static.enlisted.net/modern-3/de/images/a88d243987e16e7f60367edd131c7746.png
200 OK 82 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/images/a88d243987e16e7f60367edd131c7746.png
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type PNG image data, 1080 x 541, 8-bit colormap, non-interlaced\012- data
Hash 85bf4e9e3ea54037956ebe8b2855c635
a1f53c718d6085cfd95a666e29d26482ebd0c76b
5f50f9b2dec4d9f9b1c2ae4a09dbba689259b2e2d72e0339cffd4187dcc7725d
GET /modern-3/de/images/a88d243987e16e7f60367edd131c7746.png HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/png
content-length: 81548
last-modified: Tue, 07 Nov 2023 10:48:08 GMT
etag: "654a15e8-13e8c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-133980f3180f15ab5f27977eab53c225-bd2f9836d5c30bd2-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-15T10:39:14+00:00
accept-ranges: bytes
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/images/aa49df6140e6686b245b0aadd5abc695.jpg
200 OK 358 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/images/aa49df6140e6686b245b0aadd5abc695.jpg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1080, components 3\012- data
Size 358 kB (358276 bytes)
Hash 9d3dc574a4eb5340b6c55161ad05449c
ab136310da6abc3d4e612b1a9dde22d51567db06
9bff4210e822b4e4fa0259ee7604a04cf4a8bb4816875a7db52479609760eda0
GET /modern-3/de/images/aa49df6140e6686b245b0aadd5abc695.jpg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/jpeg
content-length: 358276
last-modified: Tue, 07 Nov 2023 10:48:08 GMT
etag: "654a15e8-57784"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-0908037b4e8d6e627b57006ff83a1a60-f4230b16dd4d7fe3-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-15T10:39:14+00:00
accept-ranges: bytes
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/images/26456c0c8323150fb783ee6547ebfcb2.png
200 OK 116 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/images/26456c0c8323150fb783ee6547ebfcb2.png
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type PNG image data, 376 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (115460 bytes)
Hash c9dff2977a9533036aecde99b6ba090c
3ff41b20f669fda65897b10c251e30e38164c6f9
2618c6a003eb8a73d9b5c0f9d20f1fbc70051942326cabd7a1c51e07a4bb8f5b
GET /modern-3/de/images/26456c0c8323150fb783ee6547ebfcb2.png HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/png
content-length: 115460
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: "654a15e7-1c304"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-fd846d87841ca67cc50e850aada427d2-82ee80cd59eee9d4-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-15T10:39:14+00:00
accept-ranges: bytes
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Fira+Sans:wght@400;500&display=swap
200 OK 5.9 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Fira+Sans:wght@400;500&display=swap
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 22068eb7285b60b65e167d81cf908977
1f58a7d1e69695324d1bb593be54f460655b468f
00c31c411ee2a0f5dce67976a57fe9d41e319f707cdb8e96d0c701fb28d4dc34
GET /css2?family=Fira+Sans:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 07 Dec 2023 22:12:41 GMT
date: Thu, 07 Dec 2023 22:12:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/darkflow-logo.svg
200 OK 6.2 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/darkflow-logo.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 92a037ff54e1717d569cc876737cac1e
70efd87d83388fed5452cd309851f38d7c4bb23e
2e099ddbfcbecd69480239fb24b01eb2316ef4622777209497f2234d3b1e5685
GET /modern-3/de/fonts/darkflow-logo.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-2d6c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-814f314ef945cfbf8c0cffbf699e9442-a13e97da21a252a2-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
200 OK 33 kB URL GET HTTP/2 fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 33116, version 1.0\012- data
Hash 48b1fa647f5ccfa511cc07a10fc22e55
12e1e0d36983a8d900bc66b4784a6f9b9ace4b60
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
GET /s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:22:11 GMT
expires: Fri, 06 Dec 2024 05:22:11 GMT
cache-control: public, max-age=31536000
age: 60630
last-modified: Tue, 02 May 2023 15:52:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/ps4.svg
200 OK 23 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/ps4.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash fe79aceb5f9f955e770caebfacbc6803
be054304d8b94ac17f72b0e641c511ac30fb085c
82a9c8251f50ded4bca58411e80e58ea40bf0ab0c3c4af18e863664315e82168
GET /modern-3/de/fonts/ps4.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-c72"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-166990eda5c21ab3a6361e3152a591de-afe57d35424a6b58-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/ps5.svg
200 OK 24 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/ps5.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash b651c2f4be6d14c2331b076a8c295def
6869f16d5b337e895614d85fce522c103310a026
98ebed44c91500711323969362d46d223cace35ddbe3ad53f0eb8d4bf6c7b215
GET /modern-3/de/fonts/ps5.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-baa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-27f20fdeb6aaf0636a54f6a1012d28ec-b9bb8fc48a2ea977-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
status.geotrust.com/
471 B IP
Hash 2d1d2cd7db4d79e54c0de5ec9c5bf789
10bb4315771f9f8b702f64605be5557d6a45022d
575d93f58a95ac984b0259909660f5faf6cc930487246642cf6254c987d803bf
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6344
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Thu, 07 Dec 2023 22:12:41 GMT
Last-Modified: Thu, 07 Dec 2023 20:26:57 GMT
Server: ECAcc (ska/F6BD)
X-Cache: HIT
Content-Length: 471
static.enlisted.net/modern-3/de/vendor.js?v=7e77368
200 OK 386 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/vendor.js?v=7e77368
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type gzip compressed data, max speed, from Unix\012- data
Size 386 kB (385981 bytes)
Hash 737991ca262ee1d0d338dc25a8210cd1
316c9e67f0daac3bb11715548f6f03a1b9563a0d
82b7e3db7c536144c966e00e372c7172fdc8212d1097fe50a012485dbbf24f48
GET /modern-3/de/vendor.js?v=7e77368 HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: application/javascript; charset=utf8
last-modified: Mon, 04 Dec 2023 15:21:40 GMT
vary: Accept-Encoding
etag: W/"656dee84-cfa80"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-0e9b9aa24b60519af4e10132bba65e3c-eaf05c23c2f54bc0-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-12-05T02:16:14+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvZW5saXN0ZWQubmV0XC9kZVwvcGxheTRmcmVlXC8%2Fcj1wd25jcHBfMjk1NF82OTg3JnRyYW5zYWN0aW9uX2lkPTQwMDkxYzBhOTAzZjQwNTQ4ODE2OTAyN2FmZjc5YzdkIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJsYW5nX3VybCI6ImRlIiwibGFuZ19nZW8iOiJlbiIsInNhbHQiOiIxYTg5YzZlM2RjMzk2NjRkMzE0Y2Q0YmI4NTQzODYzYSJ9&public_key=ts9573zKtE7DgVf2TZxt&crc=431f56108388288858c0c879df4ab9a1
200 OK 99 B URL GET HTTP/1.1 uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvZW5saXN0ZWQubmV0XC9kZVwvcGxheTRmcmVlXC8%2Fcj1wd25jcHBfMjk1NF82OTg3JnRyYW5zYWN0aW9uX2lkPTQwMDkxYzBhOTAzZjQwNTQ4ODE2OTAyN2FmZjc5YzdkIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJsYW5nX3VybCI6ImRlIiwibGFuZ19nZW8iOiJlbiIsInNhbHQiOiIxYTg5YzZlM2RjMzk2NjRkMzE0Y2Q0YmI4NTQzODYzYSJ9&public_key=ts9573zKtE7DgVf2TZxt&crc=431f56108388288858c0c879df4ab9a1
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerDigiCert Inc
Subject*.gaijin.net
FingerprintD7:CC:19:F7:50:42:FE:24:D0:2F:48:55:40:FF:CE:88:55:1B:DD:AB
ValidityTue, 14 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0f33714c87d4bac235a575f42cde5712
75b3f2fcd2376207fc0edd3628e0393dd13ac3da
8bafcfa87f73694b56ed9d5b601a7179d1d0683d8dcedc6b1e7f201791065634
GET /track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvZW5saXN0ZWQubmV0XC9kZVwvcGxheTRmcmVlXC8%2Fcj1wd25jcHBfMjk1NF82OTg3JnRyYW5zYWN0aW9uX2lkPTQwMDkxYzBhOTAzZjQwNTQ4ODE2OTAyN2FmZjc5YzdkIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJsYW5nX3VybCI6ImRlIiwibGFuZ19nZW8iOiJlbiIsInNhbHQiOiIxYTg5YzZlM2RjMzk2NjRkMzE0Y2Q0YmI4NTQzODYzYSJ9&public_key=ts9573zKtE7DgVf2TZxt&crc=431f56108388288858c0c879df4ab9a1 HTTP/1.1
Host: uep.gaijin.net:8383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Powered-By: Express
Date: Thu, 07 Dec 2023 22:12:41 GMT
Connection: keep-alive
Content-Length: 99
fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@400;500&family=PT+Serif&family=Playfair+Display&display=swap
200 OK 29 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@400;500&family=PT+Serif&family=Playfair+Display&display=swap
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 8b9a116e1bf38b2ee46ad537c9d0f180
5beb54b9256785b2a9ad4f57dbbbe1d397e9775f
83e1186d76c289ff8a69b4bd321f4f8bcd19eb293079912ec2fe2808ac00b9bb
GET /css2?family=Fira+Sans+Condensed:wght@400;500&family=PT+Serif&family=Playfair+Display&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 07 Dec 2023 22:12:41 GMT
date: Thu, 07 Dec 2023 22:12:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.enlisted.net/favicon.ico
200 OK 4.3 kB URL GET HTTP/2 static.enlisted.net/favicon.ico
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 0e18e8419c0dc9882ddf01065c8aabde
53b8a29e63f588d36e4e14134b6f562c08ed6fd9
a9ea77a88fa39213767a2f627c208c488690a9419d5edcdd2eacc4beb838c5e0
GET /favicon.ico HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Thu, 13 Jul 2023 08:17:09 GMT
etag: "64afb305-10be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-da82eeb1fc27d95f35a6df0ff3844f68-c1ec645fa997d1cd-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-07-18T06:55:37+00:00
accept-ranges: bytes
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/images/46691d86af35e0251bd1ffa4e173f40e.png
200 OK 4.9 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/images/46691d86af35e0251bd1ffa4e173f40e.png
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type PNG image data, 40 x 406, 8-bit colormap, non-interlaced\012- data
Hash 73ae03c9d7d6aebc3e873b088aa4a102
d8caf6bcc4ecd82c967241049a2e362387311aa9
c2a232d172e09829a81d4b04027a226ab5c666fde6cb204b3e868fc9651f389c
GET /modern-3/de/images/46691d86af35e0251bd1ffa4e173f40e.png HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: image/png
content-length: 4924
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: "654a15e7-133c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-0dff4826cdebe6a189cc4b21c884a0f7-fefaa62f0a55e5b3-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
accept-ranges: bytes
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/i/lp/back.mp4
206 Partial Content 29 kB URL GET HTTP/2 static.enlisted.net/i/lp/back.mp4
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
Hash 5864be247f2c36888ed57f8e46eb8e9a
0d8f0c24df469000667685ea7ed5ab91a9b03b28
f20b2a70534ef328270bb3f2214490ccd90de43bd877adb0ac6b2cb4055a431a
GET /i/lp/back.mp4 HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Range: bytes=9994240-
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: video/mp4
content-length: 28885
last-modified: Thu, 13 Jul 2023 08:17:08 GMT
etag: "64afb304-98f0d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-ef4e3339257cc3f37399add590439934-40fdaeeb32abfb55-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-07-18T06:55:36+00:00
content-range: bytes 9994240-10023124/10023125
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-B6DR73915T&l=dataLayer&cx=c
200 OK 96 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-B6DR73915T&l=dataLayer&cx=c
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type Unicode text, UTF-8 text, with very long lines (7711)
Hash a6c5f3c7b40616a302212553d4dd8cdf
db922e6de31340606fe2c0ca9ddb7f482d2404a6
63a84ddfd22cd8064a63040ca83de76d15126103e8d88b32f75611bcca3151b6
GET /gtag/js?id=G-B6DR73915T&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 07 Dec 2023 22:12:42 GMT
expires: Thu, 07 Dec 2023 22:12:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.enlisted.net/i/lp/back.mp4
206 Partial Content 1.5 MB URL GET HTTP/2 static.enlisted.net/i/lp/back.mp4
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.5 MB (1523656 bytes)
Hash 238d4c1caa20d4d36cd17b19b03e9e28
4b56e16aab40d7a7be93f2db8cd6887300983e42
424a998925394e222c95a9391e74eae2e5e2c86414967b61c2b4d5e0dd571e44
GET /i/lp/back.mp4 HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Range: bytes=0-
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: video/mp4
content-length: 10023125
last-modified: Thu, 13 Jul 2023 08:17:08 GMT
etag: "64afb304-98f0d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-a6b5388dee3e01962778612e95776233-57ed8fbb5387162d-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-07-18T06:55:36+00:00
content-range: bytes 0-10023124/10023125
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/i/lp/back.ogv
206 Partial Content 33 kB URL GET HTTP/2 static.enlisted.net/i/lp/back.ogv
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
Hash 7301d66df13d21662419a5d2fe29c72e
8f3252a68b26d1146c30dac7b7ce1bd0ed9a76fc
d3f6263bef3b0c39a1ef0f11b06caddc3f3babc5a48527ddaef7474a4d190d4c
GET /i/lp/back.ogv HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Range: bytes=9797632-
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==; _gcl_au=1.1.1935178373.1701987169
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: application/octet-stream
content-length: 32556
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: "654a15e7-95ff2c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-5f06f321f88d436555b3ab5304a8af4d-f6dd0160af0271db-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-27T12:08:12+00:00
content-range: bytes 9797632-9830187/9830188
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
200 OK 2.2 MB URL GET HTTP/2 static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type gzip compressed data, max speed, from Unix\012- data
Size 2.2 MB (2189877 bytes)
Hash b231ca7322f7fa80c25fe1908af478f7
392988952cd07bb934101a6167e6406e125ada26
611679886faa900c3369951f35d5b1967391b559c6acd0dfde5afac58b684c18
GET /modern-3/de/landings/play4free.styles.css?v=7e77368 HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: text/css
last-modified: Mon, 04 Dec 2023 15:21:40 GMT
vary: Accept-Encoding
etag: W/"656dee84-16387"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-3c4239576e85d3e14ffca53c6768b332-2674b225ed45f7a4-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-12-05T02:16:14+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DDF110830CCE4A10A416B56B91D4700D Ref B: OSL30EDGE0522 Ref C: 2023-12-07T22:12:42Z
date: Thu, 07 Dec 2023 22:12:42 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B6DR73915T&cid=505505141.1701987169>m=45je3bt0v9106709941z879387493&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=984387516
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B6DR73915T&cid=505505141.1701987169>m=45je3bt0v9106709941z879387493&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=984387516
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B6DR73915T&cid=505505141.1701987169>m=45je3bt0v9106709941z879387493&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=984387516 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 22:12:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 6.3 kB IP
ASN #203220 Yahoo! UK Services Limited
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (18187), with no line terminators
Hash 5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 8SCFBdYrTauVwKiuK2eqChr9863shtF7zPKNakvgiwvd6dTsPdcVrV6jllhwYs9xuAyjWtsVb5A=
x-amz-request-id: 5P88J6CATXBKVC6X
date: Thu, 07 Dec 2023 22:05:38 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 425
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5665554&Ver=2&mid=a0239e3b-f9ed-4e05-8d75-604e887acf75&sid=c1f815d0954d11ee87d1a7e6136ee26b&vid=c1f84d20954d11eea58513683d2510d4&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&p=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&r=<=1596&evt=pageLoad&sv=1&rn=363127
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5665554&Ver=2&mid=a0239e3b-f9ed-4e05-8d75-604e887acf75&sid=c1f815d0954d11ee87d1a7e6136ee26b&vid=c1f84d20954d11eea58513683d2510d4&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&p=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&r=<=1596&evt=pageLoad&sv=1&rn=363127
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5665554&Ver=2&mid=a0239e3b-f9ed-4e05-8d75-604e887acf75&sid=c1f815d0954d11ee87d1a7e6136ee26b&vid=c1f84d20954d11eea58513683d2510d4&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&p=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&r=<=1596&evt=pageLoad&sv=1&rn=363127 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=38C4C070EA7066E61513D390EB856726; domain=.bing.com; expires=Tue, 31-Dec-2024 22:12:42 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8E04B5C272F0485389BBFBC171ECCED7 Ref B: OSL30EDGE0522 Ref C: 2023-12-07T22:12:42Z
date: Thu, 07 Dec 2023 22:12:42 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=902298826.1701987169&url=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F&dma_cps=sypham&dma=1>m=45He3bt0n81TFJVH5Fv79387493&auid=1935178373.1701987169
302 Found 42 B URL POST HTTP/2 www.google.com/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=902298826.1701987169&url=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F&dma_cps=sypham&dma=1>m=45He3bt0n81TFJVH5Fv79387493&auid=1935178373.1701987169
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=902298826.1701987169&url=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F&dma_cps=sypham&dma=1>m=45He3bt0n81TFJVH5Fv79387493&auid=1935178373.1701987169 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 22:12:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=902298826.1701987169&url=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F&dma_cps=sypham&dma=1>m=45He3bt0n81TFJVH5Fv79387493&auid=1935178373.1701987169
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
edge.cookiefirst.com/prod/location?origin=enlisted.net
200 OK 66 B URL GET HTTP/2 edge.cookiefirst.com/prod/location?origin=enlisted.net
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 3d6d1675bc7020997c537178fe516c15
d71a3934122b0a38385c450f5fc51b119e7b3262
805b7e90165f29b83a83e995525324345ba832afc25bd5a79e08ee35e14e5a2d
GET /prod/location?origin=enlisted.net HTTP/1.1
Host: edge.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:43 GMT
content-type: application/json; charset=utf-8
content-length: 66
server: BunnyCDN-NO1-830
cdn-pullzone: 717911
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
access-control-allow-origin: https://enlisted.net
cache-control: public, max-age=1200
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2023 22:12:43
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6e87349b743ce061a683841c0d423c5f
cdn-cache: BYPASS
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-B6DR73915T>m=45je3bt0v9106709941z879387493&_p=1701987168037&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=505505141.1701987169&ul=en-us&sr=1280x1024&_s=1&sid=1701987169&sct=1&seg=0&dl=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&dt=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2184
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-B6DR73915T>m=45je3bt0v9106709941z879387493&_p=1701987168037&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=505505141.1701987169&ul=en-us&sr=1280x1024&_s=1&sid=1701987169&sct=1&seg=0&dl=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&dt=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2184
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B6DR73915T>m=45je3bt0v9106709941z879387493&_p=1701987168037&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=505505141.1701987169&ul=en-us&sr=1280x1024&_s=1&sid=1701987169&sct=1&seg=0&dl=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&dt=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2184 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://enlisted.net
date: Thu, 07 Dec 2023 22:12:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.enlisted.net/i/lp/back.ogv
206 Partial Content 8.5 MB URL GET HTTP/2 static.enlisted.net/i/lp/back.ogv
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
Size 8.5 MB (8453932 bytes)
Hash 4565a2318a15591bd6e85059fd8f7589
e09241b2f45514fe8b4d6c6c306f29caeefef88b
72e1aecec3cc89e3b77e393d087ceaf64b13efc10a16d0cdb5a9175eec9b383a
GET /i/lp/back.ogv HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Range: bytes=1376256-
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==; _gcl_au=1.1.1935178373.1701987169; _ga_B6DR73915T=GS1.1.1701987169.1.0.1701987169.60.0.0; _ga=GA1.1.505505141.1701987169; _uetsid=c1f815d0954d11ee87d1a7e6136ee26b; _uetvid=c1f84d20954d11eea58513683d2510d4
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: application/octet-stream
content-length: 8453932
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: "654a15e7-95ff2c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-d60850519628bc2dd23f27fbb6c84dc0-258a8f2c6739241d-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-27T12:08:12+00:00
content-range: bytes 1376256-9830187/9830188
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10020777.json
200 OK 2 B URL GET HTTP/2 s.yimg.com/wi/config/10020777.json
IP
ASN #203220 Yahoo! UK Services Limited
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10020777.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: FXKXN6AMP6J0YXQA
x-amz-id-2: TwuJZMiSNECeStpLlO7G2d5NrSo3hOJ1Hrn6QGBiObqVZXSdCeZ7GCdPi7DIKU9XYGPfZscR0rk=
content-type: application/json
date: Thu, 07 Dec 2023 21:16:48 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 3356
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
consent.cookiefirst.com/banner/v2.14.0/static-main/233.362b.c.css
200 OK 127 B URL GET HTTP/2 consent.cookiefirst.com/banner/v2.14.0/static-main/233.362b.c.css
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 526f8c46ab131ab5d52e4848cb9a78c0
341f9f54fe9759f375e824c08c57cf026ef2eb67
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
GET /banner/v2.14.0/static-main/233.362b.c.css HTTP/1.1
Host: consent.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:43 GMT
content-type: text/css
content-length: 127
server: Cookie First CDN-NO1-830
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
etag: "6571aff3-7f"
last-modified: Thu, 07 Dec 2023 11:43:47 GMT
cdn-storageserver: SE-318
cdn-fileserver: 584
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2023 11:43:54
cdn-edgestorageid: 830
visitor-location: NO
cdn-status: 200
cdn-requestid: 97d4656ddce5686527de3c5173d0da9a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
consent.cookiefirst.com/banner/v2.14.0/static-main/233.8420.c.js
200 OK 96 B URL GET HTTP/2 consent.cookiefirst.com/banner/v2.14.0/static-main/233.8420.c.js
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash cba801e05e2f6008846a8e5793d14fbd
abbba71a707e841765d3d59e198d9070afced1c2
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
GET /banner/v2.14.0/static-main/233.8420.c.js HTTP/1.1
Host: consent.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:43 GMT
content-type: application/javascript
content-length: 96
server: Cookie First CDN-NO1-830
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
etag: "6571aff3-60"
last-modified: Thu, 07 Dec 2023 11:43:47 GMT
cdn-storageserver: SE-344
cdn-fileserver: 584
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2023 11:43:54
cdn-edgestorageid: 830
visitor-location: NO
cdn-status: 200
cdn-requestid: f7944b98f5b42dac0e41d48deab73e47
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
bat.bing.com/p/action/5665554.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/5665554.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5665554.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 810FF3E8CC1A4BA2B4C50E2CBE029C97 Ref B: OSL30EDGE0522 Ref C: 2023-12-07T22:12:43Z
date: Thu, 07 Dec 2023 22:12:43 GMT
X-Firefox-Spdy: h2
consent.cookiefirst.com/sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/lang-widget-en.json?v=2658e67f-233d-4e09-b043-16ffb57cdbb2
200 OK 4.1 kB URL GET HTTP/2 consent.cookiefirst.com/sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/lang-widget-en.json?v=2658e67f-233d-4e09-b043-16ffb57cdbb2
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (9106), with no line terminators
Hash f2828b05a068a35a61c9ea5fd9c30f34
0369f59ff87cedba317c9c54a694b50882e2f3de
07a3230638b3bd66d7b5d500f0278b759bcda3dc9ed55fb566b38931845803fb
GET /sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/lang-widget-en.json?v=2658e67f-233d-4e09-b043-16ffb57cdbb2 HTTP/1.1
Host: consent.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:43 GMT
content-type: application/json
vary: Accept-Encoding
server: Cookie First CDN-NO1-830
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
etag: W/"656bf40c-2392"
last-modified: Sun, 03 Dec 2023 03:20:44 GMT
cdn-storageserver: SE-318
cdn-fileserver: 585
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2023 04:58:10
cdn-edgestorageid: 830
visitor-location: NO
cdn-status: 200
cdn-requestid: fc53a6d3dbe951669a63955b938a0529
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
script.anura.io/response.json
200 OK 63 B URL POST HTTP/2 script.anura.io/response.json
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 82187a7c7888999d64bf8f473b5bafde
560895edfc007a4a955465c5eb4a556103ca503b
b3f5a89d6c6e5ff5466d8b775b87a090f6c1d18e74d24dbfafe946f0d7a00d2a
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4910
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:45 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-B6DR73915T>m=45je3bt0v9106709941&_p=1701987168037&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=505505141.1701987169&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701987169&sct=1&seg=0&dl=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&dt=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&en=scroll&epn.percent_scrolled=90&tfd=7222
204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-B6DR73915T>m=45je3bt0v9106709941&_p=1701987168037&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=505505141.1701987169&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701987169&sct=1&seg=0&dl=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&dt=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&en=scroll&epn.percent_scrolled=90&tfd=7222
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B6DR73915T>m=45je3bt0v9106709941&_p=1701987168037&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=505505141.1701987169&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701987169&sct=1&seg=0&dl=https%3A%2F%2Fenlisted.net%2Fde%2Fplay4free%2F%3Fr%3Dpwncpp_2954_6987%26transaction_id%3D40091c0a903f405488169027aff79c7d&dt=Enlisted%20ist%20ein%20Trupp%20basierter%20MMO-Shooter%20im%20Zweiten%20Weltkrieg.%20Jetzt%20spielen!&en=scroll&epn.percent_scrolled=90&tfd=7222 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
access-control-allow-origin: https://enlisted.net
date: Thu, 07 Dec 2023 22:12:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.enlisted.net/modern-3/de/images/59025fa3883ccadaaca5f2c8d2beecfb.png
200 OK 5.2 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/images/59025fa3883ccadaaca5f2c8d2beecfb.png
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type PNG image data, 136 x 136, 8-bit colormap, non-interlaced\012- data
Hash 9485d4a367f663a6728b7d69fd6f3a1a
7a434a7bfb9dea7ec5f1c17167de5b8376145c45
f4c8dd99b4b7c8c1020221f69db68c094f515d62cb2befac7acafa3ca7e48bab
GET /modern-3/de/images/59025fa3883ccadaaca5f2c8d2beecfb.png HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/png
content-length: 5238
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: "654a15e7-1476"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-97695719467224b620d906ae537d11ee-7904a742a24c639e-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
accept-ranges: bytes
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/rate-esrb.svg
200 OK 6.7 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/rate-esrb.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6856), with no line terminators
Hash 82154c52b46cc6b930f468dcfe6fa0e0
645171115a46b8f7d1115d3a35b757c6ed6f65ea
264c952a03ee8318d01d4d7c437ee3fc9e765c05224bc15b92e1811dd71a9eef
GET /modern-3/de/fonts/rate-esrb.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-1a4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-7b843e046ec5ec12a9d6958383870c0f-43195868da80474f-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/landings/play4free.js?v=7e77368
200 OK 138 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/landings/play4free.js?v=7e77368
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
Size 138 kB (137820 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /modern-3/de/landings/play4free.js?v=7e77368 HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
DNT: 1
Connection: keep-alive
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: application/javascript; charset=utf8
last-modified: Mon, 04 Dec 2023 15:21:41 GMT
vary: Accept-Encoding
etag: W/"656dee85-21a5c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-be99659267d500d9be50a9b60e22f825-99ac6af83588feb6-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-12-05T02:16:14+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
200 OK 7.3 kB URL User Request GET HTTP/2 enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
IP
Certificate IssuerDigiCert Inc
Subject*.enlisted.net
Fingerprint8E:32:75:2A:17:33:15:E8:24:1A:4F:60:B5:C1:3C:67:FA:CB:79:B1
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 03 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (7589), with no line terminators
Hash 788ad80c571d82626e717d8dc91b28bf
2112395c39e0f04ea6ff17346af69693721eef91
69c9decb7945886334b880f5caa7423d5552ad76c8de24201e288bb4376d2e69
GET /de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d HTTP/1.1
Host: enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.3
set-cookie: identity_sid=aqjhjepqbvbtjavb4v462d4018; expires=Thu, 21-Dec-2023 22:12:40 GMT; Max-Age=1209600; path=/
language=de; expires=Fri, 06-Dec-2024 22:12:40 GMT; Max-Age=31536000; path=/; domain=enlisted.net; HttpOnly
afsId=0C0F13AC584372650B0AA96D02CE2A06; expires=Fri, 06-Dec-2024 22:12:40 GMT; Max-Age=31536000; path=/; domain=enlisted.net
partner_info=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=enlisted.net
partner_info=aHR0cHM6Ly9lbmxpc3RlZC5uZXQvZGUvcGxheTRmcmVlLz9yPXB3bmNwcF8yOTU0XzY5ODcmdHJhbnNhY3Rpb25faWQ9NDAwOTFjMGE5MDNmNDA1NDg4MTY5MDI3YWZmNzljN2Q%253D; expires=Sat, 06-Jan-2024 22:12:40 GMT; Max-Age=2592000; path=/; HttpOnly
ref_name=pwncpp; path=/; domain=enlisted.net; HttpOnly
conntrack=rBMPDGVyQ1htqQoLBirOAg==; expires=Fri, 06-Dec-24 22:12:40 GMT; domain=enlisted.net; path=/
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Thu, 07 Dec 2023 21:12:40 +0000
last-modified: Thu, 07 Dec 2023 22:12:40 GMT
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83201c887df52d7b-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/rate-pegi.svg
200 OK 32 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/rate-pegi.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (26525)
Hash 4bab8e36eb3e38bfb9d73d9c31845361
4d98e3742c804fd3ededa94cbc52fab265edf67f
ac8701bea460052886ce8e9daa2f19597ec100f22b7b98e92d47b6f124253485
GET /modern-3/de/fonts/rate-pegi.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-7da2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-db3027c5acf389229f3a50906789aca0-eecf43df93547c4c-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 22760, version 1.0\012- data
Hash f74a85e271c48b935b5caad45ecfecb8
e548a8fd4003f1dd4e20df7bf4dda3f1ff8d066f
bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98
GET /s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:49:59 GMT
expires: Fri, 06 Dec 2024 15:49:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:46:06 GMT
content-type: font/woff2
age: 22962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TFJVH5F
200 OK 268 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TFJVH5F
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (10060)
Size 268 kB (267643 bytes)
Hash 41542c3ad8ad03aefa44d2c38a2f4132
657faf287ef42003cfc72580975a9e8faf12beec
109f4e3d4eb655645af2612e5e695a59389263bf5b7c89fec3ac9d61c0a7cf00
GET /gtm.js?id=GTM-TFJVH5F HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 07 Dec 2023 22:12:41 GMT
expires: Thu, 07 Dec 2023 22:12:41 GMT
cache-control: private, max-age=900
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/xbox.svg
200 OK 11 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/xbox.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11114)
Hash 7f313f4004687a7f3b7bf4b075b58727
f3939e0ce9792dbd9053167188b83365b6338b8c
0637fd9eed05254988ec91c4146df5a99fdaaca21e41babc4f3e7e45126037ca
GET /modern-3/de/fonts/xbox.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-2bd4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-9efd04e65666fc5aa923c0a26e7b067d-1b823b5ac49e11a8-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/incubator-logo.svg
200 OK 1.8 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/incubator-logo.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1959), with no line terminators
Hash 9445e7e79ab18bf21c5f1e69d6eb0fec
401a6bd57bc96e1499889271d9bd23bfd1a9c14f
5f26b252068a04e87179091f460a9c0ae441f5961783533c2dd87afa1fc9cb35
GET /modern-3/de/fonts/incubator-logo.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-727"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-c887d96f9680ce271d003c54da045ad2-7d38eb5f1df5bbfb-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
consent.cookiefirst.com/banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true
200 OK 67 kB URL GET HTTP/2 consent.cookiefirst.com/banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 83f4f5f950828c857f200db056b438b0
4c0b5d99c8da71ff2e6c6a40295723aa8c9b1139
5c520fc03f125487840c1d1465b57bc9b88b7f433e8c59c51ccc4cd7b9897f86
GET /banner.js?cookiefirst-key=8cb9e23d-5278-44b4-bcc2-a27e465e218e&stealth-mode=true&language=inherit&silent-mode=true HTTP/1.1
Host: consent.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: application/javascript
server: Cookie First CDN-NO1-830
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
etag: W/"6571aff4-105ea"
last-modified: Thu, 07 Dec 2023 11:43:48 GMT
cdn-storageserver: SE-344
cdn-fileserver: 584
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2023 11:43:53
cdn-edgestorageid: 830
visitor-location: NO
cdn-status: 200
cdn-requestid: bf0e52b17594272f2a08944aee19869f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
consent.cookiefirst.com/sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/version.json?v=1701987169065
200 OK 44 B URL GET HTTP/2 consent.cookiefirst.com/sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/version.json?v=1701987169065
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 9a89ce1998ca6aef17904a4500a90bad
0255c98aa56cc82f7854661a104d8835931c99bc
342a56bb912391c00ef25cb98434902b4f9c7f496b7960b58b52316468a62b34
GET /sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/version.json?v=1701987169065 HTTP/1.1
Host: consent.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: application/json
content-length: 44
server: Cookie First CDN-NO1-830
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=15
etag: "656bf418-2c"
last-modified: Sun, 03 Dec 2023 03:20:56 GMT
cdn-storageserver: SE-318
cdn-fileserver: 584
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/07/2023 22:12:42
cdn-edgestorageid: 830
visitor-location: NO
cdn-status: 200
cdn-requestid: f474ad00d43e0b48a69da2e4d6743c7f
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
200 OK 22 kB URL GET HTTP/2 fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 21904, version 1.0\012- data
Hash b2b5842c6021423696628cab2e05f8d8
31289f7b49287467078233702056c6b44f5b1eb2
5c49dba84c1cbff67508623a16507105bde5be084f2beabcc276b03c4555968e
GET /s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:45:12 GMT
expires: Fri, 06 Dec 2024 15:45:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:43:42 GMT
content-type: font/woff2
age: 23249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
consent.cookiefirst.com/sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/config.json?v=2658e67f-233d-4e09-b043-16ffb57cdbb2
200 OK 2.4 kB URL GET HTTP/2 consent.cookiefirst.com/sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/config.json?v=2658e67f-233d-4e09-b043-16ffb57cdbb2
IP
ASN #34989 ServeTheWorld AS
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerSectigo Limited
Subject*.cookiefirst.com
Fingerprint75:22:79:6F:76:D4:CF:AF:D0:13:47:69:F9:3C:80:A6:0A:6A:E4:2F
ValidityTue, 05 Dec 2023 00:00:00 GMT - Mon, 16 Dec 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2753), with no line terminators
Hash d59efd31cf7e3324fb6849a283d9feab
aa3c7b0d35f6c185eafd2f5b54f9fe003aeabcde
9cd430073a56e6c20a52e9df2704a82e99e35842d898f5a218acd53c91142033
GET /sites/enlisted.net-8cb9e23d-5278-44b4-bcc2-a27e465e218e/config.json?v=2658e67f-233d-4e09-b043-16ffb57cdbb2 HTTP/1.1
Host: consent.cookiefirst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:42 GMT
content-type: application/json
vary: Accept-Encoding
server: Cookie First CDN-NO1-830
cdn-pullzone: 236985
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=30
etag: W/"656bf40a-94b"
last-modified: Sun, 03 Dec 2023 03:20:42 GMT
cdn-storageserver: SE-344
cdn-fileserver: 585
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2023 03:55:41
cdn-edgestorageid: 830
visitor-location: NO
cdn-status: 200
cdn-requestid: 241f8c5c65dc67356f3878682e07a0c1
cdn-cache: REVALIDATED
content-encoding: br
X-Firefox-Spdy: h2
static.enlisted.net/modern-3/de/fonts/rate-usk.svg
200 OK 7.6 kB URL GET HTTP/2 static.enlisted.net/modern-3/de/fonts/rate-usk.svg
IP
ASN #58286 Electric-IT Business S.R.L.
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerLet's Encrypt
Subjectstatic.enlisted.net
Fingerprint5D:2C:F2:9A:22:3C:14:87:0A:E3:A4:A2:B6:47:A4:AA:4C:37:F9:BA
ValidityMon, 09 Oct 2023 08:50:44 GMT - Sun, 07 Jan 2024 08:50:43 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7686), with no line terminators
Hash 3880d47ec3fd2e184dd9f6f259c23cf1
703fde330960b97fdbaf4858baaa51dc404dc69f
755e3b596135912e2c496b7aa461e76ce365d02c999f09a667e8629cc0aa516f
GET /modern-3/de/fonts/rate-usk.svg HTTP/1.1
Host: static.enlisted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.enlisted.net/modern-3/de/landings/play4free.styles.css?v=7e77368
Cookie: language=de; afsId=0C0F13AC584372650B0AA96D02CE2A06; ref_name=pwncpp; conntrack=rBMPDGVyQ1htqQoLBirOAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 22:12:41 GMT
content-type: image/svg+xml
last-modified: Tue, 07 Nov 2023 10:48:07 GMT
etag: W/"654a15e7-1dd0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
traceparent: 00-c107a3e068db89b1d0c494c2840c63fe-9c37846bd25d9e0d-01
x-id: osix-hw-edge-gc4
access-control-allow-origin: *
cache: HIT
x-cached-since: 2023-11-18T22:10:46+00:00
content-encoding: gzip
x-id-fe: osix-hw-edge-gc4
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 22768, version 1.0\012- data
Hash 57f3ab8371bc1d52ab587aab7f9f6ec3
00144246ebbb7685d1d9e998fedfa289c8bd69eb
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
GET /s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:41 GMT
expires: Fri, 06 Dec 2024 15:44:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
content-type: font/woff2
age: 23280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=3952744944&exid=0C0F13AC584372650B0AA96D02CE2A06&source=pwncpp&campaign=2954_6987&832490420260
200 OK 56 kB URL GET HTTP/2 script.anura.io/request.js?instance=3952744944&exid=0C0F13AC584372650B0AA96D02CE2A06&source=pwncpp&campaign=2954_6987&832490420260
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint83:CF:23:67:0B:B9:DB:BB:65:3F:31:44:AD:06:8B:B2:7E:B4:E1:20
ValidityMon, 16 Oct 2023 00:00:00 GMT - Wed, 13 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (1912)
Hash d928b54507e5bb73ae995ca2dff9fa55
aa8e3b95a79e9130035d85dce412d0e901d82302
5ed1adfe6ebc76c811f43dce094c0f306574ca2665e7ce9d9ad272ad9e374108
GET /request.js?instance=3952744944&exid=0C0F13AC584372650B0AA96D02CE2A06&source=pwncpp&campaign=2954_6987&832490420260 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 22:12:44 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ads.anura.io/showads.js?129627608158
200 OK 0 B URL GET HTTP/2 ads.anura.io/showads.js?129627608158
IP
Requested by https://enlisted.net/de/play4free/?r=pwncpp_2954_6987&transaction_id=40091c0a903f405488169027aff79c7d
Certificate IssuerAmazon
Subjectads.anura.io
Fingerprint69:66:FA:26:E2:E4:89:00:9A:F7:DE:2C:F6:5A:C2:B9:58:04:5D:E6
ValidityTue, 30 May 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /showads.js?129627608158 HTTP/1.1
Host: ads.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enlisted.net
DNT: 1
Connection: keep-alive
Referer: https://enlisted.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 07 Dec 2023 19:40:31 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qYmWhL6YR4kTrZ0ObI4GX25OyXGK5kwtgNPNgMzwGjvqsfdRiP-URA==
age: 9133
X-Firefox-Spdy: h2
172.67.14.1
87.248.119.252
104.22.43.210
52.208.162.169
194.242.11.186
185.244.209.62
18.158.229.59
0.0.0.0