.31.198.189200 OK 441 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/js-zone/jquery.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type exported SGML document, ASCII text, with very long lines (1757)
Hash d5089f1c56a860b0b835b5acae96d7fc
f56a38d251d26be48a632bec4a473dfcb33c9a58
e2d35a000b53b305d91211bbeb5fc4a4662e80c00f61888d785779dc9a513e52
Analyzer Verdict Alert fortinet Phishing
GET /320/js-zone/jquery.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-8cd"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/js-zone/main-zone.js
31.31.198.189200 OK 338 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/js-zone/main-zone.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (316)
Hash eed7b486755d28708b21ee3648864b65
82449bfe1d643903e3c4dc04c9f31ab64d11d094
6664de373404d09a7ed19e896cb157635da1cf87cdff9bf498ac5181b490e18d
Analyzer Verdict Alert fortinet Phishing
GET /320/js-zone/main-zone.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
ETag: W/"262-5ecb54495fbb4"
X-Powered-By: PleskLin
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/V9rgBqw/twitter-text.png
51.210.32.106200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 51.210.32.106:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/index_files/gift-zone.js
31.31.198.189200 OK 633 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/index_files/gift-zone.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 040e5558b77010195d6bf5244468ade3
c544fa3385967daeea48a7eb1c02845aa057565f
01bdc74efb5ea57209a953a65e6277a8a67094f4c3b8fa31baafa093741deeab
Analyzer Verdict Alert fortinet Phishing
GET /320/index_files/gift-zone.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-695"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/js-zone/showHide.js
31.31.198.189200 OK 271 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/js-zone/showHide.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash 460af155748a40ddb42f497ae4f5633a
9d845ad6da2fb4f976cde44345e090a5c5c5dc44
55e6394b8d75a2fac3b023a95407530b666dc09f0b420c1a2a2ac11af66a5eda
Analyzer Verdict Alert fortinet Phishing
GET /320/js-zone/showHide.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-433"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/js-zone/slider.js
31.31.198.189200 OK 292 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/js-zone/slider.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash ef673688e8686b8c37b232d9ca5d4b2d
6a9328ac97d22e62e3d56265dd571df171698c63
41aa53868b372fe61303251d067bd3cfe86957a66b0ddfaa75a0ebe4e5946886
Analyzer Verdict Alert fortinet Phishing
GET /320/js-zone/slider.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
ETag: W/"24c-5ecb54495fbb4"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/index_files/jquery.min.js.download
31.31.198.189200 OK 30 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/index_files/jquery.min.js.download
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (65451)
Hash fa20d8437865646e82dc61b9adf6c93e
936b2b3a3757eca48867cf43badef1c608177a28
777efee22cc03118f4e5ba78aef0cf7adb1e8a13fc2b5c60fd220e80472f0188
Analyzer Verdict Alert fortinet Phishing
GET /320/index_files/jquery.min.js.download HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-1538f"
X-Powered-By: PleskLin
Content-Encoding: gzip
i.ibb.co/Wg8qQxh/facebook-text.png
51.210.32.106200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 51.210.32.106:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7bb75cda180838bb141d84bc6237047c
3bfc21e05d99392259a744b8b6246c4e87c121f4
97b56f9370203a7d906a51562dc75f23414138e8d82423410bce14ac5c1fcca2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1686
Cache-Control: max-age=119179
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Etag: "63674daa-117"
Expires: Tue, 08 Nov 2022 06:29:20 GMT
Last-Modified: Sun, 06 Nov 2022 06:01:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
u1818385.plsk.regruhosting.ru/320/img/draw.png
31.31.198.189200 OK 34 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/draw.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 1c993870423e37e0b76b1c59ce3b6633
31e511cac24ab306a33c50f8229ec1fbfc926784
f0a320e9e6d51b0ef6b55c8bedbc1601833a17d419771ab9a472cafc4f1452eb
GET /320/img/draw.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 33620
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-8354"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1818385.plsk.regruhosting.ru/320/img/reward/4.png
31.31.198.189200 OK 17 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/reward/4.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 1f1926f6351aba591d3996d731db2a70
a2a007ac23f21d1c6a85987cd6d4aa3a1a1c5a68
bc77ac9beebb1695ebbe406fa8b60dbbd5609fc9ffe3f9a73116c098b50c9bee
GET /320/img/reward/4.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 16925
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-421d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/reward/2.png
31.31.198.189200 OK 12 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/reward/2.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash e2abd7b39f8ea01b85fb56b44554307f
e8a6711f4baadea7792bb96f83fab13968c4fa69
6eb89043c4dd1d7f3adee2d0d3e9d5dd6bd53a1991623c23eeef8bf5c7ab0399
GET /320/img/reward/2.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 12500
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-30d4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/reward/5.png
31.31.198.189200 OK 13 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/reward/5.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash e55c4992c480bfed386c845911545717
9b391cd37bad06a8a3dd405ff34f459e368d77ae
94f2c4744c26792875fc389e9a7052e36a5a96c3cfcca2c07db7c8340c1b2f58
GET /320/img/reward/5.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 12970
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-32aa"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/reward/1.png
31.31.198.189200 OK 16 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/reward/1.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash bf5c0d1573c43cb3123fd0f459b557b3
8220a7ed257243db24a97bb29d9550b1a647311c
9565c330ff9d5667bc9b4239315e9ee58c02e01a1961e4df3f907d71abe0dd2f
GET /320/img/reward/1.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 15828
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-3dd4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/reward/3.png
31.31.198.189200 OK 19 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/reward/3.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash a70afb816126f28b6a5c1e7dc3153b86
619e03e6a0eb5d2779eebdfdad510c7f59cf982d
a10f3b3779a04abf434f2537a4999890d808fcac15c3b0768f65cdefb108efb9
GET /320/img/reward/3.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 19335
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-4b87"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/header.jpg
31.31.198.189200 OK 47 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/header.jpg
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash e7314e301ca8bcb5754baeca5274c1b8
1a5b16124594ce762313d8489cae6178f605f575
e9de729b034235de899438504e464ec490f9c4f1bc0321cb983e364e445a6f59
GET /320/img/header.jpg HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/jpeg
Content-Length: 47149
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-b82d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/js-zone/zero-zone.js
31.31.198.189200 OK 352 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/js-zone/zero-zone.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type exported SGML document, ASCII text, with very long lines (612)
Hash f268f16f9d58aa6e3c9a0b271a605b67
8e067ded8a7631705a74120d1f6d7cd83c98531e
dc39d5910056ebf4a1cb447a64b9688b2341cbaa128d08a80a9cdefd130f5861
Analyzer Verdict Alert fortinet Phishing
GET /320/js-zone/zero-zone.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
ETag: W/"35d-5ecb54495fbb4"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/js-zone/alert-zone.js
31.31.198.189200 OK 17 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/js-zone/alert-zone.js
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (64301)
Hash aaec3ea5c55ddf4845bd12f9d6db9a76
11bfcfa193a00e7ecb4c4b8a795e3575c4ffa649
3321f2b7fc966d5f2bd3523635750fabd4c7016f0a3ed1e899ff3a0ea67aeff7
Analyzer Verdict Alert fortinet Phishing
GET /320/js-zone/alert-zone.js HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-1d758"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/img/reward/6.png
31.31.198.189200 OK 12 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/reward/6.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash b2bba7b1a407a5585cc8b3e8bf438247
501c3395a5df2ae4462c1738533cc4313c301aa2
d5bf03a063197e8e3cee74be31139826b5556e8ec2266c4cb6eba2d6aa3ff031
GET /320/img/reward/6.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 12261
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-2fe5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
i.postimg.cc/SxQ04Qn4/navbar-logo.png
162.19.88.68200 OK 177 kB URL HTTP/2 i.postimg.cc/SxQ04Qn4/navbar-logo.png
IP 162.19.88.68:0
File type PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (177317 bytes)
Hash d2d4c42a8bef48daa7c8151a838870c9
7ad25c9e369e069f97093188699bd58a2b298888
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587
GET /SxQ04Qn4/navbar-logo.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: image/png
content-length: 177317
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/css-zone/style-zone.css
31.31.198.189200 OK 5.4 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/css-zone/style-zone.css
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (411), with CRLF line terminators
Hash d6a46865783612a04fe9486b0dd616b3
fd38dc1bb347f471f555b5585b9928ff8da8530a
fcb38451b62574548c39cc0e62216248b5f626c0310284fa9aac0c2282bd9637
GET /320/css-zone/style-zone.css HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-78b4"
X-Powered-By: PleskLin
Content-Encoding: gzip
u1818385.plsk.regruhosting.ru/320/css-zone/zero-zone.css
31.31.198.189200 OK 985 B URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/css-zone/zero-zone.css
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with CRLF line terminators
Hash d12cb07f453b3b3746b68064d72b1783
f5eff304f10d4b242f84565357f3c5bf7ff4ba23
05ed33ca97cf2a94f9ef74db4fc43d325a06a7fbff6872952ef583d68805233d
GET /320/css-zone/zero-zone.css HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63662397-156f"
X-Powered-By: PleskLin
Content-Encoding: gzip
i.postimg.cc/02KwtTc7/footer-bg.jpg
162.19.88.68200 OK 12 kB URL HTTP/2 i.postimg.cc/02KwtTc7/footer-bg.jpg
IP 162.19.88.68:0
File type JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Hash 27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/img/container.jpg
31.31.198.189200 OK 45 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/container.jpg
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x960, components 3\012- data
Hash 72991d02516ab3bf69b68b0ec8f31fa4
9b8b5107ca2bf1b9d15bd62157716d48884ab1d7
d2efce0ef640fd6cbcd45f9423c795fe15c129896702c0d989372ebcfbe52807
GET /320/img/container.jpg HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/css-zone/style-zone.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/jpeg
Content-Length: 44725
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-aeb5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/bg.png
31.31.198.189200 OK 37 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/bg.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 802x1280, components 3\012- data
Hash 03b264d0ec5150f6ea4f6f4e250247a2
42fc351b92a3e0ab0f66a984cd8df7514f05c4e4
ec505db2ab20ec53de3973534105ccf7d001dcb389d8b0d9a360834a997e179c
GET /320/img/bg.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/css-zone/style-zone.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 37390
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-920e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/popup-navbar2.png
31.31.198.189200 OK 11 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/popup-navbar2.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2400x277, components 3\012- data
Hash 23045ffba2613acac97930fb4510905f
f2462780d90f112774de6ce9634531682576460e
98b0650cea3c7f9c7269a153958c73149864223756dfb4b77b430d6880569074
GET /320/img/popup-navbar2.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 10619
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-297b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1818385.plsk.regruhosting.ru/320/img/alert.png
31.31.198.189200 OK 18 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/alert.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 1280 x 210, 8-bit colormap, non-interlaced\012- data
Hash 42417ae8733ab24e6596dba5faa40253
8b6fc78707e653972326a31bca628b0faa59f46b
a4c6c8b63214ca8547c6b373f285177dd5607078a989fddce87a4d7ea832dc7f
GET /320/img/alert.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 17535
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-447f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/popup-box-bg2.png
31.31.198.189200 OK 4.2 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/popup-box-bg2.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 845x428, components 3\012- data
Hash bf359110935e26fa939d0c0125701dcb
faf882606952de297a87f4ebe09b7281f0366388
619c30c9f6ab6d1977f2939461456501b0e44ca232d0ef39f04b6d3afd507697
GET /320/img/popup-box-bg2.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 4157
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-103d"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/img/item-off.png
31.31.198.189200 OK 35 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/item-off.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 480 x 472, 8-bit colormap, non-interlaced\012- data
Hash 59560a510c0c42788504cbd19a37b654
0a34ab6f0aa32faf156f494e3830c717248aa9ea
ccd9c875751e673be6bd7a6cd86877a51b51f01879f679614dc1f112874299e5
GET /320/img/item-off.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/css-zone/zero-zone.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 34982
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-88a6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://u1818385.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 21:50:09 GMT
expires: Thu, 02 Nov 2023 21:50:09 GMT
cache-control: public, max-age=31536000
age: 343972
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/img/popup-footer2.png
31.31.198.189404 Not Found 65 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/popup-footer2.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators
Hash 05c3264e84344ce35eef397537edadf9
f81db86808399ddfc3c8d5f59fd948a37395da41
f187d1f51a7584f8c868b1b0c45ff51531d14bcd459ec958abc91206611f047f
GET /320/img/popup-footer2.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 26 Oct 2022 13:11:58 GMT
ETag: W/"49318-5ebefc5054e43"
X-Powered-By: PleskLin
Content-Encoding: gzip
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://u1818385.plsk.regruhosting.ru
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 21:23:02 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d6336cc5b905753ff063c14ce79bc8cb
cdn-cache: HIT
cf-cache-status: HIT
age: 368876
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7660e3517ff10b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
u1818385.plsk.regruhosting.ru/320/fonts/selow.woff2
31.31.198.189200 OK 22 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/fonts/selow.woff2
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type Web Open Font Format (Version 2), TrueType, length 22220, version 1.0\012- data
Hash 345579e8566a3dd6dc9feb5362fbe7e1
df075dd0c26e72fd7df19948f07904c1eaa72ded
1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
Analyzer Verdict Alert fortinet Phishing
GET /320/fonts/selow.woff2 HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:02 GMT
Content-Type: font/woff2
Content-Length: 22220
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-56cc"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
u1818385.plsk.regruhosting.ru/320/img/event-title.png
31.31.198.189200 OK 167 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/img/event-title.png
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 1280 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 167 kB (166672 bytes)
Hash 711aa0e5dc6124c836454e92d607ddd2
0ac0490b708cc2244acc72a6d3374d3265f5ff7c
c0b3fdeca33951d2057458e2cbbc2a903d3002069606237b44e9d753d0564025
GET /320/img/event-title.png HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 21:23:01 GMT
Content-Type: image/png
Content-Length: 166672
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-28b10"
X-Powered-By: PleskLin
Accept-Ranges: bytes
u1818385.plsk.regruhosting.ru/320/media/spin.mp3
31.31.198.189206 Partial Content 133 kB URL HTTP/1.1 u1818385.plsk.regruhosting.ru/320/media/spin.mp3
IP 31.31.198.189:0
ASN #197695 Domain names registrar REG.RU, Ltd
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Size 133 kB (132739 bytes)
Hash 5e6ad4032df296732508803deb114b90
99d585eab4db1d9d5555b5ea4aae2542c5c635e5
9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed
Analyzer Verdict Alert fortinet Phishing
GET /320/media/spin.mp3 HTTP/1.1
Host: u1818385.plsk.regruhosting.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/320/
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 06 Nov 2022 21:23:02 GMT
Content-Type: audio/mpeg
Content-Length: 132739
Last-Modified: Sat, 05 Nov 2022 08:49:27 GMT
Connection: keep-alive
ETag: "63662397-20683"
X-Powered-By: PleskLin
Content-Range: bytes 0-132738/132739
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6214
Cache-Control: max-age=134843
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 21:23:02 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:50:25 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 506e7a9e98f8044d8c68c0eb26923448
93d9c975a864c9e757af197a487bfb02de9fa0d0
7c75717ca726207c3a2950bbaa1ec220d832022ad94746a8532b92eae1aaddb4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C75717CA726207C3A2950BBAA1EC220D832022AD94746A8532B92EAE1AADDB4"
Last-Modified: Sun, 06 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2788
Expires: Sun, 06 Nov 2022 22:09:30 GMT
Date: Sun, 06 Nov 2022 21:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 506e7a9e98f8044d8c68c0eb26923448
93d9c975a864c9e757af197a487bfb02de9fa0d0
7c75717ca726207c3a2950bbaa1ec220d832022ad94746a8532b92eae1aaddb4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C75717CA726207C3A2950BBAA1EC220D832022AD94746A8532B92EAE1AADDB4"
Last-Modified: Sun, 06 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2788
Expires: Sun, 06 Nov 2022 22:09:30 GMT
Date: Sun, 06 Nov 2022 21:23:02 GMT
Connection: keep-alive
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Sun, 06 Nov 2022 21:23:02 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 07 Nov 2022 20:59:42 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Sun, 06 Nov 2022 23:23:02 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Sun, 06 Nov 2022 21:23:02 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Mon, 07 Nov 2022 20:59:42 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Sun, 06 Nov 2022 23:23:02 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=165
expires: Sun, 06 Nov 2022 21:25:47 GMT
date: Sun, 06 Nov 2022 21:23:02 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.250200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 06 Nov 2022 21:23:02 GMT
content-length: 675
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.250200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 06 Nov 2022 21:23:02 GMT
content-length: 526
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_menu.svg
23.36.76.250200 OK 426 B URL HTTP/2 www.pubgmobile.com/en/images/nav_menu.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Hash 76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 06 Nov 2022 21:23:02 GMT
content-length: 426
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.250200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 06 Nov 2022 21:23:02 GMT
content-length: 485
X-Firefox-Spdy: h2
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.250200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=266
expires: Sun, 06 Nov 2022 21:27:28 GMT
date: Sun, 06 Nov 2022 21:23:02 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5yIAsMmiZpTGpttBH5ta6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ieTgrGkBIGtmcxE/f6viblEU3rw=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221667768232025%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221667768232025%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash c82b0d79f739531e01698d71c2fe9ade
20a96ba15b8fdaadf31d25aee8dd53d3c441f58f
ecdd01c502574aaa66141e1144ce6048b27a7472da7d87822f5b8d289e06a118
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221667768232025%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Sun, 06 Nov 2022 21:02:08 GMT
cache-control: public,max-age=3600
last-modified: Sun, 06 Nov 2022 20:57:12 GMT
content-type: application/json
age: 1254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667479036565&_since=%221666204638208%22
34.102.187.140200 OK 4.9 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667479036565&_since=%221666204638208%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (4894), with no line terminators
Hash c43a862e0b736de1064a9559a9e3a813
c5558e68da51b12508ae208f708443aae26886d5
c34e35c82f03798631134437bb34a5954440c4e4551e8759d56f21df16cd5f20
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667479036565&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 4894
via: 1.1 google
date: Sun, 06 Nov 2022 21:08:24 GMT
cache-control: public,max-age=3600
age: 878
last-modified: Thu, 03 Nov 2022 12:37:16 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash c22da7ef9d9661440ea75c23cb583813
45e567955ce3901a1f2d723fdab3c607f7419dd9
2499384fa96f3b1644f5ff8ec2f7a058f5e9b516684e89eb3ff1a1a3060ff053
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: +HJ1eRYCybuIumX9guKpZVRq49Z5pSBBltYQDHuVDQOIT21AXLtqdlYzPITCXQzlRIL2tGEjU6A=
x-amz-request-id: NVC65NEZ5Z94FR4J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 21:17:08 GMT
age: 354
last-modified: Thu, 20 Oct 2022 20:34:01 GMT
etag: "c22da7ef9d9661440ea75c23cb583813"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667692864311&_since=%221666483264567%22
34.102.187.140200 OK 57 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667692864311&_since=%221666483264567%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (56883), with no line terminators
Hash 3acf27ad8b5e9cafe1c6ad42756788ee
1d688887cac117bc1a4b27553c4e962c57497bb9
9b8bda476203c81f3520b2dc1bf44795762fa7b26aa6864614ad46b2085d717a
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667692864311&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 56883
via: 1.1 google
date: Sun, 06 Nov 2022 20:37:39 GMT
cache-control: public,max-age=3600
age: 2724
last-modified: Sun, 06 Nov 2022 00:01:04 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667581976162&_since=%221666279968541%22
34.102.187.140200 OK 8.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667581976162&_since=%221666279968541%22
IP 34.102.187.140:0
File type ASCII text, with very long lines (8380), with no line terminators
Hash 6735f716232f0bae765bafaee1285d31
cae42ef44db344f74192d2758488549446e5bc25
06e55f8970e4ca70a935d9fd4acddaae1c3f96f52d139a21d9d8991356c6dded
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667581976162&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 8380
via: 1.1 google
date: Sun, 06 Nov 2022 20:48:39 GMT
cache-control: public,max-age=3600
age: 2064
last-modified: Fri, 04 Nov 2022 17:12:56 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Hash f8887f4ce8d60a19bc767a27c5aa7a20
4313dbbfa5738ece2219fe88d04c2c7dfae10bfa
8530d746dc49555caa17334b90bf713d67a60f428817c0065792446051632f18
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Sun, 06 Nov 2022 20:51:42 GMT
cache-control: public,max-age=3600
age: 1881
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 1971557ee32481ccb55dd637b351b263
be18a39de55151bb40ab40c95de41468fa47b8a2
cfffc68c1707cfbf7e93112696e899f31e4473c82130180e5767b4889e6c62ee
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Sun, 06 Nov 2022 20:55:30 GMT
cache-control: public,max-age=3600
age: 1653
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22
34.102.187.140200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1300), with no line terminators
Hash c7e9f96e1a2142cb3ec17a1db32add0d
866196b5baab2194581407bdd1297f1934941675
81eb7fe101ad6a8966865dec8d3e0f73b7b81a8b519cb8cfc8abc1846e4c82b9
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1300
via: 1.1 google
date: Sun, 06 Nov 2022 20:25:02 GMT
cache-control: public,max-age=3600
age: 3481
last-modified: Mon, 31 Oct 2022 14:12:00 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3817
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 21:23:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3817
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 21:23:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3817
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 21:23:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3817
Expires: Sun, 06 Nov 2022 22:26:40 GMT
Date: Sun, 06 Nov 2022 21:23:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 57080
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 53704
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 83425
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:07 GMT
age: 83156
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 84853
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 85110
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 21:23:01 GMT
date: Sun, 06 Nov 2022 21:23:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://u1818385.plsk.regruhosting.ru
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 21:23:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b43d1b02ae4f88008f49855d1b34e9b0
cdn-cache: HIT
cf-cache-status: HIT
age: 245693
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7660e34e8c580b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.10:0
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://u1818385.plsk.regruhosting.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 21:23:01 GMT
date: Sun, 06 Nov 2022 21:23:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2