| nostop.go2cloud.org/aff_i?offer_id=186&aff_id=1048&aff_sub=152240&aff_sub2=372552&aff_sub3=Windows_10|Chrome&aff_sub4=basesfile.com&aff_sub5=empty&source=1048-152240&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=cakespoint.site | 52.210.174.128 | | 57 B |
URL nostop.go2cloud.org/aff_i?offer_id=186&aff_id=1048&aff_sub=152240&aff_sub2=372552&aff_sub3=Windows_10|Chrome&aff_sub4=basesfile.com&aff_sub5=empty&source=1048-152240&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=cakespoint.site IP52.210.174.128:0
File typeGIF image data, version 89a, 1 x 1 Hash77d96eebccea5801290ad68b3ccb4199 eaf3924bfd87bbf1f1137c395de8687f20c4f3a6 ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
GET /aff_i?offer_id=186&aff_id=1048&aff_sub=152240&aff_sub2=372552&aff_sub3=Windows_10|Chrome&aff_sub4=basesfile.com&aff_sub5=empty&source=1048-152240&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=cakespoint.site HTTP/1.1
Host: nostop.go2cloud.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cakespoint.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 05:24:12 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 102b4f69b72ad6f658b4e97904067a
Access-Control-Allow-Origin: *
X-Request-Id: 47f2bb7c262d8979a9ab7e21982cfc57
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
|
|
| trk.bubblewaves.online/aff_c?source=1048-152240&offer_id=186&aff_click_id=4&aff_id=1048&aff_sub=152240&aff_sub2=372552&aff_sub3=Windows_10|Chrome&aff_sub4=basesfile.com&aff_sub5=empty&aff_unique1=&aff_unique2=&aff_unique3=&name=all&url= | 52.210.2.133 | 302 Found | 279 B |
URL User Request GET HTTP/1.1trk.bubblewaves.online/aff_c?source=1048-152240&offer_id=186&aff_click_id=4&aff_id=1048&aff_sub=152240&aff_sub2=372552&aff_sub3=Windows_10|Chrome&aff_sub4=basesfile.com&aff_sub5=empty&aff_unique1=&aff_unique2=&aff_unique3=&name=all&url= IP52.210.2.133:80
File typeHTML document, ASCII text Hash0b4c8fb4226adab8fe3913710481cc0c c4515b9464025b856a546b349178c59f8a1528d4 6d36da73e795f69aa0acffbf0bd6b8ee6c1cfb446f3477ddaf4af46ea2cb7fe5
GET /aff_c?source=1048-152240&offer_id=186&aff_click_id=4&aff_id=1048&aff_sub=152240&aff_sub2=372552&aff_sub3=Windows_10|Chrome&aff_sub4=basesfile.com&aff_sub5=empty&aff_unique1=&aff_unique2=&aff_unique3=&name=all&url= HTTP/1.1
Host: trk.bubblewaves.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 05:24:13 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_186=ENC03b0b7eba4b5583a5a39d85e182467795ed8027a4ebd16b7451d41a4419531efda02941c3762acc0f7a92c6cbdcfe7b286196a964ac9cf9d0602ad13602f6278d58fe88378d4fc6b1cda7976d97f6f2173bc751701fd5eb409a7aac28eb9bad8385d7e4c23263e3dcebf471942ae6cfd0725cdf83775b7b2f2ebfbba447db62f7c855ed347352193f3256847d33d60d3edbb1b5ff25ce0ca1a29bb6b4cc98bbe09c9e053bb0e3c9775d5e5e4022fb841727b8427746407c278599f7349cd8e35f404962d53; expires=Sun, 19 May 2024 05:24:13 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sun, 14 Mar 2027 16:04:13 GMT; path=/; SameSite=None; Secure
Tracking_id: 102fc4463ab10bfae49dd2b3273206
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: caf6fa39841090f4b02441aa8c2f7a75
Access-Control-Allow-Headers: Tune-SDK-Version
|
|
| fonts.googleapis.com/css?family=Fredoka+One | 142.250.74.74 | 200 OK | 10 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Fredoka+One IP142.250.74.74:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashde7c8e186bbc4ac2a7bfe8842b66f50d bff0edb99ca702652b422d1d259b67e438968b70 34c76c8034e08bbe6c545a278b18fd7a33d265583941e7bf7f6c6d89baadc3c3
GET /css?family=Fredoka+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 05:24:13 GMT
date: Fri, 19 Apr 2024 05:24:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 IP216.58.207.227:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15596, version 1.0 Hash72bb194f7e275c92ecf5536060952844 a7419d2e8b92cbc5f89c3c03771f45c4f632964c e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
GET /s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:02:18 GMT
expires: Wed, 16 Apr 2025 02:02:18 GMT
cache-control: public, max-age=31536000
age: 271316
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ok.battletrain.xyz/ee/1543246333.woff | 172.67.181.222 | 200 OK | 1.1 kB |
URL GET HTTP/3ok.battletrain.xyz/ee/1543246333.woff IP172.67.181.222:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerGoogle Trust Services LLC Subjectbattletrain.xyz Fingerprint02:46:6F:E4:DD:93:A4:E5:18:EA:94:7B:37:14:4B:CB:F0:D0:F4:C2 ValidityThu, 14 Mar 2024 22:20:29 GMT - Wed, 12 Jun 2024 22:20:28 GMT
File typeWeb Open Font Format, CFF, length 1144, version 1.0 Hash605dc29afa54d8310bb22266e452aca8 9986ecc366bbf2ed265738a2972ada6a66634820 ff284e26d3a139a31c82535aaaf0225e3ea76bff7bca7db5038558ee83fac623
GET /ee/1543246333.woff HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/ee/icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/font-woff
content-length: 1144
last-modified: Wed, 29 May 2019 14:15:08 GMT
etag: "5cee93ec-478"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IvPQu4XzS8bc0q9q96IVKVXXGcf3stDkGNK%2FthIk5HG%2BQ9iA6ARIdPKzaQz1cQzlQjfeuHoQsB9rCit4nKG35IpPKX7FNL7%2BRVxkSM%2B%2FjoAgjmI5nS4%2BIi85BhdXI%2FESk2t9j9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a7793ee5ab527-OSL
alt-svc: h3=":443"; ma=86400
|
|
| humsoolt.net/zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-152240&ymid=102fc4463ab10bfae49dd2b3273206&var_3=&tg=0&sw=3.1.500 | 139.45.197.251 | 200 OK | 144 B |
URL GET HTTP/2humsoolt.net/zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-152240&ymid=102fc4463ab10bfae49dd2b3273206&var_3=&tg=0&sw=3.1.500 IP139.45.197.251:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjecthumsoolt.net FingerprintA0:E9:3C:D2:51:F8:4E:F9:D3:48:53:8E:60:A6:47:4B:DD:97:3E:3B ValidityWed, 27 Mar 2024 05:04:27 GMT - Tue, 25 Jun 2024 05:04:26 GMT
Hash7d6b2b3f257459b9f456530e3b42cc1e 531ca355fba3d90f92c1505a796be91f2e3fc418 3ab83e12e0096d62dfeb0b64e022272ec8560c817a9b02395c65064da53519ba
GET /zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-152240&ymid=102fc4463ab10bfae49dd2b3273206&var_3=&tg=0&sw=3.1.500 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/json; charset=utf-8
content-length: 144
x-trace-id: a18555532556db59c23b942acb5ae7d0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| humsoolt.net/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjecthumsoolt.net FingerprintA0:E9:3C:D2:51:F8:4E:F9:D3:48:53:8E:60:A6:47:4B:DD:97:3E:3B ValidityWed, 27 Mar 2024 05:04:27 GMT - Tue, 25 Jun 2024 05:04:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| humsoolt.net/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjecthumsoolt.net FingerprintA0:E9:3C:D2:51:F8:4E:F9:D3:48:53:8E:60:A6:47:4B:DD:97:3E:3B ValidityWed, 27 Mar 2024 05:04:27 GMT - Tue, 25 Jun 2024 05:04:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| humsoolt.net/pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102fc4463ab10bfae49dd2b3273206&var=1048-152240 | 139.45.197.251 | 200 OK | 6.3 kB |
URL GET HTTP/2humsoolt.net/pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102fc4463ab10bfae49dd2b3273206&var=1048-152240 IP139.45.197.251:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjecthumsoolt.net FingerprintA0:E9:3C:D2:51:F8:4E:F9:D3:48:53:8E:60:A6:47:4B:DD:97:3E:3B ValidityWed, 27 Mar 2024 05:04:27 GMT - Tue, 25 Jun 2024 05:04:26 GMT
File typegzip compressed data, max speed, from Unix Hash032404db3dd5df51592a8ca1630b6a04 1d3d73c9ce43dcdf9ff8b63756d57e3c54117e44 c08b4ef940a3ee61c049f5ec92391cfbdb159a446d39cdf4ef0efd0fb37b38c9
GET /pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102fc4463ab10bfae49dd2b3273206&var=1048-152240 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:56:40 GMT
etag: W/"661e9fb8-3914"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| humsoolt.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjecthumsoolt.net FingerprintA0:E9:3C:D2:51:F8:4E:F9:D3:48:53:8E:60:A6:47:4B:DD:97:3E:3B ValidityWed, 27 Mar 2024 05:04:27 GMT - Tue, 25 Jun 2024 05:04:26 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 452
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 72da405248766d122152302088d31e0c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash0657d9d0ecf4b5f83e89fdcb5c8174df a030722031a3b361f08d3fe4ece2946394ec95a8 e34658f74b355e20972daefdfb760dc044beb998a7feda0802955b9445206699
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 567
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash067e8237c1bb49991b801b9dd14d4771 2013083890484fa062b9fc3b5cc18a0a4c3372ec dc5ff4c7da98823e5cdac1b3614e50ac346473cb34e966f649878425c7c1a767
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 567
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashf4744acaec9d1f08da6428c9fa1e9010 fe4e3600a270426528f8cfafea447ab5d8241e95 5f4026b3b3d6b61138ac0127d06ac0b272c46ce08b42ddc53c593cf0ccc6ff05
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 567
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| humsoolt.net/pfe/current/standalone.min.js?v=3.1.500 | 139.45.197.251 | 200 OK | 72 kB |
URL GET HTTP/2humsoolt.net/pfe/current/standalone.min.js?v=3.1.500 IP139.45.197.251:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerLet's Encrypt Subjecthumsoolt.net FingerprintA0:E9:3C:D2:51:F8:4E:F9:D3:48:53:8E:60:A6:47:4B:DD:97:3E:3B ValidityWed, 27 Mar 2024 05:04:27 GMT - Tue, 25 Jun 2024 05:04:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash191fd85ca4900a1e4aa8b4d4a10a8b3f 343466500261f6b95f80204369e600bbd39cf5ab 6cb62cf2db30ddfc3c1b107cad4cc5f5a83248d1595447ae989367b486fdc96c
GET /pfe/current/standalone.min.js?v=3.1.500 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:56:40 GMT
etag: W/"661e9fb8-119ce"
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 | 172.67.181.222 | 200 OK | 5.4 kB |
URL User Request GET HTTP/2ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 IP172.67.181.222:443
CertificateIssuerGoogle Trust Services LLC Subjectbattletrain.xyz Fingerprint02:46:6F:E4:DD:93:A4:E5:18:EA:94:7B:37:14:4B:CB:F0:D0:F4:C2 ValidityThu, 14 Mar 2024 22:20:29 GMT - Wed, 12 Jun 2024 22:20:28 GMT
File typeHTML document, ASCII text, with very long lines (5562), with no line terminators Hashef5948e5843f7955073dd0757f4666a6 f4b67d767367f6fd595ead56466c00ea916f93c0 e400cf26c47323fcf952d48710f5af468e74db731b08899d5c8d84f431999525
GET /ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:24:13 GMT
content-type: text/html
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYT%2BLSeONkSKVIxn9vNLO%2Bwwb6jZwsdUCH1Tg%2B8qcmWBj4LgJhyJ5flu7O2spb3gDeuxp4nKj89PWTWrEPtQ6FHBUDR5yvOpagAboEKqNXl9yZjVihKILk9%2F6lELQCYyDiD2CQk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a77901e507127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ok.battletrain.xyz/ee/icons.css | 172.67.181.222 | 200 OK | 1.1 kB |
URL GET HTTP/3ok.battletrain.xyz/ee/icons.css IP172.67.181.222:443
Requested byhttps://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206 CertificateIssuerGoogle Trust Services LLC Subjectbattletrain.xyz Fingerprint02:46:6F:E4:DD:93:A4:E5:18:EA:94:7B:37:14:4B:CB:F0:D0:F4:C2 ValidityThu, 14 Mar 2024 22:20:29 GMT - Wed, 12 Jun 2024 22:20:28 GMT
File typeASCII text, with very long lines (1206), with no line terminators Hashcc77dba7458d0531eee73b1014ebf114 e169e3b29aa9c97c7d2afd9d5150be2d414e15e8 24b82e74a45bc0793072ba1c1b3e6713abee616c03d9f752d9b66ee333c9626a
GET /ee/icons.css HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/ee/indexN.php?sid=1048-152240&cid=102fc4463ab10bfae49dd2b3273206
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 05:24:14 GMT
content-type: text/css
last-modified: Wed, 29 May 2019 14:15:09 GMT
etag: W/"5cee93ed-46a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITQhJ40oyhCoknFyZzAxG95eMtuif1opV%2BXsdEmBHSmyA7i85fBuAuP%2BKFGCxU9sHMHCmJxCH6ffSIjjxlhFojBH2nY0e3LqTdV3H%2B4WRxkgvGSFf8fKbxGyUSpABG9gnSU%2B6tU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a77924d50b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|