ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6802fa641ce83f7eaa206bd19b40c0bf
00921bfacfbbb4085294bcbdfb6be4abfe35af85
1a9c2d14fdd0353938678b248ffd690fb3086e10b95dbb10e922fb687cf7805a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 06:40:33 GMT
Last-Modified: Thu, 01 Jun 2023 05:04:44 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tjaS6nhOcgOFj0fFpcCHEdiya-zccAN5jSp2Fsrha4ndeh7S3_7ijQ==
Age: 5750
nostop.go2cloud.org/aff_i?offer_id=186&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&source=1048-123808&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=noiselimit.xyz
18.202.12.61 57 B URL nostop.go2cloud.org/aff_i?offer_id=186&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&source=1048-123808&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=noiselimit.xyz
IP 18.202.12.61:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 77d96eebccea5801290ad68b3ccb4199
eaf3924bfd87bbf1f1137c395de8687f20c4f3a6
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
GET /aff_i?offer_id=186&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&source=1048-123808&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=noiselimit.xyz HTTP/1.1
Host: nostop.go2cloud.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://noiselimit.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 06:40:33 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 102be3580b9961087f8593d9a68889
Access-Control-Allow-Origin: *
X-Request-Id: b6247541e257eeea426a87be1379b26e
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6802fa641ce83f7eaa206bd19b40c0bf
00921bfacfbbb4085294bcbdfb6be4abfe35af85
1a9c2d14fdd0353938678b248ffd690fb3086e10b95dbb10e922fb687cf7805a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 06:40:33 GMT
Last-Modified: Thu, 01 Jun 2023 05:03:06 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DNSID6RQ069VXxS5GjqRRvCLq7VcaKDA5I_K9BHCNF47THHvOcQtqQ==
Age: 5847
trk.earthbit.online/aff_c?source=1048-123808&offer_id=186&aff_click_id=6&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&aff_unique1=&aff_unique2=&aff_unique3=&name=pikashow_apk_2023.exe&url=
52.210.174.128302 Found 279 B URL User Request GET HTTP/1.1 trk.earthbit.online/aff_c?source=1048-123808&offer_id=186&aff_click_id=6&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&aff_unique1=&aff_unique2=&aff_unique3=&name=pikashow_apk_2023.exe&url=
IP 52.210.174.128:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0bf96d5fa62c557d28052b09dc709eb0
30518326843a8bc52a293406b0ff1d87f56a368f
f460180116561237ed540ea0627954b39b8e95e49d8ca87ac9b95b5147c624b2
NIDS Severity Alert suricata high ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
GET /aff_c?source=1048-123808&offer_id=186&aff_click_id=6&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&aff_unique1=&aff_unique2=&aff_unique3=&name=pikashow_apk_2023.exe&url= HTTP/1.1
Host: trk.earthbit.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Jun 2023 06:40:34 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_186=ENC03fa5cc030e81f68cfc1a70192d7e6f6107ac0ba124a53b4d0230e39ada04cb6d37d60d721a7376bbff4b2599440d473dd75a55f631155d2bf4851ba4740e908740498231166d1c9bd9df3895b3d6192654851ee1f8bc8db7c0ef76295f3a9eb32e7e3507bc3389c728394e45b159cd35f0c81fc0511ddf5a1d1599467592f6a739711cc4bbd2952734fa9bf76e3614f171ce22bd506626d16433fe24b437cc18b072b01f4; expires=Sat, 01 Jul 2023 06:40:34 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 25 Apr 2026 17:20:34 GMT; path=/; SameSite=None; Secure
Tracking_id: 102ab37731ef89ab982a0268d1a85b
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 52dec1d045a1463264b49d4b7540c12e
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 06:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Fredoka+One
142.250.74.106200 OK 756 B URL GET HTTP/2 fonts.googleapis.com/css?family=Fredoka+One
IP 142.250.74.106:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash 98f86fcb9370cb2a689bf264738e5ca1
b5dfe577a12c8ec54de0baf10d11c9b7a4d3bf4e
82555c0290aa33e0ec5400f2b7c31e81082dc6214ed6fb7fcf489c8d40b3b9c5
GET /css?family=Fredoka+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 06:40:34 GMT
date: Thu, 01 Jun 2023 06:40:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 06:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
IP 142.250.74.35:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15596, version 1.0\012- data
Hash 72bb194f7e275c92ecf5536060952844
a7419d2e8b92cbc5f89c3c03771f45c4f632964c
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
GET /s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 04:49:09 GMT
expires: Thu, 30 May 2024 04:49:09 GMT
cache-control: public, max-age=31536000
age: 93085
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 06:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ok.battletrain.xyz/ee/1543246333.woff
104.21.18.134200 OK 1.1 kB URL GET HTTP/3 ok.battletrain.xyz/ee/1543246333.woff
IP 104.21.18.134:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subjectbattletrain.xyz
Fingerprint55:7F:19:69:3F:58:5C:D3:9B:B7:FA:B4:78:C5:29:ED:7C:9A:97:5E
ValidityWed, 24 May 2023 08:44:55 GMT - Tue, 22 Aug 2023 08:44:54 GMT
File type Web Open Font Format, CFF, length 1144, version 1.0\012- data
Hash 605dc29afa54d8310bb22266e452aca8
9986ecc366bbf2ed265738a2972ada6a66634820
ff284e26d3a139a31c82535aaaf0225e3ea76bff7bca7db5038558ee83fac623
GET /ee/1543246333.woff HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/ee/icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/font-woff
content-length: 1144
last-modified: Wed, 29 May 2019 14:15:08 GMT
etag: "5cee93ec-478"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piAMSzxKfnwQQuzQqqDZaA5G8mW%2Frt%2BCSEWagebStm%2BlFtn5uyUGf7G6J1rSI8r2v9E%2BVzRtkoR2a2fLFijlI5VKw358JPuqkY2kvSpoq3MxR%2BmUNjUNfPQBnwiCiQm0GR%2FCoNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0577498b1b067b-OSL
alt-svc: h3=":443"; ma=86400
humsoolt.net/zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-123808&ymid=102ab37731ef89ab982a0268d1a85b&var_3=
139.45.197.251200 OK 910 B URL GET HTTP/2 humsoolt.net/zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-123808&ymid=102ab37731ef89ab982a0268d1a85b&var_3=
IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type JSON data\012- , ASCII text, with very long lines (909)
Hash a6e36420bc7f519f81df52562519a62c
8557cd126000d194ec2c5f8761d90d2fa126a0fd
20f9483f23e123af9ff9e1ed0233a432b09d862f4a0ed320156e26f3094a32bd
GET /zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-123808&ymid=102ab37731ef89ab982a0268d1a85b&var_3= HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 910
x-trace-id: 9e50b8401631a082d6f5cb3728e5c089
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
humsoolt.net/pfe/current/standalone.min.js?v=3.1.436
139.45.197.251200 OK 28 kB URL GET HTTP/2 humsoolt.net/pfe/current/standalone.min.js?v=3.1.436
IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 4292d76c69b3810703d59c6ae86e6665
7811add6a6c8e54804c017f41ca819de76ad7978
10a972d659ce9530094f071ea445f94e22c03d3ea7e01aaeb1ca91bda1e7485d
GET /pfe/current/standalone.min.js?v=3.1.436 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:19 GMT
etag: W/"6475f01b-14bbd"
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 505
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5ee0aa0f38246905e9a542654b3c1695
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash fd60360cc01f95021a519ce5c4ef9860
1eb1468bce44397d51f2b4a700d442680c2f2de1
7c4e0183fa0aad5658df182bcaa55768f51a37b0daa4a7b312e1c8619c3863a0
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 548
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 06511778efffa99ac3a5c4517b04fd59
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash e9cc6379426bc6641b68ac0697488bf1
8141564b98f3d56ade97c93ab561c95f692af46d
dfefa6f1d45099e8d46b48466d8244e8c1bc5fea9b6f066e09f9157a010e79ea
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 548
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: fdf86ceee3344d151930b9f1379dfaf0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash 9be8e956e7f6a33ceb26ce000dd92d74
95929d3d265688218bc4dd6643927e0601ec44df
ec792c766e2584887e74bf2270897a03928733e30691716792e42158fa77c320
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 548
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: eb4720b91eddf7ebf2bba5f247837fdb
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
humsoolt.net/pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102ab37731ef89ab982a0268d1a85b&var=1048-123808
139.45.197.251200 OK 15 kB URL GET HTTP/2 humsoolt.net/pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102ab37731ef89ab982a0268d1a85b&var=1048-123808
IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type C source, ASCII text, with very long lines (14679), with no line terminators
Hash dd1bd926c9d267f953b3631fa55c8597
1a37cc25c5dbeb4edd216419587df4c3f270adf0
6e021b2b21122242fa40175b8df6316a9386aa36454efd2c234e891258003d27
GET /pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102ab37731ef89ab982a0268d1a85b&var=1048-123808 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:34 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:19 GMT
etag: W/"6475f01b-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ok.battletrain.xyz/ee/icons.css
104.21.18.134200 OK 1.1 kB URL GET HTTP/3 ok.battletrain.xyz/ee/icons.css
IP 104.21.18.134:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subjectbattletrain.xyz
Fingerprint55:7F:19:69:3F:58:5C:D3:9B:B7:FA:B4:78:C5:29:ED:7C:9A:97:5E
ValidityWed, 24 May 2023 08:44:55 GMT - Tue, 22 Aug 2023 08:44:54 GMT
File type ASCII text, with very long lines (1206), with no line terminators
Hash cc77dba7458d0531eee73b1014ebf114
e169e3b29aa9c97c7d2afd9d5150be2d414e15e8
24b82e74a45bc0793072ba1c1b3e6713abee616c03d9f752d9b66ee333c9626a
GET /ee/icons.css HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:40:34 GMT
content-type: text/css
last-modified: Wed, 29 May 2019 14:15:09 GMT
etag: W/"5cee93ed-46a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vl2POrxqEqoH7vaFrmYDXUFtJjFy8tk0dRa93z%2BpUX%2B%2FVMW%2FWTZRRms2f9bXyKhmm1tnpy08RBn91hCwOfd4ySn7JcSQmM9RqusK3FkPpXVtaWGm8UaNNvkkQ4%2Fk4Na7Eu4%2B35A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d057747d988067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
104.21.18.134200 OK 5.4 kB URL User Request GET HTTP/2 ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
IP 104.21.18.134:443
Certificate IssuerGoogle Trust Services LLC
Subjectbattletrain.xyz
Fingerprint55:7F:19:69:3F:58:5C:D3:9B:B7:FA:B4:78:C5:29:ED:7C:9A:97:5E
ValidityWed, 24 May 2023 08:44:55 GMT - Tue, 22 Aug 2023 08:44:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5562), with no line terminators
Hash ef5948e5843f7955073dd0757f4666a6
f4b67d767367f6fd595ead56466c00ea916f93c0
e400cf26c47323fcf952d48710f5af468e74db731b08899d5c8d84f431999525
GET /ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 06:40:34 GMT
content-type: text/html
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfjMLw6y5mwVT1Z9aFCpgKtmlJ2VC2xrb%2BjUmsDCuKUOBTM%2FPHiptCrVTvtSlSm8vbDlkxPVpHk77ZV8xIRV400BxCgfjf8gCP3DIUjfl2R0KfVvUzx1qzXfuxbwcvHt878GsM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0577459f12b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2