ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6802fa641ce83f7eaa206bd19b40c0bf
00921bfacfbbb4085294bcbdfb6be4abfe35af85
1a9c2d14fdd0353938678b248ffd690fb3086e10b95dbb10e922fb687cf7805a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 06:40:34 GMT
Last-Modified: Thu, 01 Jun 2023 05:03:06 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RkjaMXPHHeAQUlusXpCqAdsOAOdJA0ml-EwAhWbOHcVkGR8Sb1hOuQ==
Age: 5848
nostop.go2cloud.org/aff_i?offer_id=186&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&source=1048-123808&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=noiselimit.xyz
52.210.2.133 57 B URL nostop.go2cloud.org/aff_i?offer_id=186&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&source=1048-123808&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=noiselimit.xyz
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 77d96eebccea5801290ad68b3ccb4199
eaf3924bfd87bbf1f1137c395de8687f20c4f3a6
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
GET /aff_i?offer_id=186&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&source=1048-123808&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Firefox&adv_sub4=&adv_sub3=&adv_sub2=noiselimit.xyz HTTP/1.1
Host: nostop.go2cloud.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://noiselimit.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 102be3580b9961087f8593d9a68889
Access-Control-Allow-Origin: *
X-Request-Id: 5bf7706cdf5363848dd1b8d11413e339
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6802fa641ce83f7eaa206bd19b40c0bf
00921bfacfbbb4085294bcbdfb6be4abfe35af85
1a9c2d14fdd0353938678b248ffd690fb3086e10b95dbb10e922fb687cf7805a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 06:40:34 GMT
Last-Modified: Thu, 01 Jun 2023 05:04:44 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xl1eoHiy_NQhXRx_ZSnOp3qR7kr4WQUNUT4lT3zTLT_cC3oG1r0Low==
Age: 5751
trk.earthbit.online/aff_c?source=1048-123808&offer_id=186&aff_click_id=6&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&aff_unique1=&aff_unique2=&aff_unique3=&name=pikashow_apk_2023.exe&url=
52.210.174.128 279 B URL User Request GET trk.earthbit.online/aff_c?source=1048-123808&offer_id=186&aff_click_id=6&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&aff_unique1=&aff_unique2=&aff_unique3=&name=pikashow_apk_2023.exe&url=
IP 52.210.174.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0bf96d5fa62c557d28052b09dc709eb0
30518326843a8bc52a293406b0ff1d87f56a368f
f460180116561237ed540ea0627954b39b8e95e49d8ca87ac9b95b5147c624b2
NIDS Severity Alert suricata high ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
GET /aff_c?source=1048-123808&offer_id=186&aff_click_id=6&aff_id=1048&aff_sub=123808&aff_sub2=0&aff_sub3=Windows_10|Chrome&aff_sub4=appzmoda.com&aff_sub5=heydear&aff_unique1=&aff_unique2=&aff_unique3=&name=pikashow_apk_2023.exe&url= HTTP/1.1
Host: trk.earthbit.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Jun 2023 06:40:34 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_186=ENC03cebcaff73129dfdc0202c1d53c57a0f3d58fafa749cbe0d28ed098a2c33a60e8121a3b8bbd283550dc0074946ebb152b80a7c68b85a341e4dd8eb6df63ebd8b958814c0f19b781d78c2fda05ded6cad5ac45bf2a5648cfd6ce87c2e401e7d88a21b70e1f79d0fd2e7d5ca9a8c38652d0c5772e8cdf4dcca96681968d7b73abe01ae9395174eaac23fe17c262d54b25d3c6e795f4de95cf275cbd219440fd142425491c9a; expires=Sat, 01 Jul 2023 06:40:34 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 25 Apr 2026 17:20:34 GMT; path=/; SameSite=None; Secure
Tracking_id: 102ab37731ef89ab982a0268d1a85b
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 1fb65f860b8332758c184733c016bd7e
Access-Control-Allow-Headers: Tune-SDK-Version
ok.battletrain.xyz/ee/icons.css
172.67.181.222200 OK 837 B URL GET HTTP/3 ok.battletrain.xyz/ee/icons.css
IP 172.67.181.222:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subjectbattletrain.xyz
Fingerprint55:7F:19:69:3F:58:5C:D3:9B:B7:FA:B4:78:C5:29:ED:7C:9A:97:5E
ValidityWed, 24 May 2023 08:44:55 GMT - Tue, 22 Aug 2023 08:44:54 GMT
Hash f8603169b13e129681b81d9789375e6b
e9de672602612d3187f90fe65fb5871b30fbcb3e
e15d7dddb9141d182250dde30a83b2c1c18796c175468d1b0de7aa9b5924c6d8
GET /ee/icons.css HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/css
last-modified: Wed, 29 May 2019 14:15:09 GMT
etag: W/"5cee93ed-46a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xA1G2K4QFQYV9Z2vNLhKWXx%2BB3Xly%2BY5KSLy9QAlRT3nhDDBsLcNiY79IdS%2Fua5p%2BoR%2FR4Q2cNnzqaPYR6co5qD2FM7d0x8n%2B62URSC1%2FiOZn0kar1GvxbLavmZzwcE5H8cx3WM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d05774befba1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Fredoka+One
142.250.74.106200 OK 756 B URL GET HTTP/2 fonts.googleapis.com/css?family=Fredoka+One
IP 142.250.74.106:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash 98f86fcb9370cb2a689bf264738e5ca1
b5dfe577a12c8ec54de0baf10d11c9b7a4d3bf4e
82555c0290aa33e0ec5400f2b7c31e81082dc6214ed6fb7fcf489c8d40b3b9c5
GET /css?family=Fredoka+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 06:40:35 GMT
date: Thu, 01 Jun 2023 06:40:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ok.battletrain.xyz/ee/1543246333.woff
172.67.181.222200 OK 1.1 kB URL GET HTTP/3 ok.battletrain.xyz/ee/1543246333.woff
IP 172.67.181.222:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subjectbattletrain.xyz
Fingerprint55:7F:19:69:3F:58:5C:D3:9B:B7:FA:B4:78:C5:29:ED:7C:9A:97:5E
ValidityWed, 24 May 2023 08:44:55 GMT - Tue, 22 Aug 2023 08:44:54 GMT
File type Web Open Font Format, CFF, length 1144, version 1.0\012- data
Hash 605dc29afa54d8310bb22266e452aca8
9986ecc366bbf2ed265738a2972ada6a66634820
ff284e26d3a139a31c82535aaaf0225e3ea76bff7bca7db5038558ee83fac623
GET /ee/1543246333.woff HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/ee/icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/font-woff
content-length: 1144
last-modified: Wed, 29 May 2019 14:15:08 GMT
etag: "5cee93ec-478"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLNnVAz5O9NjZk%2FHuKOlm%2BLvMRDLYskB3%2B2jwNb2rqKTY15llj%2Fwc51G573grVeg4YPGklbRUgWHC%2BRaleYVGPrwy2LPSvtfb6SQjHZ4kRU0QhwYkdc53e%2FZpb4NoXc1uM4n8Os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d05774d18e21bfa-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 06:40:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
IP 142.250.74.35:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15596, version 1.0\012- data
Hash 72bb194f7e275c92ecf5536060952844
a7419d2e8b92cbc5f89c3c03771f45c4f632964c
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
GET /s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 04:49:09 GMT
expires: Thu, 30 May 2024 04:49:09 GMT
cache-control: public, max-age=31536000
age: 93086
last-modified: Mon, 20 Mar 2023 20:35:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 06:40:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
humsoolt.net/pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102ab37731ef89ab982a0268d1a85b&var=1048-123808
139.45.197.251200 OK 7.0 kB URL GET HTTP/2 humsoolt.net/pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102ab37731ef89ab982a0268d1a85b&var=1048-123808
IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash d7f7d45eb36ca0d544394c3d5fe45cbc
35394b0e29cfa756ed7dec4ff0c9d6192532f1ee
d156da16bc459ba9e1b5fb316df000a02151b1d7cb916da0b643efa4078d977c
GET /pfe/current/tag.min.js?z=2674728&t=standalone&ymid=102ab37731ef89ab982a0268d1a85b&var=1048-123808 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.battletrain.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:19 GMT
etag: W/"6475f01b-3957"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 879
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5f6f924055429efac3bfe78278ca1910
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
humsoolt.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 505
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6b1474c331f0cfd0eb6a9471fa2ce8ef
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash adf3f686ed231b109327d7837d2e2348
0d1b96cc8360d6a1830e6c7b5e946e049a9e1fac
d672e738fe3ee71fdd7887cd9467a4ae306a7bf7aaad08a0acc9d806d91216b9
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 547
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 89ecbed2e44ae6d5c2e5db19c6bf5b06
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash e9d67f2667de131e43e9257c4fb3bffc
0c755e0515801ee2967f121c365c04160b35c8b3
bf65a58dcbf47e0de8cc408a10ffda53156a2f33131f3ae24a187b204b0e1083
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 548
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6e13a2eb04515c54fe373fa1c48dcc7c
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint06:75:EF:D1:99:AE:A5:FA:8B:93:D3:D4:ED:BD:88:51:DA:2A:62:B3
ValidityFri, 31 Mar 2023 10:01:30 GMT - Thu, 29 Jun 2023 10:01:29 GMT
File type JSON data\012- , ASCII text
Hash f4a87e705f2642d0bfc64829466ea80c
e86835a1117905feaa722f1bbf22e0021855569d
602ecd79acca31a279eb84da9e662dc03d5c43fb1fe9e2f3f4cc217296e736be
Analyzer Verdict Alert quad9 Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Content-Type: application/json
Content-Length: 548
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 4e03386a66041ce5002ca09d8b346cb5
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
172.67.181.222200 OK 5.4 kB URL User Request GET HTTP/2 ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
IP 172.67.181.222:443
Certificate IssuerGoogle Trust Services LLC
Subjectbattletrain.xyz
Fingerprint55:7F:19:69:3F:58:5C:D3:9B:B7:FA:B4:78:C5:29:ED:7C:9A:97:5E
ValidityWed, 24 May 2023 08:44:55 GMT - Tue, 22 Aug 2023 08:44:54 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5562), with no line terminators
Hash ef5948e5843f7955073dd0757f4666a6
f4b67d767367f6fd595ead56466c00ea916f93c0
e400cf26c47323fcf952d48710f5af468e74db731b08899d5c8d84f431999525
GET /ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b HTTP/1.1
Host: ok.battletrain.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: text/html
x-powered-by: PHP/5.4.16
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0inYmQEfXwKgPG03mu6rNALH%2FDLMDxfPCzkYHkR%2Fl2ib3%2BE0Ze7sSsqGEwA3MjGe%2BKy6F7%2Bcb%2F5RM1b8yt%2FIAoGL1XMq5SDexDJhdkQej7iaOnl7JOPrbLi%2FFLmmDF8VcOEllMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d05774979b3b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
humsoolt.net/zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-123808&ymid=102ab37731ef89ab982a0268d1a85b&var_3=
139.45.197.251200 OK 910 B URL GET HTTP/2 humsoolt.net/zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-123808&ymid=102ab37731ef89ab982a0268d1a85b&var_3=
IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1009), with no line terminators
Hash 4980add445c2de60a5f93a0215abb077
00b2068055623938490978e8cee5730849632a90
79027627587ab61ab58025a6eb52869fbcf99ae3ad427dcf2185ad75bd037b36
GET /zone?pub=0&zone_id=2674728&is_mobile=false&domain=ok.battletrain.xyz&var=1048-123808&ymid=102ab37731ef89ab982a0268d1a85b&var_3= HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/json; charset=utf-8
content-length: 910
x-trace-id: b1bbdd1b82d957cf1bd5110ec577a1a4
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
humsoolt.net/pfe/current/standalone.min.js?v=3.1.436
139.45.197.251200 OK 85 kB URL GET HTTP/2 humsoolt.net/pfe/current/standalone.min.js?v=3.1.436
IP 139.45.197.251:443
Requested by https://ok.battletrain.xyz/ee/indexN.php?sid=1048-123808&cid=102ab37731ef89ab982a0268d1a85b
Certificate IssuerLet's Encrypt
Subjecthumsoolt.net
Fingerprint21:87:76:56:CA:C9:38:65:08:30:59:54:9E:20:B1:58:C5:C9:D6:EB
ValidityFri, 12 May 2023 05:12:03 GMT - Thu, 10 Aug 2023 05:12:02 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9df09d6d9f0584962bad4a0cb71b59ea
a3aeb7d19dafe49f33c89b241d5950435668b2af
8bb9ed0985648401a1024d0eb702322f22cabaf941c1b2ee611dceed50b32f33
GET /pfe/current/standalone.min.js?v=3.1.436 HTTP/1.1
Host: humsoolt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.battletrain.xyz/
Origin: https://ok.battletrain.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 01 Jun 2023 06:40:35 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 12:46:19 GMT
etag: W/"6475f01b-14bbd"
access-control-allow-origin: https://ok.battletrain.xyz
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2