Report - www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/

Report Overview

Submitted URL
www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
IP
5.61.55.75
ASN
#58061 Scalaxy B.V.
Submitted
2024-05-04 08:03:17
Access
public
Website Title
Brat Princess 2 - Jazmine and Penelope - Tease the Flat Chastity Device 4K
Final URL
www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s.magsrv.com	unknown	2023-08-01	2023-08-04	2024-05-03	556 B	743 B	95.211.229.246
bn3.trafget.com	unknown	2023-01-20	2024-04-26	2024-05-02	525 B	773 B	104.21.0.238
glochatuji.com	unknown	2022-03-24	2022-03-24	2024-02-14	1.0 kB	15 kB	188.72.219.36
syndication.realsrv.com	9112	2019-02-07	2019-07-03	2024-05-03	756 B	640 B	95.211.229.245
amorphousankle.com	unknown	2024-04-29	2024-04-30	2024-05-02	3.5 kB	38 kB	192.243.61.227
fatalloved.com	unknown	2023-10-13	2023-10-13	2024-02-14	468 B	18 kB	192.243.59.13
a.magsrv.com	unknown	2023-08-01	2023-08-04	2024-05-03	8.1 kB	219 kB	185.76.9.26
3fb4026cec.ffbd26c481.com	unknown	unknown	No data	No data	837 B	320 B	45.133.44.53
mcpuwpsh.com	unknown	2022-08-12	2022-08-12	2024-05-02	491 B	2.6 kB	94.130.197.240
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-03	888 B	850 B	18.185.9.67
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-02	1.8 kB	8.4 kB	74.125.131.84
www.xmegadrive.com	856553	2020-02-17	2020-05-07	2024-02-14	24 kB	423 kB	5.61.55.75
coexistsafetyghost.com	unknown	2024-04-29	2024-04-30	2024-05-03	492 B	467 B	172.240.108.68
5d39fe7c75.2ac4fce9b8.com	unknown	unknown	No data	No data	8.1 kB	6.2 kB	94.130.198.6
nereserv.com	40015	2020-12-21	2020-12-21	2024-05-03	603 B	322 B	167.235.163.216
cdn.tsyndicate.com	16265	2017-03-08	2017-07-04	2024-05-03	408 B	3.9 kB	45.133.44.71
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-03	896 B	205 kB	45.133.44.10
static.bookmsg.com	47495	2020-09-15	2020-11-24	2024-05-03	2.2 kB	4.4 kB	45.133.44.24
da7b22a400.13199960a1.com	unknown	unknown	No data	No data	2.3 kB	777 kB	45.133.44.52
js.capndr.com	316718	2021-08-30	2021-08-30	2024-05-02	405 B	374 B	45.133.44.52
pxl.tsyndicate.com	14763	2017-03-08	2017-07-05	2024-05-04	1.5 kB	205 B	136.243.44.113
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2024-05-03	827 B	36 kB	45.133.44.52
acdn.tsyndicate.com	unknown	2017-03-08	2024-01-30	2024-05-02	460 B	6.5 kB	45.133.44.71
video.xmegadrive.com	unknown	2020-02-17	2022-12-18	2023-11-02	956 B	349 B	0.0.0.0
gobreadthpopcorn.com	unknown	2024-04-29	2024-04-30	2024-05-03	3.0 kB	11 kB	192.243.61.227
notification.tubecup.net	8210	2008-09-26	2019-08-30	2024-05-03	1.1 kB	2.1 kB	116.202.204.10
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2024-05-03	530 B	388 B	157.90.84.242
addresseepaper.com	18169	2021-11-01	2021-11-01	2024-02-26	402 B	244 B	3.64.163.50
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	413 B	29 kB	188.114.96.1
tsyndicate.com	13042	2017-03-08	2017-03-16	2024-05-03	828 B	8.1 kB	136.243.44.113
profitabledisplaynetwork.com	unknown	2023-03-02	2023-03-02	2024-02-14	896 B	25 kB	172.240.108.68
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-03	338 B	941 B	3.164.222.26
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2024-05-03	528 B	1.1 kB	104.21.30.242
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-03	1.5 kB	846 B	192.243.61.225
www.similarlength.pro	unknown	unknown	No data	No data	904 B	142 kB	67.216.89.41
a.realsrv.com	10080	2019-02-07	2019-07-03	2024-05-03	399 B	2.7 kB	185.76.9.24

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	profitabledisplaynetwork.com	Sinkholed
2024-05-04	medium	profitabledisplaynetwork.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	amorphousankle.com	Sinkholed
2024-05-04	medium	amorphousankle.com	Sinkholed
2024-05-04	medium	gobreadthpopcorn.com	Sinkholed
2024-05-04	medium	amorphousankle.com	Sinkholed
2024-05-04	medium	fatalloved.com	Sinkholed
2024-05-04	medium	coexistsafetyghost.com	Sinkholed
2024-05-04	medium	ffbd26c481.com	Sinkholed
2024-05-04	medium	addresseepaper.com	Sinkholed
2024-05-04	medium	unseenreport.com	Sinkholed
2024-05-04	medium	unseenreport.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	gobreadthpopcorn.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed
2024-05-04	medium	13199960a1.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (55)

	URL	Size	First Seen	Last Seen
	tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0	0 B	2023-03-07	2024-05-22
Pretty URL tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0 IP 136.243.44.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-22 18:15:53 Times Seen37978545 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	34 kB	2024-04-27	2024-05-22
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:51:21 Last Seen2024-05-22 14:13:34 Times Seen1304 Hash a069fdae233705c69db53cdddf953015 2dcfb71c08faa8c09be0196751a3b7f08afbb2e0 8358b4d2ef244f2c763073105b21a552b4589aafcf9b46e128820b35a34f7d9a Loading...

	a.magsrv.com/ad-provider.js	165 kB	2024-04-29	2024-05-13
Pretty URL a.magsrv.com/ad-provider.js IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-29 17:20:07 Last Seen2024-05-13 14:28:10 Times Seen336 Hash 23dca35363e4f4fbf7671ab6c7755f84 057432c37ba5cf65231392a9e07a565ef6689ece 8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	117 B	2024-05-04	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:25 Times Seen1 Hash 51b72f45fb1ae3085750b683e2cff1f0 4e880db020d95ea6fca99522adc4ab2f676ac882 7232faa62ec27597926a3a92ff72245b26208206209c0b344f2e96c3201855cc Loading...

	profitabledisplaynetwork.com/326b39096325433f5edf5ef14f22925d/invoke.js	31 kB	2024-05-04	2024-05-04
Pretty URL profitabledisplaynetwork.com/326b39096325433f5edf5ef14f22925d/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:26 Times Seen2 Hash d6051b157c51363b9eefbd492e54aa45 497b8a69b81e9d9a8a02de63e7b4ed81063b41eb 8e0ce2b8f8dbb60636ddf487fe5bb8b8d706280c590261aaa48b1b837df6dd30 Loading...

	fatalloved.com/api/posts?token=LzllL2ZkLzcyLzllZmQ3MmJmZDVjNTNjM2NmMjc1NjQ3ODI4MDIzZTBiLmpz	44 kB	2024-04-18	2024-05-04
Pretty URL fatalloved.com/api/posts?token=LzllL2ZkLzcyLzllZmQ3MmJmZDVjNTNjM2NmMjc1NjQ3ODI4MDIzZTBiLmpz IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 14:12:38 Last Seen2024-05-04 10:03:26 Times Seen4 Hash 52986f6fc740cdac06e43a0cc190ce48 25e07b8af526de5544c7819eca179aa96b4916d3 ab181b162a8610cf925aba5598ed84e3e7f30f7833a91884526c3a1cf1d4e777 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5282678	759 B	2024-04-18	2024-05-22
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5282678 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 10:04:25 Last Seen2024-05-22 09:15:20 Times Seen57 Hash dc4820d92f5cc936064eb747bf262033 fae22932d57431a393406a1a5ac5d5ff310698f2 ae9e96e2e50ce120fee535ad39cc4f8034d62b283d69d062986b3482562081c2 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	272 B	2023-03-10	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:32:56 Last Seen2024-05-04 10:03:25 Times Seen24 Hash d6e37cdd73cb47f5acb35296e122db5b d1abf015169fdf7db632fe8a0745b013eb1feb21 ca161892e6960ef6af34f5b5c1e2bc45143d3f6da0312fb6f8f3b9cc36eaddf2 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	6.4 kB	2023-03-10	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:32:56 Last Seen2024-05-04 10:03:25 Times Seen24 Hash 4cf57903391ec39159dd3ea72195e409 23a32435ff15dc4ed4a50044ec3bccdee6287c37 10144e9b9b0968d6f72f5569ef00e709b8da6bc4aba6f4d3cba9d6129c22e928 Loading...

	da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js	97 kB	2024-04-18	2024-05-07
Pretty URL da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:57:28 Last Seen2024-05-07 05:08:18 Times Seen497 Hash 78b4de711a43c2a7b7e06da3d25cc4ab a5fdc5739214b95d24fffd2600ee204eb75db415 97a18ee59823abe90c1e22b83e292d5ac33da2cdb3555372abd7a7f9989c1ea2 Loading...

	da7b22a400.13199960a1.com/9ce5c366c56b3eb801b7fc5bb76cb452.js	470 kB	2024-04-19	2024-05-12
Pretty URL da7b22a400.13199960a1.com/9ce5c366c56b3eb801b7fc5bb76cb452.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 15:52:52 Last Seen2024-05-12 12:48:12 Times Seen46 Hash cacb84104ff1b8352e0ee8c801a29ef4 393c74e933ff2a417ca50df17347793a36c86055 0099579c122343453ad3823291a11281d87678f071717020be17fec25ff03b77 Loading...

	glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F	42 kB	2024-05-04	2024-05-04
Pretty URL glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F IP 188.72.219.36 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:26 Times Seen2 Hash 7ceb3d90948e3fc386d9d5fb712d51d1 66a22e3204626afd4954b51db3f925c5198be507 5a7ad960542ccdd0bba5decd36ddcf60aaba2129025b9d7f0b72d4b4e31e5fa8 Loading...

	a.realsrv.com/ads.js	1.9 kB	2023-05-05	2024-05-20
Pretty URL a.realsrv.com/ads.js IP 185.76.9.24 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 08:28:38 Last Seen2024-05-20 13:02:27 Times Seen233 Hash 1b730d72f9ff67fc6e088ad0ff71528e 502a7c8276f014085d4080e07fe315615f7e5c36 3104c9f1aa179b0273b6fd96a0c3124f02179473f817130a59c5b24986ec9602 Loading...

	js.capndr.com/advertising.js	0 B	2023-03-07	2024-05-22
Pretty URL js.capndr.com/advertising.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-22 18:15:53 Times Seen37978545 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	3.8 kB	2023-10-24	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-24 23:05:56 Last Seen2024-05-04 10:03:25 Times Seen11 Hash b33ac6652da92971ed60b3157477b137 a4fcfb6394a60b410c90b31aea617995537c3ba4 f3cc7d6a0e850f92eb3a0aa11c8a91d7b31ec8f870a176dd31aa1d803a41613e Loading...

	www.xmegadrive.com/player/kt_player.js?v=0.13.15	169 kB	2023-07-16	2024-05-19
Pretty URL www.xmegadrive.com/player/kt_player.js?v=0.13.15 IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-16 19:43:10 Last Seen2024-05-19 08:51:02 Times Seen256 Hash cb879d10184e6382683f0ab3d996cfe1 bee93bab8d60fdcec37923bb90e0760dccdbc76f 4069813f63790aaaebd745de2f86b7507be7b27a6c8990c539cdf1d758569b8f Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	61 B	2023-03-07	2024-05-18
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:40 Last Seen2024-05-18 19:14:49 Times Seen77 Hash d5fbd3092a1f709899e667ac4cb02770 35fa25ffa7ab4ff559b3ad6e18e3345e1ae9c87f cddf61135274b75d8054beda9a597491c09e77d3c295aa581afc701260885dfc Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	347 B	2023-03-29	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 20:59:12 Last Seen2024-05-04 10:03:25 Times Seen12 Hash ce6e3888ee26e1b57b6edf39a823df7c 8c826f0aa0875ac01566d1e9bbd292d61473ce7d 87100380936f5cda7c32d39a71d1558bda3b30f8a6ae5904275e0a0b30d7471b Loading...

	unknown	196 B	2024-01-07	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-07 00:33:25 Last Seen2024-05-04 10:03:25 Times Seen3 Hash 05b5b096f23cea5bb70074f3055c28c4 96aa518378e2884b8d21b52a0cb1c7a21b94c745 f3e1ea0c51ac487486193301d2e4de488b74ac79d6d27002b399659edf11d458 Loading...

	unknown	145 B	2023-03-10	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:32:56 Last Seen2024-05-04 10:03:25 Times Seen12 Hash 6ec9be26e562d1b10c9d51ec96eb24bd 0595ad45ec32966ab8456e0fa74355e8bffa2e8d 7a775f9ac089f634b56dcdfd6a6cacdceccaeed4e14ff69595459b037a6b8937 Loading...

	unknown	145 B	2023-03-10	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:32:56 Last Seen2024-05-04 10:03:25 Times Seen5 Hash 63e436e89d3e02fe33d8a2e4525e5ff2 96414bdbbb79fc2567ed45ca939e78e93a206392 088af36161a87f7df92d6209de83ddd965ab136214e24ca1a25bc2aacda79342 Loading...

	da7b22a400.13199960a1.com/19d44b098ab6aa7dfec36de417c310f1.js	168 kB	2024-04-27	2024-05-13
Pretty URL da7b22a400.13199960a1.com/19d44b098ab6aa7dfec36de417c310f1.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:40:27 Last Seen2024-05-13 09:50:11 Times Seen47 Hash cf49249e73efabedaf345f1fc2937285 5ef768ef2b81110762fcf31b5846daf3b56ab70c 75791ea71263cfaa3d74ece2b2a552c503ab39091bdcaccfda2d6f69fe77a7b9 Loading...

	js.wpshsdk.com/extention/build.m.js	20 kB	2023-03-07	2024-05-04
Pretty URL js.wpshsdk.com/extention/build.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:18 Last Seen2024-05-04 10:03:27 Times Seen73 Hash 3e7592609ad6832acdf316d2a331f51e 6cd418dacff53ad51e926d2f51bc95b45dc5fe91 555d5195d9e6b6bbd648eccc1ec41fd5f018484a0ef5ef5c8f27753372f22942 Loading...

	unknown	196 B	2023-11-28	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 08:37:56 Last Seen2024-05-04 10:03:25 Times Seen6 Hash c4862fc37503874cfc01d97e0ed453ae d591be4b860b890be7be7b228bac6ba177a60050 17d6220622e1b58558af5316b843cd4d2efcb30dde7b26285db9fec3d3cc38d7 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5282682	759 B	2024-04-18	2024-05-21
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5282682 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 10:04:25 Last Seen2024-05-21 06:45:45 Times Seen51 Hash 05dbe7849e48cd15febfbbf08a49f5a6 d86c3daa3b49d753e0af82c6d2f4c72dc168422e 48f2556ce57cff37d60b72b7d43be0ce09f95a2dabbe580ae1a9fe2fcabdfcf6 Loading...

	da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js	109 kB	2024-04-24	2024-05-07
Pretty URL da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:00:34 Last Seen2024-05-07 11:41:50 Times Seen663 Hash 41230c1446cb19310867b6c3e10f8bec f600745dccd0143bbd1d83d44bd776c74f69866b 713bc0015ac5ef37f48ad9f49aa4521912b705cf01bf19409f98235b28d41dfe Loading...

	unknown	3.8 kB	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:25 Times Seen1 Hash d94e5b8cdaab0ea1b6de71dfb0a8cc86 8e90f457dc0908ac140c931abd30b1549adb6cc5 eaf8308df3bed1ed0f2f838eecf44e9900dc44dcf2e254626e6f524806269c72 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5282680	759 B	2024-04-18	2024-05-21
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5282680 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 10:04:25 Last Seen2024-05-21 06:45:45 Times Seen50 Hash aa2e51afb563ba9347d16f51ba3999b2 ef1e450f033a680390fad1effb6455508d52bc6d 135ea42b7bbac359c021345ff03a347c6f0f96f6d855c8dc05fd7b0120256777 Loading...

	profitabledisplaynetwork.com/d3a76329693053849cf13b643f4feb0e/invoke.js	31 kB	2024-05-04	2024-05-04
Pretty URL profitabledisplaynetwork.com/d3a76329693053849cf13b643f4feb0e/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:26 Times Seen2 Hash 2ad5815cd4d72521b917c16fc407f311 77e76422da047188f75b3c992906369893f0a93c edee2a908d468646e738a1082a9071ae9718d3fea508d734156e20a1082b1cf6 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	3.3 kB	2024-05-04	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:25 Times Seen1 Hash ef12880d74e95d18d19ea3844a00956a cf0a15a4a35270266f0d3d47d5415af1b93c86cb 85c20bcbe6235b2d0d3404808db743806bd850e2621e62d00fc9441433045e60 Loading...

	acdn.tsyndicate.com/sdk/v1/b.b.js	6.1 kB	2024-04-21	2024-05-22
Pretty URL acdn.tsyndicate.com/sdk/v1/b.b.js IP 45.133.44.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 10:03:00 Last Seen2024-05-22 09:15:21 Times Seen430 Hash d42c27f2f4d3b1e907fb19769fbb487e 48378f62ba9bb1bfc4adf74adf8e8ca5d33d05ae 10aa5af82d490e9beb3b1b4884132c8dc748cb4f09cf9573f2865b4c7afc5e83 Loading...

	storage.multstorage.com/log/count.html	718 B	2023-09-18	2024-05-22
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-18 17:19:52 Last Seen2024-05-22 17:13:17 Times Seen5741 Hash 1f697a0f2411e463adbc1211493fe5a6 93c154152bda427938543b8efbd8d3b594abbac7 08a5735f5232b651af89f552e8d0fb7b21d6605fba48f335318699d80d12703e Loading...

	www.xmegadrive.com/static/js/main.min.js?v=8.7	209 kB	2023-03-12	2024-05-04
Pretty URL www.xmegadrive.com/static/js/main.min.js?v=8.7 IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:18:05 Last Seen2024-05-04 10:03:26 Times Seen46 Hash 440fab27c2b1df45e3f25e7c12cdc3ab 485882c57487c2f8ff3bb55d07e35688250b87de dca38d866645194652a31eafad21205f6024a454fe96d5f4085e20200623ce1f Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	a.magsrv.com/build-iframe-js-url.js?idzone=5282684	759 B	2024-04-18	2024-05-08
Pretty URL a.magsrv.com/build-iframe-js-url.js?idzone=5282684 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 10:04:24 Last Seen2024-05-08 09:18:47 Times Seen10 Hash 7c70ef857567cc84bd1ebd74fba51262 48eccd8d4f35b55d5ce9cd50abb69e128a2b6152 4916bc8cf98a010eae84b6de5d4874fe579bad7c70ca961ce3f76f9a031c5b41 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	346 B	2023-07-07	2024-05-04
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-07 16:31:27 Last Seen2024-05-04 10:03:25 Times Seen5 Hash bde106f9cca4bfc2ad010274493b915d 22e139e4410660f5cced67d8757fc5662b4ce7d6 ef38948f7764a147f4f11ad1ba7be6a67f738cf57075457b24097e6f365cc546 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	85 B	2023-03-07	2024-05-18
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:21:36 Last Seen2024-05-18 19:14:49 Times Seen48 Hash 26a2e3c7b22f772984f1343aaaa09c8b a7bf76f9adb28b67ec8c3adb083f6cf012a5deca ec3f8eff77da0bda274e0d164c6ce519097633cf61d08117bb255c700d81d23b Loading...

	a.magsrv.com/iframe.js?idzone=5282678&size=300x250&sub=10159	2.3 kB	2024-04-18	2024-05-04
Pretty URL a.magsrv.com/iframe.js?idzone=5282678&size=300x250&sub=10159 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 14:12:38 Last Seen2024-05-04 10:03:25 Times Seen2 Hash 9b5f59c4a70a5b011a350543f84ffc6e fb8bfc677080e59abbeea4b736270d12ee55b7b5 5b1c3394af6d673896d0fc8c9427594bb898746464865269635259ffbe0ea9ef Loading...

	a.magsrv.com/iframe.js?idzone=5282684&size=300x250&sub=10159	2.3 kB	2024-05-04	2024-05-04
Pretty URL a.magsrv.com/iframe.js?idzone=5282684&size=300x250&sub=10159 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:25 Times Seen1 Hash fd17a7e6aaef4ff85abaf1a034215993 f01e2b902d5e6bffedb8b0484997062a9ca2c8a2 89bb733384c7b421cdc11eefcb59ea02fcaee7b4d760e172b9b4f7a0d473db2a Loading...

	amorphousankle.com/22/07/4d/22074dd9528da2017ba0af2c5fbb65c8.js	84 kB	2024-05-04	2024-05-04
Pretty URL amorphousankle.com/22/07/4d/22074dd9528da2017ba0af2c5fbb65c8.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:25 Last Seen2024-05-04 10:03:26 Times Seen2 Hash 1a17bb6fd2b1e36c0b9690d7e9737da4 ea4ae9ed2300248af223fbb1124aad3c7a37ce15 aea133244d818ddf5ca9532a4d306591069cbc04b4843083a6a10ef3544aa7d6 Loading...

	unknown	3.8 kB	2024-05-04	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash 6ca369b6456ccd0300e3470b5f4e00d9 886c2656eece95208a15ace0407df53f08145c79 af65f1145ff9c4e026eb9aebfcf18c2a16a78de93a5637fffc10d68e71492cb5 Loading...

	www.similarlength.pro/ecc874/795b9af97abd.js	70 kB	2024-05-02	2024-05-05
Pretty URL www.similarlength.pro/ecc874/795b9af97abd.js IP 67.216.89.41 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:02:37 Last Seen2024-05-05 15:20:27 Times Seen73 Hash 8fa75dc9276bf4184fc6d184bcdfd39e c12bc6389248c6a34744619ceb96934339b7214c 5bd880f8beb58d07106966fdb15a6c6a75ccba0d7adf92c47501077b10772461 Loading...

	cdn.tsyndicate.com/sdk/v1/bi.js	6.7 kB	2024-04-24	2024-05-22
Pretty URL cdn.tsyndicate.com/sdk/v1/bi.js IP 45.133.44.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 05:41:06 Last Seen2024-05-22 09:56:47 Times Seen248 Hash ba1b0b35911f58d4dfd8f3d35bd1b1a7 b2fc4e5a173d9e6ee516698df351b1ea97e3245d 78bf097359fd655d59cd543b97785a2001aa257fe01265dc5341dad549ece9e1 Loading...

	pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQyEFjDI4xNMK0sCGmjI0WNMzkgNEiR44xMVrgIAPDDAwyZGjUKDMmjIiHY9ikoRiD48MwdcZkHDMDhxgbZMyYaZlDBg6UMcTIkDmDaQsxYlzCCCMjR8SOP0WISUMmY40ZNmDQwJHWoB2KMGq8xfEQTh0xFHPUuMEXIhw4eBvmeDgHzkQdcHHEuDFDxtGoFB-2cYORYeUYkvtu7myjBo2KIurEyIiGDh04c3S8eCHGzQwXdOSEMXOmDB0XY960eWGQTJwwLuCggfNjzl-2PWLAUJyWjPCMd7K7wNOmzBmDctLYKQP8OtAwj7fU6NJXjlKGLmKUaQHDxkMxZhbCcAFjOlA4bXwBh3v68dcfDjI4JIIcdiCmQ4IP8QRggf3FgFoddQylgwg32GBDGCDKQAN9ObFEQxkwiNFCGGKMsdUYY9QAGhk2nEZGGDOklYaDIuQQgwsruUCDDPGZlpYcX-yYkY9A7jdkkTSkVYdPGzbxhh5psMFGGC_UwB8IKGBh4Q4gMJGGG3XgAQIeONjwRY1kMqhDDjbwlwIIR_C0xhsvyDBdhdOBYEQacpRhxht4vEAnf2nBmJETT6T1BpKObghpWmy8J0IRTlRXhh1fFMoGRYMRFll_D8lxhhsLJYjDDQ8dBKoYciyEQ2GyftHGG2092CZqZMjxxkIzPPSGQg-2h2geCylYaH4btvZabLNld8d23X0XrHjkBTdcWndkFINVMKSFhrgwiJjWHAxmJCwd6E3aQh1upEFHC9K5QIYMkrJ7F2Q03CBdhzLcQEOsmh70xb5p0dEGRQLPBUMON9wAg0Vt8MtQxDhMXLFcRkFERqhlNPYFehDHIDHFFkcIahhsIEQHslvMQAN7EInxmAgHmYEUGxP1lal-QHUGQx8KBAQ%3D&s=67960e8cc142abe59eb186a229959f0fa81619e440b6de5c48843fa9f6a59f231714809770&w=t&r=1&d=7&priv=true	24 B	2023-03-07	2024-05-22
Pretty URL pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQyEFjDI4xNMK0sCGmjI0WNMzkgNEiR44xMVrgIAPDDAwyZGjUKDMmjIiHY9ikoRiD48MwdcZkHDMDhxgbZMyYaZlDBg6UMcTIkDmDaQsxYlzCCCMjR8SOP0WISUMmY40ZNmDQwJHWoB2KMGq8xfEQTh0xFHPUuMEXIhw4eBvmeDgHzkQdcHHEuDFDxtGoFB-2cYORYeUYkvtu7myjBo2KIurEyIiGDh04c3S8eCHGzQwXdOSEMXOmDB0XY960eWGQTJwwLuCggfNjzl-2PWLAUJyWjPCMd7K7wNOmzBmDctLYKQP8OtAwj7fU6NJXjlKGLmKUaQHDxkMxZhbCcAFjOlA4bXwBh3v68dcfDjI4JIIcdiCmQ4IP8QRggf3FgFoddQylgwg32GBDGCDKQAN9ObFEQxkwiNFCGGKMsdUYY9QAGhk2nEZGGDOklYaDIuQQgwsruUCDDPGZlpYcX-yYkY9A7jdkkTSkVYdPGzbxhh5psMFGGC_UwB8IKGBh4Q4gMJGGG3XgAQIeONjwRY1kMqhDDjbwlwIIR_C0xhsvyDBdhdOBYEQacpRhxht4vEAnf2nBmJETT6T1BpKObghpWmy8J0IRTlRXhh1fFMoGRYMRFll_D8lxhhsLJYjDDQ8dBKoYciyEQ2GyftHGG2092CZqZMjxxkIzPPSGQg-2h2geCylYaH4btvZabLNld8d23X0XrHjkBTdcWndkFINVMKSFhrgwiJjWHAxmJCwd6E3aQh1upEFHC9K5QIYMkrJ7F2Q03CBdhzLcQEOsmh70xb5p0dEGRQLPBUMON9wAg0Vt8MtQxDhMXLFcRkFERqhlNPYFehDHIDHFFkcIahhsIEQHslvMQAN7EInxmAgHmYEUGxP1lal-QHUGQx8KBAQ%3D&s=67960e8cc142abe59eb186a229959f0fa81619e440b6de5c48843fa9f6a59f231714809770&w=t&r=1&d=7&priv=true IP 136.243.44.113 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-22 09:15:22 Times Seen12160 Hash 0959ba36d476b6dc1994ba3c678b07c4 d30b94da72daa02766965206a85b7e0356375f5e 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Loading...

	a.magsrv.com/iframe.js?idzone=5282682&size=300x250&sub=10159	2.3 kB	2024-05-04	2024-05-04
Pretty URL a.magsrv.com/iframe.js?idzone=5282682&size=300x250&sub=10159 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash fb803c1ffe4897f9734de02652625739 be242478e53f2254fc0f7bd23f40f1c544c0aa12 eb03905957e43e582779c80cd161fc9159e2c49bfa9f0f3109829dde8a1e4882 Loading...

	www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/	40 B	2023-03-07	2024-05-19
Pretty URL www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ IP 5.61.55.75 ASN #58061 Scalaxy B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:40 Last Seen2024-05-19 08:03:18 Times Seen546 Hash 9726e3d8d861859803382d10322b4dc8 f2a15c64ad34ec42ce86b56903ac2b85fd83516d 22d6f8f0e15e798abc9313fbca862ced0832b1dbba7d36f0e897eb3db3911790 Loading...

	a.magsrv.com/iframe.js?idzone=5282680&size=300x250&sub=10159	2.3 kB	2024-04-18	2024-05-04
Pretty URL a.magsrv.com/iframe.js?idzone=5282680&size=300x250&sub=10159 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 14:12:38 Last Seen2024-05-04 10:03:26 Times Seen2 Hash 2e42dd12be16fbbe571460a1df77aa57 472849290e4c2e1c82ed43862200af782aed6200 c16101cb4a8909ff10fb35fb8b41335eb2809d8f141714f5213ed33e12ee9c63 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b3eddb295ea8e2eebd5895ddf92a2163	2.1 kB	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash b3eddb295ea8e2eebd5895ddf92a2163 7cb17c23d2b628c649aa11b09b40dab0fc9a4d2a 05ae04e3c9f871515dd735b8e4abae36f1cb2dce19279285b22729c99609dcb5 Loading...

	#2 Eval - 27f57db15683f124ee3a07da5816ef53	2.1 kB	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash 27f57db15683f124ee3a07da5816ef53 486f5f1bc43c15907d2b2d5d3178467b58e7f64c 4159a78ce8eb495573d154b94492fcd12fd6a07a6997238d6f8cfc32733f7d9c Loading...

		Size	First Seen	Last Seen
	#1 Write - 962bd302ce761c8ac4deea9433d7c69e	126 B	2023-07-07	2024-05-04
Pretty Observations First Seen2023-07-07 16:31:27 Last Seen2024-05-04 10:03:26 Times Seen5 Hash 962bd302ce761c8ac4deea9433d7c69e bd76196aed2a7205ebc5b09380749c31a3f50089 dea4a8e65bc0b9ee753b4e9769117c74b04d2ac3843610e03dcd64a00ce73bd5 Loading...

	#2 Write - 0ee7b026077fb99c60518369d44e29b4	209 B	2024-04-18	2024-05-04
Pretty Observations First Seen2024-04-18 14:12:38 Last Seen2024-05-04 10:03:26 Times Seen2 Hash 0ee7b026077fb99c60518369d44e29b4 a5bd996b17ffec6d44abe59eac82d419ee46864e 6c1c30c090db93ea157f2ce5cdae6abf3c3327c676c57ef1068d6c285fee0ff7 Loading...

	#3 Write - 34556efed55135896241b292c86870d0	209 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash 34556efed55135896241b292c86870d0 7bea245b56f422992d53176830867a2103dca87b 0cb3a9abc0ebefa2f5b036fbb5554f1b5a7167901b39bb66e5fecd69642e0bf0 Loading...

	#4 Write - eedec55ff0172890b316f8fe15d9cc34	209 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash eedec55ff0172890b316f8fe15d9cc34 5c2b09befa25d283914cc686b1cdc7a848a66264 ac7fe90ee86a6fb327f4fbba3f9ef90bfae52f01d4bf32cea04e5d4d6c7bce6a Loading...

	#5 Write - 78707aba30c2292d7c7dd80df09d9e5c	126 B	2023-07-07	2024-05-04
Pretty Observations First Seen2023-07-07 16:31:27 Last Seen2024-05-04 10:03:26 Times Seen10 Hash 78707aba30c2292d7c7dd80df09d9e5c 4840c270853eac6f1debd3c3f083056b0e9ea56b f460f5eecc6bd5cbf26cec39e683600109bc66d9be14500aae2d8001ceed1c13 Loading...

	#6 Write - d1304fc4c55b3101eb9133f5cf57fa78	540 B	2024-05-04	2024-05-04
Pretty Observations First Seen2024-05-04 10:03:26 Last Seen2024-05-04 10:03:26 Times Seen1 Hash d1304fc4c55b3101eb9133f5cf57fa78 26c7b1da20d64d492d1771916ab071d9f76a0b1b 7153a71c054fc8f6cf8010c0981aaa9e57c898f274d3023c59ec0be0afd7e79c Loading...

HTTP Transactions (99)

URL IP Response Size

www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/

5.61.55.75

200 OK

12 kB

URL User Request GET HTTP/1.1
www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6441)
Size
12 kB (11492 bytes)
Hash
6dc672c3566c28e68c95b58a42f36b85
bae0dbc718c525a2a53dcef4872dded49a468996
eba6aefafb0178f71ca654ec6329505a804b33d9e4b884ff36a8c49981cec283

HTTP Headers

GET /videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; path=/; samesite=None; Secure; domain=.xmegadrive.com
kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; expires=Sun, 05-May-2024 08:02:48 GMT; Max-Age=86400; path=/; samesite=None; Secure; domain=.xmegadrive.com
kt_ips=91.90.42.154; expires=Sun, 05-May-2024 08:02:48 GMT; Max-Age=86400; path=/; samesite=None; Secure; domain=.xmegadrive.com
kt_vast_511662=94a15829137354224a360b0de8631872; expires=Sun, 05-May-2024 08:02:48 GMT; Max-Age=86400; path=/; samesite=None; Secure; domain=.xmegadrive.com
kt_vast_511662=94a15829137354224a360b0de8631872; expires=Sun, 05-May-2024 08:02:48 GMT; Max-Age=86400; path=/; samesite=None; Secure; domain=.xmegadrive.com
Content-Encoding: gzip

www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5

5.61.55.75

200 OK

23 kB

URL GET HTTP/1.1
www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
ASCII text, with very long lines (15274), with CRLF line terminators
Size
23 kB (22763 bytes)
Hash
17a794050596bfd735b36f297c51f5d2
ec5f491a7dabfa8ad1a917a9ffd9e37d330fa1ce
c40c7878c05ba3283b84fafcd793de6d3b2c786ec2b2191a3ceb0bb56647c8d3

HTTP Headers

GET /static/styles/all-responsive-white.css?v=7.5 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:48 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"639db81a-27b1f"
Expires: Sun, 05 May 2024 08:02:48 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

www.xmegadrive.com/static/styles/jquery.fancybox-white.css?v=7.5

5.61.55.75

200 OK

1.5 kB

URL GET HTTP/1.1
www.xmegadrive.com/static/styles/jquery.fancybox-white.css?v=7.5
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1497 bytes)
Hash
b950cbda5ae14baf3ced714102af5927
120b575ab74a00eeaf053b376343baea4107da78
7c2d66cf9c0890fb658c33803d422bed108a5437e9a7491a265efdfb3da1caaa

HTTP Headers

GET /static/styles/jquery.fancybox-white.css?v=7.5 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"639db81a-14e6"
Expires: Sun, 05 May 2024 08:02:49 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

www.xmegadrive.com/static/images/logo.png

5.61.55.75

200 OK

2.6 kB

URL GET HTTP/1.1
www.xmegadrive.com/static/images/logo.png
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
PNG image data, 181 x 42, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2627 bytes)
Hash
b3f6a0588dac83d6f9de55ffafe04e35
13f95ed9dbd19451c67f07a1348d907f1a943068
1af423c9de695ef23202ceac079afb1ac6bb23cad3739e40ad18e2ef221563d7

HTTP Headers

GET /static/images/logo.png HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: image/png
Content-Length: 2627
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "639db81a-a43"
Expires: Sun, 05 May 2024 08:02:49 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/player/kt_player.js?v=0.13.15

5.61.55.75

200 OK

60 kB

URL GET HTTP/1.1
www.xmegadrive.com/player/kt_player.js?v=0.13.15
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JavaScript source, ASCII text, with very long lines (33677)
Size
60 kB (60456 bytes)
Hash
cb879d10184e6382683f0ab3d996cfe1
bee93bab8d60fdcec37923bb90e0760dccdbc76f
4069813f63790aaaebd745de2f86b7507be7b27a6c8990c539cdf1d758569b8f

HTTP Headers

GET /player/kt_player.js?v=0.13.15 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Nov 2023 10:33:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"6542298c-29310"
Expires: Sun, 05 May 2024 08:02:49 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

www.xmegadrive.com/static/js/main.min.js?v=8.7

5.61.55.75

200 OK

69 kB

URL GET HTTP/1.1
www.xmegadrive.com/static/js/main.min.js?v=8.7
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
69 kB (68886 bytes)
Hash
440fab27c2b1df45e3f25e7c12cdc3ab
485882c57487c2f8ff3bb55d07e35688250b87de
dca38d866645194652a31eafad21205f6024a454fe96d5f4085e20200623ce1f

HTTP Headers

GET /static/js/main.min.js?v=8.7 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Dec 2022 14:23:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"63ada2e0-3313f"
Expires: Sun, 05 May 2024 08:02:49 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

www.xmegadrive.com/static/images/search.svg

5.61.55.75

200 OK

663 B

URL GET HTTP/1.1
www.xmegadrive.com/static/images/search.svg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
SVG Scalable Vector Graphics image
Size
663 B (663 bytes)
Hash
c62651bf2decf3a3382df574746a9ffc
800ec9e07fad5adc7b880479cace8af702f59c18
69d77c01823b80be5ef5e5ac9a74cf0fcd2ebfe33f70be009e3ed22393c39899

HTTP Headers

GET /static/images/search.svg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: image/svg+xml
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"639db81a-c43"
Expires: Sun, 05 May 2024 08:02:49 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

www.xmegadrive.com/static/images/fonts/icomoon.ttf?nddhpi

5.61.55.75

200 OK

9.6 kB

URL GET HTTP/1.1
www.xmegadrive.com/static/images/fonts/icomoon.ttf?nddhpi
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon
Size
9.6 kB (9568 bytes)
Hash
21263355cf739547055f2da9fd6759bd
762384d3af0de2d2bd630855b3f388326038ba92
2674595ece6d29bba3197719873b35d8e2893e9eb3a0271bad0ea717e9b3d405

HTTP Headers

GET /static/images/fonts/icomoon.ttf?nddhpi HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: application/font-sfnt
Content-Length: 9568
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
ETag: "2560-5f0055a6f9475"
Accept-Ranges: bytes

glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F

188.72.219.36

200 OK

14 kB

URL GET HTTP/2
glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F
IP
188.72.219.36:443
ASN
#35415 Webzilla B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectglochatuji.com
Fingerprint2A:B9:99:72:9E:7F:F3:A2:3B:22:DC:5E:DE:3F:DE:2D:21:E1:AA:7E
ValiditySun, 31 Mar 2024 02:51:57 GMT - Sat, 29 Jun 2024 02:51:56 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (21560)
Size
14 kB (13615 bytes)
Hash
7ceb3d90948e3fc386d9d5fb712d51d1
66a22e3204626afd4954b51db3f925c5198be507
5a7ad960542ccdd0bba5decd36ddcf60aaba2129025b9d7f0b72d4b4e31e5fa8

HTTP Headers

GET /cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F HTTP/1.1
Host: glochatuji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:02:49 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
last-modified: Sat, 04 May 2024 08:02:49 GMT
access-control-allow-origin: *
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE3MTQ4MDIyMDYsInpvbmVzIjp7IjQxNTM3OTYiOls0MTUzNzk2LDEsMTcxNDgwOTc2OV0sIjQxNjAxMjIiOls0MTYwMTIyLDEsMTcxNDc3MjE1M10sIjQyNDUyODEiOls0MjQ1MjgxLDEsMTcxNDc1NTMzMV0sIjQyNTg5NTIiOls0MjU4OTUyLDEsMTcxNDgwOTMyMF0sIjQ0MzM2NTUiOls0NDMzNjU1LDEsMTcxNDgwMjIwNl0sIjQ0MzM3OTciOls0NDMzNzk3LDEsMTcxNDczNDQwOV0sIjUyNzMxMDgiOls1MjczMTA4LDMsMTcxNDgwMzg5Ml0sIjUzMTYxNTkiOls1MzE2MTU5LDEsMTcxNDc5Mzg2N10sIjUzMzQxOTMiOls1MzM0MTkzLDEsMTcxNDc1ODkyMF0sIjc0NzQ4OSI6Wzc0NzQ4OSwxLDE3MTQ4MDI1NDldfX0=; max-age=1746345769; path=/
uniqCookie=4b06bef8c75eb0c0d8e53382133dec8c; max-age=1717401769; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

profitabledisplaynetwork.com/d3a76329693053849cf13b643f4feb0e/invoke.js

172.240.108.68

200 OK

12 kB

URL GET HTTP/1.1
profitabledisplaynetwork.com/d3a76329693053849cf13b643f4feb0e/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint8F:47:33:99:BF:30:29:18:E9:7E:40:A2:85:A2:BD:C7:E6:5E:B6:50
ValidityFri, 26 Apr 2024 08:00:19 GMT - Thu, 25 Jul 2024 08:00:18 GMT

File type
JavaScript source, ASCII text, with very long lines (31294), with no line terminators
Size
12 kB (11837 bytes)
Hash
2ad5815cd4d72521b917c16fc407f311
77e76422da047188f75b3c992906369893f0a93c
edee2a908d468646e738a1082a9071ae9718d3fea508d734156e20a1082b1cf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /d3a76329693053849cf13b643f4feb0e/invoke.js HTTP/1.1
Host: profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b7e691a07ddffbc69ae1f9fcbadca08
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.xmegadrive.com/player/skin/youtube.css

5.61.55.75

200 OK

4.9 kB

URL GET HTTP/1.1
www.xmegadrive.com/player/skin/youtube.css
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
ASCII text
Size
4.9 kB (4874 bytes)
Hash
1cca0f4ded0ef0b2f8c9f2eca19a41b8
7ab8b011a9265fc9352161e4dee93a8ff1fd208b
8c41333349432a4d8ae7745b3dc50ba6194b7e416186d56e63f878f1bb3b259b

HTTP Headers

GET /player/skin/youtube.css HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Nov 2023 10:33:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"6542298d-79bd"
Expires: Sun, 05 May 2024 08:02:50 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

syndication.realsrv.com/ads-iframe-display.php?idzone=3753575&type=300x250&p=https%3A//www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/&dt=1714809770068&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22

95.211.229.245

200 OK

52 B

URL GET HTTP/1.1
syndication.realsrv.com/ads-iframe-display.php?idzone=3753575&type=300x250&p=https%3A//www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/&dt=1714809770068&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintD6:E9:CF:67:58:14:C0:E8:FF:A6:F9:E4:10:41:F9:BF:03:93:4D:1B
ValidityTue, 30 Apr 2024 07:54:23 GMT - Mon, 29 Jul 2024 07:54:22 GMT

File type
HTML document, ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
a07ce70af9ccb6eb59692e89cd414f99
dee7919cfc320f86f1722bbad04116f2f5678160
101d99d2d77d1822eb4ba5adc241d1f002c7841252b0fbbb175a1243d0452bf2

HTTP Headers

GET /ads-iframe-display.php?idzone=3753575&type=300x250&p=https%3A//www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/&dt=1714809770068&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebaa2abf90.555395472000848545%22%3B%7D; expires=Mon, 04 May 2026 08:02:50 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

3.164.222.26

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
3.164.222.26:0
ASN
#0

File type
data
Size
471 B (471 bytes)
Hash
353dbae1e1b45a750770ae51bef13ba7
465917a2a0bbb947e9727e7f08b584a82aa6fb81
9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 08:02:50 GMT
Last-Modified: Sat, 04 May 2024 07:50:10 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 aee4cdab0c79f3c4e94a27882c60be92.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: TtbofqWkEdxvsM8Vic5kr2k_Ly0STjSo-X6xdhm5MwBILt4_dHcUIw==
Age: 760

profitabledisplaynetwork.com/326b39096325433f5edf5ef14f22925d/invoke.js

172.240.108.68

200 OK

12 kB

URL GET HTTP/1.1
profitabledisplaynetwork.com/326b39096325433f5edf5ef14f22925d/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint8F:47:33:99:BF:30:29:18:E9:7E:40:A2:85:A2:BD:C7:E6:5E:B6:50
ValidityFri, 26 Apr 2024 08:00:19 GMT - Thu, 25 Jul 2024 08:00:18 GMT

File type
JavaScript source, ASCII text, with very long lines (31287), with no line terminators
Size
12 kB (11834 bytes)
Hash
d6051b157c51363b9eefbd492e54aa45
497b8a69b81e9d9a8a02de63e7b4ed81063b41eb
8e0ce2b8f8dbb60636ddf487fe5bb8b8d706280c590261aaa48b1b837df6dd30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /326b39096325433f5edf5ef14f22925d/invoke.js HTTP/1.1
Host: profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 334ef733e1b2136718005bae47e881e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
baf32748c69dfae6f50eef006cb249cb
66441c929bf0fb5855cd31d48b29c361140177dc
e6366557564e17cd33627315ebcb9939f75d7599f82fd5842e2a3ba83fb64a4a

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.xmegadrive.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e610fe86-2edc-41e7-b62c-eb9277c09863:2:1; expires=Tue, 02 May 2034 08:02:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0e9c4c2fcbbe160d87c854168869298d
1b54a5238907f03d3e68cac94dafe416629d46d8
852ed2c3381f8724e5032cd9e55573c4258acacbe16d150fc99bbdbeadd8fced

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.xmegadrive.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f81ad0dd-3425-4e7d-af9d-07901a7eb89e:2:1; expires=Tue, 02 May 2034 08:02:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.xmegadrive.com/static/images/kvs.svg

5.61.55.75

200 OK

314 B

URL GET HTTP/1.1
www.xmegadrive.com/static/images/kvs.svg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
HTML document, ASCII text
Size
314 B (314 bytes)
Hash
3b84ffa8ef43a9be58f42a41f8bf3bc6
db310cdc6cd38b8257f28203b2694305258fcbb6
ce516f3cc4770c939f74f9dcd74efc71960b22aed6fe880eab8281d90a9ad6df

HTTP Headers

GET /static/images/kvs.svg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: image/svg+xml
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"639db81a-1aa"
Expires: Sun, 05 May 2024 08:02:50 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

www.xmegadrive.com/player/skin/fonts/ktplayeryt.ttf?wqseia

5.61.55.75

200 OK

2.3 kB

URL GET HTTP/1.1
www.xmegadrive.com/player/skin/fonts/ktplayeryt.ttf?wqseia
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ktplayeryt
Size
2.3 kB (2264 bytes)
Hash
c89ca428be45c3c212c5658a05823a10
74916a018bea5b27c223f164e2355ddb78422b4f
bf86d8eb9277b69e2c6202ca711c3b19c64a2a9a8cf4ba7bc33bdecacfb8a0b2

HTTP Headers

GET /player/skin/fonts/ktplayeryt.ttf?wqseia HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/player/skin/youtube.css
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: application/font-sfnt
Content-Length: 2264
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 17 Dec 2022 12:37:46 GMT
ETag: "8d8-5f0055a6e92a4"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

www.xmegadrive.com/get_file/1/f34811750cf7a680b6e4f60c68c44e00fc2f36a9c9/210000/210105/210105.mp4/?rnd=1714809770371

5.61.55.75

200 OK

43 B

URL GET HTTP/1.1
www.xmegadrive.com/get_file/1/f34811750cf7a680b6e4f60c68c44e00fc2f36a9c9/210000/210105/210105.mp4/?rnd=1714809770371
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /get_file/1/f34811750cf7a680b6e4f60c68c44e00fc2f36a9c9/210000/210105/210105.mp4/?rnd=1714809770371 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33

www.xmegadrive.com/get_file/1/b881b545761d42c4aadd94adf2c7f9cf80ccd573cb/210000/210105/210105.mp4/?rnd=1714809770320

5.61.55.75

0 B

URL GET
www.xmegadrive.com/get_file/1/b881b545761d42c4aadd94adf2c7f9cf80ccd573cb/210000/210105/210105.mp4/?rnd=1714809770320
IP
5.61.55.75:0
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /get_file/1/b881b545761d42c4aadd94adf2c7f9cf80ccd573cb/210000/210105/210105.mp4/?rnd=1714809770320 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33
Location: https://video.xmegadrive.com/remote_control.php?time=1714809770&cv=ee68366ae9fee051398fb9ec537d6a75&lr=0&cv2=61bd15cf0705fe22727a8404da181c22&file=%2Fcontents%2Fvideos%2F210000%2F210105%2F210105.mp4&cv3=8bf7857f53f62e0d61688091c3a3b8b1&cv4=67debce2be6c1ac960c720323dfdf1e2

www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/?video_id=210105&mode=async&action=js_stats&rand=1714809770421

5.61.55.75

200 OK

43 B

URL GET HTTP/1.1
www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/?video_id=210105&mode=async&action=js_stats&rand=1714809770421
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/?video_id=210105&mode=async&action=js_stats&rand=1714809770421 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33
X-Frame-Options: SAMEORIGIN
Set-Cookie: kt_is_visited=1; expires=Sun, 05-May-2024 08:02:50 GMT; Max-Age=86400; path=/; samesite=Lax; domain=.xmegadrive.com

www.xmegadrive.com/player/stats.php?embed=0&event=PlayerLoad,&rnd=1714809770440

5.61.55.75

200 OK

43 B

URL GET HTTP/1.1
www.xmegadrive.com/player/stats.php?embed=0&event=PlayerLoad,&rnd=1714809770440
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /player/stats.php?embed=0&event=PlayerLoad,&rnd=1714809770440 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33

www.xmegadrive.com/contents/videos_screenshots/210000/210105/preview_720p.mp4.jpg

5.61.55.75

200 OK

72 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/210000/210105/preview_720p.mp4.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1280x720, components 3
Size
72 kB (72408 bytes)
Hash
21a07ffbfd806e68597642b9a3b5b0d8
9f5b9b5c286ee66448d03dfb628458b6a193e935
72b61c6d4b487cee05780d54d56327e16a06938fb04b4507eb3b0812b1032c17

HTTP Headers

GET /contents/videos_screenshots/210000/210105/preview_720p.mp4.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: image/jpeg
Content-Length: 72408
Last-Modified: Tue, 28 Nov 2023 17:27:05 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "656622e9-11ad8"
Expires: Sun, 05 May 2024 08:02:50 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js

45.133.44.52

200 OK

36 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/0ae085698cad0960a86703ca969164ab.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type
gzip compressed data, from Unix
Size
36 kB (36166 bytes)
Hash
4180fd9c726aff00f060e094f8b98600
e9cbc33b4c1c6136b873b00d1c8135383281bbce
4e890d77116fa60346f20a4da3de97fc5795159df4b6ef8438bceb880d5f264c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /0ae085698cad0960a86703ca969164ab.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Sat, 04 May 2024 08:07:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.52

200 OK

0 B

URL GET HTTP/2
js.capndr.com/advertising.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06
ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 04 May 2024 08:07:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQyEFjDI4xNMK0sCGmjI0WNMzkgNEiR44xMVrgIAPDDAwyZGjUKDMmjIiHY9ikoRiD48MwdcZkHDMDhxgbZMyYaZlDBg6UMcTIkDmDaQsxYlzCCCMjR8SOP0WISUMmY40ZNmDQwJHWoB2KMGq8xfEQTh0xFHPUuMEXIhw4eBvmeDgHzkQdcHHEuDFDxtGoFB-2cYORYeUYkvtu7myjBo2KIurEyIiGDh04c3S8eCHGzQwXdOSEMXOmDB0XY960eWGQTJwwLuCggfNjzl-2PWLAUJyWjPCMd7K7wNOmzBmDctLYKQP8OtAwj7fU6NJXjlKGLmKUaQHDxkMxZhbCcAFjOlA4bXwBh3v68dcfDjI4JIIcdiCmQ4IP8QRggf3FgFoddQylgwg32GBDGCDKQAN9ObFEQxkwiNFCGGKMsdUYY9QAGhk2nEZGGDOklYaDIuQQgwsruUCDDPGZlpYcX-yYkY9A7jdkkTSkVYdPGzbxhh5psMFGGC_UwB8IKGBh4Q4gMJGGG3XgAQIeONjwRY1kMqhDDjbwlwIIR_C0xhsvyDBdhdOBYEQacpRhxht4vEAnf2nBmJETT6T1BpKObghpWmy8J0IRTlRXhh1fFMoGRYMRFll_D8lxhhsLJYjDDQ8dBKoYciyEQ2GyftHGG2092CZqZMjxxkIzPPSGQg-2h2geCylYaH4btvZabLNld8d23X0XrHjkBTdcWndkFINVMKSFhrgwiJjWHAxmJCwd6E3aQh1upEFHC9K5QIYMkrJ7F2Q03CBdhzLcQEOsmh70xb5p0dEGRQLPBUMON9wAg0Vt8MtQxDhMXLFcRkFERqhlNPYFehDHIDHFFkcIahhsIEQHslvMQAN7EInxmAgHmYEUGxP1lal-QHUGQx8KBAQ%3D&s=67960e8cc142abe59eb186a229959f0fa81619e440b6de5c48843fa9f6a59f231714809770&w=t&r=1&d=7&priv=true

136.243.44.113

200 OK

24 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQyEFjDI4xNMK0sCGmjI0WNMzkgNEiR44xMVrgIAPDDAwyZGjUKDMmjIiHY9ikoRiD48MwdcZkHDMDhxgbZMyYaZlDBg6UMcTIkDmDaQsxYlzCCCMjR8SOP0WISUMmY40ZNmDQwJHWoB2KMGq8xfEQTh0xFHPUuMEXIhw4eBvmeDgHzkQdcHHEuDFDxtGoFB-2cYORYeUYkvtu7myjBo2KIurEyIiGDh04c3S8eCHGzQwXdOSEMXOmDB0XY960eWGQTJwwLuCggfNjzl-2PWLAUJyWjPCMd7K7wNOmzBmDctLYKQP8OtAwj7fU6NJXjlKGLmKUaQHDxkMxZhbCcAFjOlA4bXwBh3v68dcfDjI4JIIcdiCmQ4IP8QRggf3FgFoddQylgwg32GBDGCDKQAN9ObFEQxkwiNFCGGKMsdUYY9QAGhk2nEZGGDOklYaDIuQQgwsruUCDDPGZlpYcX-yYkY9A7jdkkTSkVYdPGzbxhh5psMFGGC_UwB8IKGBh4Q4gMJGGG3XgAQIeONjwRY1kMqhDDjbwlwIIR_C0xhsvyDBdhdOBYEQacpRhxht4vEAnf2nBmJETT6T1BpKObghpWmy8J0IRTlRXhh1fFMoGRYMRFll_D8lxhhsLJYjDDQ8dBKoYciyEQ2GyftHGG2092CZqZMjxxkIzPPSGQg-2h2geCylYaH4btvZabLNld8d23X0XrHjkBTdcWndkFINVMKSFhrgwiJjWHAxmJCwd6E3aQh1upEFHC9K5QIYMkrJ7F2Q03CBdhzLcQEOsmh70xb5p0dEGRQLPBUMON9wAg0Vt8MtQxDhMXLFcRkFERqhlNPYFehDHIDHFFkcIahhsIEQHslvMQAN7EInxmAgHmYEUGxP1lal-QHUGQx8KBAQ%3D&s=67960e8cc142abe59eb186a229959f0fa81619e440b6de5c48843fa9f6a59f231714809770&w=t&r=1&d=7&priv=true
IP
136.243.44.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF5:9F:1F:89:8F:08:CD:46:43:4B:55:0A:42:66:52:21:16:57:43:31
ValidityFri, 12 Apr 2024 09:06:37 GMT - Thu, 11 Jul 2024 09:06:36 GMT

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a

HTTP Headers

GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XQyEFjDI4xNMK0sCGmjI0WNMzkgNEiR44xMVrgIAPDDAwyZGjUKDMmjIiHY9ikoRiD48MwdcZkHDMDhxgbZMyYaZlDBg6UMcTIkDmDaQsxYlzCCCMjR8SOP0WISUMmY40ZNmDQwJHWoB2KMGq8xfEQTh0xFHPUuMEXIhw4eBvmeDgHzkQdcHHEuDFDxtGoFB-2cYORYeUYkvtu7myjBo2KIurEyIiGDh04c3S8eCHGzQwXdOSEMXOmDB0XY960eWGQTJwwLuCggfNjzl-2PWLAUJyWjPCMd7K7wNOmzBmDctLYKQP8OtAwj7fU6NJXjlKGLmKUaQHDxkMxZhbCcAFjOlA4bXwBh3v68dcfDjI4JIIcdiCmQ4IP8QRggf3FgFoddQylgwg32GBDGCDKQAN9ObFEQxkwiNFCGGKMsdUYY9QAGhk2nEZGGDOklYaDIuQQgwsruUCDDPGZlpYcX-yYkY9A7jdkkTSkVYdPGzbxhh5psMFGGC_UwB8IKGBh4Q4gMJGGG3XgAQIeONjwRY1kMqhDDjbwlwIIR_C0xhsvyDBdhdOBYEQacpRhxht4vEAnf2nBmJETT6T1BpKObghpWmy8J0IRTlRXhh1fFMoGRYMRFll_D8lxhhsLJYjDDQ8dBKoYciyEQ2GyftHGG2092CZqZMjxxkIzPPSGQg-2h2geCylYaH4btvZabLNld8d23X0XrHjkBTdcWndkFINVMKSFhrgwiJjWHAxmJCwd6E3aQh1upEFHC9K5QIYMkrJ7F2Q03CBdhzLcQEOsmh70xb5p0dEGRQLPBUMON9wAg0Vt8MtQxDhMXLFcRkFERqhlNPYFehDHIDHFFkcIahhsIEQHslvMQAN7EInxmAgHmYEUGxP1lal-QHUGQx8KBAQ%3D&s=67960e8cc142abe59eb186a229959f0fa81619e440b6de5c48843fa9f6a59f231714809770&w=t&r=1&d=7&priv=true HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=766aaa24-0d40-4e0b-abc2-cc518d641da3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:02:50 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

amorphousankle.com/22/07/4d/22074dd9528da2017ba0af2c5fbb65c8.js

192.243.61.227

200 OK

30 kB

URL GET HTTP/1.1
amorphousankle.com/22/07/4d/22074dd9528da2017ba0af2c5fbb65c8.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectamorphousankle.com
Fingerprint2C:EC:8F:81:4F:CA:D5:12:B3:ED:5B:6B:F0:4E:24:EF:3F:44:91:6A
ValidityMon, 29 Apr 2024 12:51:02 GMT - Sun, 28 Jul 2024 12:51:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30384 bytes)
Hash
1a17bb6fd2b1e36c0b9690d7e9737da4
ea4ae9ed2300248af223fbb1124aad3c7a37ce15
aea133244d818ddf5ca9532a4d306591069cbc04b4843083a6a10ef3544aa7d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /22/07/4d/22074dd9528da2017ba0af2c5fbb65c8.js HTTP/1.1
Host: amorphousankle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca8d28c03a81601f8144ca774acb6726
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.tsyndicate.com/sdk/v1/bi.js

45.133.44.71

200 OK

3.5 kB

URL GET HTTP/2
cdn.tsyndicate.com/sdk/v1/bi.js
IP
45.133.44.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectcdn.tsyndicate.com
Fingerprint27:B4:A1:69:D6:DF:AF:13:62:9C:06:AB:7A:E0:2F:B6:9B:08:43:75
ValidityTue, 09 Apr 2024 03:01:17 GMT - Mon, 08 Jul 2024 03:01:16 GMT

File type
JavaScript source, ASCII text, with very long lines (6607)
Size
3.5 kB (3480 bytes)
Hash
ba1b0b35911f58d4dfd8f3d35bd1b1a7
b2fc4e5a173d9e6ee516698df351b1ea97e3245d
78bf097359fd655d59cd543b97785a2001aa257fe01265dc5341dad549ece9e1

HTTP Headers

GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Tue, 23 Apr 2024 12:57:57 GMT
etag: W/"6627b055-1a1e"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 06 May 2024 08:02:49 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

amorphousankle.com/watch.460154375710.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&tz=0&dev=e&res=14.2071&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
amorphousankle.com/watch.460154375710.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&tz=0&dev=e&res=14.2071&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectamorphousankle.com
Fingerprint2C:EC:8F:81:4F:CA:D5:12:B3:ED:5B:6B:F0:4E:24:EF:3F:44:91:6A
ValidityMon, 29 Apr 2024 12:51:02 GMT - Sun, 28 Jul 2024 12:51:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.460154375710.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&tz=0&dev=e&res=14.2071&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1 HTTP/1.1
Host: amorphousankle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.xmegadrive.com
Access-Control-Allow-Origin: https://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Location: https://amorphousankle.com/watch.460154375710.js?dev=e&key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=e96eeab9759059aa7d810b042d5045dcba9ed98f9721b6d7f9288ec689286ae495dfd06acec43880d1ca7357513f74df9795d956ee3e071fcc78c303bc0db74264a2a9e53dbc33a60c43a8a1aaede01dcfcb51580b466ec14064e29610&tz=0&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1
Set-Cookie: u_pl=16186702; expires=Sun, 05 May 2024 08:02:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NjcwMiwiayI6IjMyNmIzOTA5NjMyNTQzM2Y1ZWRmNWVmMTRmMjI5MjVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJkN2g0NWM5OW1jIiwiY3BrcyI6eyIyOCI6IjIyMDc0ZGQ5NTI4ZGEyMDE3YmEwYWYyYzVmYmI2NWM4In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy54bWVnYWRyaXZlLmNvbS92aWRlb3MvYnJhdC1wcmluY2Vzcy0yLWphem1pbmUtYW5kLXBlbmVsb3BlLXRlYXNlLXRoZS1mbGF0LWNoYXN0aXR5LWRldmljZS00ay8iLCJhciI6W119fQ.NI3IrtgOnygO3ta3U9wbejGEmtliIRGM81RudNr8IN4; expires=Sat, 04 May 2024 08:03:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0982f351ae07b83a24db5e0f6419c069
Strict-Transport-Security: max-age=0; includeSubdomains

gobreadthpopcorn.com/watch.1700661882944.js?dev=e&key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=face47b7323b9119f36b81cd1df1789755f81f242ff0893b9b1df11137e70132d63cce599508b67ab5a58a0cf704f4461181b73df332a1f17ab3f1f4e71a059e21a4ae36ef69c58920d62c4baeb9b2fbff44432bcf4edac58c02931f88a8d9&tz=0&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1

192.243.61.227

200 OK

2.5 kB

URL GET HTTP/1.1
gobreadthpopcorn.com/watch.1700661882944.js?dev=e&key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=face47b7323b9119f36b81cd1df1789755f81f242ff0893b9b1df11137e70132d63cce599508b67ab5a58a0cf704f4461181b73df332a1f17ab3f1f4e71a059e21a4ae36ef69c58920d62c4baeb9b2fbff44432bcf4edac58c02931f88a8d9&tz=0&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectgobreadthpopcorn.com
FingerprintC5:CA:73:FB:70:A9:E9:62:8F:51:AE:54:ED:96:FB:84:99:6B:A6:B9
ValidityMon, 29 Apr 2024 08:16:23 GMT - Sun, 28 Jul 2024 08:16:22 GMT

File type
JavaScript source, ASCII text, with very long lines (3159)
Size
2.5 kB (2476 bytes)
Hash
89ff8764e78f979cca0414d5220a7a59
1949eaf7f43d442e352cdd5fc96600a2bf251486
784e82d35834e3c951b131782ae20352da82b6daba2c2887405378c1a15d1684

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1700661882944.js?dev=e&key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=face47b7323b9119f36b81cd1df1789755f81f242ff0893b9b1df11137e70132d63cce599508b67ab5a58a0cf704f4461181b73df332a1f17ab3f1f4e71a059e21a4ae36ef69c58920d62c4baeb9b2fbff44432bcf4edac58c02931f88a8d9&tz=0&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1 HTTP/1.1
Host: gobreadthpopcorn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
Referer: https://www.xmegadrive.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15242180; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTI0MjE4MCwiayI6ImQzYTc2MzI5NjkzMDUzODQ5Y2YxM2I2NDNmNGZlYjBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6Imsya3RkcGJ0dCIsImNwa3MiOnsiMjkiOiI2NDhmNjBkMDc0NTFhOGRjMmUyOTE5MTQwZjQ4ZGNjNiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cueG1lZ2Fkcml2ZS5jb20vdmlkZW9zL2JyYXQtcHJpbmNlc3MtMi1qYXptaW5lLWFuZC1wZW5lbG9wZS10ZWFzZS10aGUtZmxhdC1jaGFzdGl0eS1kZXZpY2UtNGsvIiwiYXIiOltdfX0.iVuU6_MoTD8Crjqa14Mn94eY7r1myOaBTmYbgpNXvL0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.xmegadrive.com
Access-Control-Allow-Origin: https://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=e610fe86-2edc-41e7-b62c-eb9277c09863:2:1; expires=Sat, 11 May 2024 08:02:50 GMT; secure; SameSite=None
iprc1ec74c203a0c2e5350a081844c7230e9=3569681; expires=Sat, 04 May 2024 12:02:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 08:02:50 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 08:02:50 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 05 May 2024 08:02:50 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 05 May 2024 08:02:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fdcafd4b0e2ccba13935f21c5d0ce1d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

amorphousankle.com/watch.460154375710.js?dev=e&key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=e96eeab9759059aa7d810b042d5045dcba9ed98f9721b6d7f9288ec689286ae495dfd06acec43880d1ca7357513f74df9795d956ee3e071fcc78c303bc0db74264a2a9e53dbc33a60c43a8a1aaede01dcfcb51580b466ec14064e29610&tz=0&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1

192.243.61.227

200 OK

2.5 kB

URL GET HTTP/1.1
amorphousankle.com/watch.460154375710.js?dev=e&key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=e96eeab9759059aa7d810b042d5045dcba9ed98f9721b6d7f9288ec689286ae495dfd06acec43880d1ca7357513f74df9795d956ee3e071fcc78c303bc0db74264a2a9e53dbc33a60c43a8a1aaede01dcfcb51580b466ec14064e29610&tz=0&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectamorphousankle.com
Fingerprint2C:EC:8F:81:4F:CA:D5:12:B3:ED:5B:6B:F0:4E:24:EF:3F:44:91:6A
ValidityMon, 29 Apr 2024 12:51:02 GMT - Sun, 28 Jul 2024 12:51:01 GMT

File type
JavaScript source, ASCII text, with very long lines (3137)
Size
2.5 kB (2462 bytes)
Hash
f053d78f9cba64c1a93ce6094c5f5266
f3fad497337bb400dadfb6c78acb6885f1d66de8
e1de830327b7fbaab8e7913b0128f42bf252b9d394e24ec341eb4fa97c166605

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.460154375710.js?dev=e&key=326b39096325433f5edf5ef14f22925d&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=e96eeab9759059aa7d810b042d5045dcba9ed98f9721b6d7f9288ec689286ae495dfd06acec43880d1ca7357513f74df9795d956ee3e071fcc78c303bc0db74264a2a9e53dbc33a60c43a8a1aaede01dcfcb51580b466ec14064e29610&tz=0&uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1 HTTP/1.1
Host: amorphousankle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
Referer: https://www.xmegadrive.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16186702; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NjcwMiwiayI6IjMyNmIzOTA5NjMyNTQzM2Y1ZWRmNWVmMTRmMjI5MjVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJkN2g0NWM5OW1jIiwiY3BrcyI6eyIyOCI6IjIyMDc0ZGQ5NTI4ZGEyMDE3YmEwYWYyYzVmYmI2NWM4In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy54bWVnYWRyaXZlLmNvbS92aWRlb3MvYnJhdC1wcmluY2Vzcy0yLWphem1pbmUtYW5kLXBlbmVsb3BlLXRlYXNlLXRoZS1mbGF0LWNoYXN0aXR5LWRldmljZS00ay8iLCJhciI6W119fQ.NI3IrtgOnygO3ta3U9wbejGEmtliIRGM81RudNr8IN4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.xmegadrive.com
Access-Control-Allow-Origin: https://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f81ad0dd-3425-4e7d-af9d-07901a7eb89e:2:1; expires=Sat, 11 May 2024 08:02:50 GMT; secure; SameSite=None
iprc9f621b1155f5228f63b822e87a91d599=3569683; expires=Sat, 04 May 2024 12:02:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 08:02:51 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 08:02:51 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 05 May 2024 08:02:51 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 05 May 2024 08:02:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2db6261f68d3103477aff2c54d50c7c2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

notification.tubecup.net/tags?tag_id=15599&timezone_olson=UTC&version_name=d&med_script_id=4&page=https%3A//www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/

116.202.204.10

200 OK

1.4 kB

URL GET HTTP/2
notification.tubecup.net/tags?tag_id=15599&timezone_olson=UTC&version_name=d&med_script_id=4&page=https%3A//www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
IP
116.202.204.10:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type
JSON text data
Size
1.4 kB (1419 bytes)
Hash
5f30eec034542a3b9f59c9065c23013c
cb177a2493ab5d9c30b65faa977525404d39921b
5ca0990032aba81fdf2d989ee4c3d3a8508e190c922c0259b90ab2eb471f9857

HTTP Headers

GET /tags?tag_id=15599&timezone_olson=UTC&version_name=d&med_script_id=4&page=https%3A//www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/ HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/json
content-length: 1419
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: br
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png

45.133.44.10

200 OK

145 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
145 kB (145012 bytes)
Hash
620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3

HTTP Headers

GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: image/png
content-length: 145012
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Mon, 06 May 2024 08:02:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png

45.133.44.10

200 OK

59 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced
Size
59 kB (59343 bytes)
Hash
a8d87e991a22e21fd415f8484a2c798d
512ec0da7b33b71c73453271860fae0a0e23c627
a26bd031fca0ac99e2ee032b81812e714bb94834b7ca304fbdf2aafd5c192045

HTTP Headers

GET /cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: image/png
content-length: 59343
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 09:53:11 GMT
etag: "62e10b07-e7cf"
expires: Mon, 06 May 2024 08:02:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fatalloved.com/api/posts?token=LzllL2ZkLzcyLzllZmQ3MmJmZDVjNTNjM2NmMjc1NjQ3ODI4MDIzZTBiLmpz

192.243.59.13

200 OK

18 kB

URL GET HTTP/1.1
fatalloved.com/api/posts?token=LzllL2ZkLzcyLzllZmQ3MmJmZDVjNTNjM2NmMjc1NjQ3ODI4MDIzZTBiLmpz
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectfatalloved.com
FingerprintA2:BF:8F:62:A3:02:D6:CC:18:4E:B7:02:A2:02:3F:09:28:37:53:57
ValidityThu, 11 Apr 2024 06:46:56 GMT - Wed, 10 Jul 2024 06:46:55 GMT

File type
JavaScript source, ASCII text, with very long lines (43582), with no line terminators
Size
18 kB (17567 bytes)
Hash
52986f6fc740cdac06e43a0cc190ce48
25e07b8af526de5544c7819eca179aa96b4916d3
ab181b162a8610cf925aba5598ed84e3e7f30f7833a91884526c3a1cf1d4e777

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/posts?token=LzllL2ZkLzcyLzllZmQ3MmJmZDVjNTNjM2NmMjc1NjQ3ODI4MDIzZTBiLmpz HTTP/1.1
Host: fatalloved.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 08:02:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d95afd14317a02e71cf3e403f6161734
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

coexistsafetyghost.com/pixel/purst?dl=0&th=0&sc=0&rs=2405&rd=2405&fd=603&bv=24.5.6485&tmpl=136

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
coexistsafetyghost.com/pixel/purst?dl=0&th=0&sc=0&rs=2405&rd=2405&fd=603&bv=24.5.6485&tmpl=136
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectcoexistsafetyghost.com
Fingerprint4D:41:7B:FB:11:3F:3C:36:DB:78:BA:88:80:F1:D4:F5:CC:80:DD:9C
ValidityMon, 29 Apr 2024 13:15:24 GMT - Sun, 28 Jul 2024 13:15:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2405&rd=2405&fd=603&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: coexistsafetyghost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159

185.76.9.26

200 OK

43 kB

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://bn3.trafget.com/addqa.php?subid=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (34846)
Size
43 kB (43024 bytes)
Hash
e17abff411c877456dd97ee291f5ef1c
f0964b63bf5e839e5004c53d665711f1e40d3ba3
6f8802f4055f1a91f30887f4909fee650bc74be3156428aabfb3a837072addba

HTTP Headers

GET /iframe.php?idzone=5282678&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bn3.trafget.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: 
expires: Sat, 04 May 2024 08:07:00 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3gRMAAAwBuUwKAQH3uxEAAAwBJRPCLgH3+wMAAA
x-77-nzt-ray: af5856302d401fb8abeb3566d100aa01
x-accel-expires: @1714810020
x-accel-date: 1714804778
x-77-cache: HIT
x-77-age: 4993
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 4993
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

notification.tubecup.net/med/info?tag_id=15599

116.202.204.10

204 No Content

0 B

URL GET HTTP/2
notification.tubecup.net/med/info?tag_id=15599
IP
116.202.204.10:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /med/info?tag_id=15599 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx/1.18.0
date: Sat, 04 May 2024 08:02:51 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

a.magsrv.com/undefined

185.76.9.26

404 Not Found

548 B

URL GET HTTP/2
a.magsrv.com/undefined
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
548 B (548 bytes)
Hash
370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

HTTP Headers

GET /undefined HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sat, 04 May 2024 08:02:51 GMT
content-type: text/html
content-length: 548
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-77-nzt: EwwBuUwJFAH3GwAAAAwBuUwKAQH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: af5856302d401fb8abeb35664e08e829
x-accel-expires: @1714809804
x-accel-date: 1714809744
x-77-cache: HIT
x-77-age: 27
server: CDN77-Turbo
x-cache: HIT
x-age: 27
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=15599

157.90.84.242

200 OK

0 B

URL POST HTTP/1.1
fp.metricswpsh.com/fp?tag_id=15599
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=15599 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.xmegadrive.com/
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 04 May 2024 08:02:51 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.xmegadrive.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzY0ODY5OTY2MzEyNjc4NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNTU5OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjg2LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGx9

45.133.44.53

200 OK

0 B

URL GET HTTP/2
3fb4026cec.ffbd26c481.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzY0ODY5OTY2MzEyNjc4NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNTU5OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjg2LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGx9
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject3fb4026cec.ffbd26c481.com
Fingerprint27:04:EE:66:BA:5B:49:EF:14:C8:8F:A8:F2:D9:35:3D:F6:0F:40:6A
ValidityWed, 01 May 2024 02:50:26 GMT - Tue, 30 Jul 2024 02:50:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzY0ODY5OTY2MzEyNjc4NjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMS4wIiwidGFnX2lkIjoxNTU5OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjg2LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGx9 HTTP/1.1
Host: 3fb4026cec.ffbd26c481.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

448 B

URL GET HTTP/2
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A
ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
448 B (448 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: 0a3220c365d4707766e272d56fc7d6dd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Du%2BNhDRJAWGGeeJ7u126XKiar0XUFpGvAc3o3ekcM3KDtKFKa4SQBvAIZCNZGhDwfpT%2BfCBjy8Rc2VC5hsA1A1rbHsqeYli2Onm7i%2FR32cJUBs2bJGkefN7joQFTpwCoFOWEOOJxrNrHRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6f8907c15568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5282680

185.76.9.26

200 OK

494 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5282680
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
gzip compressed data, from Unix
Size
494 B (494 bytes)
Hash
a6fe2bb1324b820b9e7154fdab6b87c8
f5b7e652c64d8aaeb25ec6653c74c5e5211ceba4
6459ef01bd747585513e3ab14c4b42134f68f3310ed015846291320652dbf1e8

HTTP Headers

GET /build-iframe-js-url.js?idzone=5282680 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"ef1e450f033a680390fad1effb6"
accept-ch: 
expires: Thu, 02 May 2024 13:45:50 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH35wMAAAwBuUwKCQH3GQAAAAwBJRPCNAH3AQAAAA
x-77-nzt-ray: af5856302d401fb8abeb3566aad9392b
x-accel-expires: @1714819568
x-accel-date: 1714808772
x-77-cache: HIT
x-77-age: 999
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 999
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159

185.76.9.26

200 OK

1.6 kB

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2877)
Size
1.6 kB (1603 bytes)
Hash
0c2b483cb12811d45082162e36ba3238
1d333ab7fb3a785e7441dd0ff8d960ce144a0def
d5cff11e3e2de01a283f7dab276832b3bb133c283530f2a9e24203c1dd610eeb

HTTP Headers

GET /iframe.php?idzone=5282680&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: 
expires: Sat, 04 May 2024 08:07:01 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3fxMAAAwBuUwKCQH3vREAAAwBJRPCLgH3+gMAAA
x-77-nzt-ray: af5856302d401fb8abeb3566565b2329
x-accel-expires: @1714810021
x-accel-date: 1714804780
x-77-cache: HIT
x-77-age: 4991
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 4991
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/ad-provider.js

185.76.9.26

200 OK

153 kB

URL GET HTTP/2
a.magsrv.com/ad-provider.js
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
gzip compressed data, from Unix
Size
153 kB (153007 bytes)
Hash
7849e44566f5d91b5bb9dc37a7519b02
b0a4c7f56a34cb25cee158b1385223429d71a446
a371c936dd8943bd833a78be290a629d6ee5560e5a95a2c1db99458d76dd33cd

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:45:46 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3yikAAAwBuUwKDAH3CAAAAAwBisclwQH3AwAAAA
x-77-nzt-ray: af5856302d401fb8abeb356641f8ec2b
x-accel-expires: @1714809873
x-accel-date: 1714799073
x-77-cache: HIT
x-77-age: 10698
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 10698
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.js?idzone=5282682&size=300x250&sub=10159

185.76.9.26

200 OK

1.4 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5282682&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2877), with no line terminators
Size
1.4 kB (1424 bytes)
Hash
d603b60c389cc5d118b6ff4c39a292cf
beb31cc1832ebc066e958cde1f55eb700f158727
e0d0dc736ebd0c1828a2d97d1ccc83de335c43851db30bc75dd1ee1246c967e1

HTTP Headers

GET /iframe.js?idzone=5282682&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"be242478e53f2254fc0f7bd23f4"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:49:17 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3fhMAAAwBuUwKAQH3CQAAAAgBnJIhHwGB
x-77-nzt-ray: af5856302d401fb8aceb356699600e07
x-accel-expires: @1714810021
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1714804782
x-77-age: 4990
server: CDN77-Turbo
x-cache: HIT
x-age: 4990
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

3.64.163.50

410 Gone

113 B

URL GET HTTP/2
addresseepaper.com/sfp.js
IP
3.64.163.50:443
ASN
#16509 AMAZON-02

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectaddresseepaper.com
Fingerprint04:E2:47:07:1C:BD:EF:52:CF:38:CF:90:4A:39:37:9D:0A:C0:4F:FA
ValidityWed, 10 Apr 2024 19:36:56 GMT - Tue, 09 Jul 2024 19:36:55 GMT

File type
HTML document, ASCII text
Size
113 B (113 bytes)
Hash
84ec4c7a357cdc2544b659c7a759eaa8
a2c30df8e2fd1ebba41f23805808714905c5d3e0
aeecb24f567307b9fa981803e4e427fd913d436f6eb7d6e860beb0f3ad398cf5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 410 Gone
server: openresty
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript
X-Firefox-Spdy: h2

js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.52

200 OK

16 kB

URL GET HTTP/2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD
ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15529 bytes)
Hash
07be2a64fef9178d12671b802b3a614b
c9e973c05941ace939ab16a39ec03623aaed0e26
c42b8ae55474f9927aeabef577a8f8ebee25939136d8f72744a73ab6eca80f81

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Sat, 04 May 2024 08:07:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.magsrv.com/v1/api.php

95.211.229.246

200 OK

335 B

URL POST HTTP/1.1
s.magsrv.com/v1/api.php
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51
ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT

File type
JSON text data
Size
335 B (335 bytes)
Hash
d9b6dcfbd50f4e20049161697d5bd86a
a312e5d31d90a3cf6f1b6abe592200adab4ca093
f70e1558a987d19034fc801c819eaab03b150bde8cb55ef291dc4f27ccc4df60

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 321
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

5d39fe7c75.2ac4fce9b8.com/in/multy

94.130.198.6

200 OK

0 B

URL POST HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/multy
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.xmegadrive.com/
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.20.1
date: Sat, 04 May 2024 08:02:52 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

www.xmegadrive.com/favicon-16x16.png

5.61.55.75

200 OK

896 B

URL GET HTTP/1.1
www.xmegadrive.com/favicon-16x16.png
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
896 B (896 bytes)
Hash
e41a915980cfc58f49779685cffcd722
bc055014549b2865dabad1bf3e98b32a899db380
d73a5315933dada68538152d338258aff89ced6d7cae25a6f487aa10493b55c3

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/png
Content-Length: 896
Last-Modified: Wed, 11 Jan 2023 16:06:12 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63bede74-380"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/apple-touch-icon.png

5.61.55.75

200 OK

39 kB

URL GET HTTP/1.1
www.xmegadrive.com/apple-touch-icon.png
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
39 kB (38647 bytes)
Hash
9473c62292f24dff18c4e7907ac9f629
7cc18e50983210b4c7e99531c7ebcaf4dea4247a
66fbf29be36cb854c37c74e1db175495327b79b5b238ea35e497d48a9daa8f7d

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/png
Content-Length: 38647
Last-Modified: Wed, 11 Jan 2023 16:06:12 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63bede74-96f7"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:5MVBb-yK54aMXYT5Ra57EpFIFJiR9A:w4ODKGW5hl6ydZYw; Expires=Mon, 04-May-2026 08:02:52 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:02:52 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzlPTW_AftsuaW9DT51tbD4wFAfhcb2YFKfqm5DqETiCTVXFkCLcHYaKymIPWxz4d93U45gnw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-w0io4ynPp-jFnIlTD5Yfuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

28 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27932 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3d10d096660b5b3416c5f2b1e9d1fa29
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 08:02:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ay1oy4PzhiO526v3fvxeaAxkFSJWufWBY9j5yQT4s0OolCknqWATyUyU1FkWVwPIgoWsm7IVzIKNNP4S1lVo1dNNVGpepxAoWJUg%2F0bZ7Kp46FGd9q869JGJTJ4wrjluayPEjZt9nF%2FEhBP%2F7AEOhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6f88cece156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzlPTW_AftsuaW9DT51tbD4wFAfhcb2YFKfqm5DqETiCTVXFkCLcHYaKymIPWxz4d93U45gnw

74.125.131.84

302 Found

426 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzlPTW_AftsuaW9DT51tbD4wFAfhcb2YFKfqm5DqETiCTVXFkCLcHYaKymIPWxz4d93U45gnw
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint9A:72:A8:C3:56:5C:93:B4:72:C7:5B:1B:60:BB:0F:3E:1E:C4:1B:67
ValidityTue, 16 Apr 2024 04:20:36 GMT - Tue, 09 Jul 2024 04:20:35 GMT

File type
HTML document, ASCII text, with very long lines (404)
Size
426 B (426 bytes)
Hash
ec1f9e414c22c49c1b3ac7846b47da79
28f48a152709f6429b2d1d429239aa71bc9a598f
eb8a3e97372c902d28897084c14c870c9e6d0ccc60bb2602f646847be09a2536

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzlPTW_AftsuaW9DT51tbD4wFAfhcb2YFKfqm5DqETiCTVXFkCLcHYaKymIPWxz4d93U45gnw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:l3qftWCivp0AM-NDZcLCwt5diEWlIA:OeeIpG8jI5OkU2Px;Path=/;Expires=Mon, 04-May-2026 08:02:52 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:02:52 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz_YjCAro76-pr9dbieCt3aRQNIXKqM1sdkf7pTlbdtiF1dnK5BWIF2UFkF4w2QOBY-He4Qeg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S855721053%3A1714809772666505&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-RFFkoLb59E0B9Q0Gr96h4A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

5d39fe7c75.2ac4fce9b8.com/in/multy

94.130.198.6

200 OK

4.8 kB

URL POST HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/multy
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type
JSON text data
Size
4.8 kB (4845 bytes)
Hash
3308173aeac5b68b92468f32bc9bf885
0a1526851ae94c422fad132c4011614ff2038e11
a9e97b5006475bdc2b98e7fd76b402be41768c7d0b161a223ee8f09493b26fa8

HTTP Headers

POST /in/multy HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1952
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 08:02:52 GMT
content-type: application/json
content-length: 4845
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/1.jpg

5.61.55.75

200 OK

20 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/1.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 320x180, components 3
Size
20 kB (20400 bytes)
Hash
28e35af3242583ea409e74681527516c
48d8a700e422660db225af65feca32bb2fa251dd
ea7e3ed27cc31631b05a2c5070c113e7c5662e0e0c041c332ec2a6170a769553

HTTP Headers

GET /contents/videos_screenshots/210000/210105/320x180/1.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 20400
Last-Modified: Tue, 28 Nov 2023 16:02:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65660eff-4fb0"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/2.jpg

5.61.55.75

200 OK

8.9 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/2.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 320x180, components 3
Size
8.9 kB (8868 bytes)
Hash
64b027c4e795fc6d4307b24ead850f48
a7de88f207162b64fa63174964aea7f1477a7e19
5119f33b0919d0415d745097c3d87200e46b8e040d398099d27c4d9b7a421e1f

HTTP Headers

GET /contents/videos_screenshots/210000/210105/320x180/2.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 8868
Last-Modified: Tue, 28 Nov 2023 16:02:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65660eff-22a4"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/3.jpg

5.61.55.75

200 OK

10 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/3.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 320x180, components 3
Size
10 kB (10018 bytes)
Hash
6e036a87f93c249505a1f2bd152238d9
d98c782f0c8fbf19f4fc215aa0aaf27ab97489d0
297c0b2510244acce12dd4c8ba76634ecd7d34901732b4d1885a7f5968d75ad4

HTTP Headers

GET /contents/videos_screenshots/210000/210105/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 10018
Last-Modified: Tue, 28 Nov 2023 16:02:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65660eff-2722"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/4.jpg

5.61.55.75

200 OK

11 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/4.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 320x180, components 3
Size
11 kB (11262 bytes)
Hash
30d95557a8195780c91938bb6f2f853a
bac7310aabb2211ce3f18b3ca34c7337d6477a05
a8e067fe41968b8a7c868f2bdeef54ead2089a43d971f04a89fd98fb1f63cf3a

HTTP Headers

GET /contents/videos_screenshots/210000/210105/320x180/4.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 11262
Last-Modified: Tue, 28 Nov 2023 16:02:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65660eff-2bfe"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/5.jpg

5.61.55.75

200 OK

11 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/210000/210105/320x180/5.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 320x180, components 3
Size
11 kB (11062 bytes)
Hash
ae6489412e2c85d1fb71c4b09bdb2732
c505cdbe226d743e420f41a2b417be4752b3a7db
1575f1070d229d8e64835962228320bd37e0328d0b3d69962346233ccc5a9430

HTTP Headers

GET /contents/videos_screenshots/210000/210105/320x180/5.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 11062
Last-Modified: Tue, 28 Nov 2023 16:02:07 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65660eff-2b36"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/192000/192195/320x180/3.jpg

5.61.55.75

200 OK

14 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/192000/192195/320x180/3.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3
Size
14 kB (13719 bytes)
Hash
56f68efee2e67ec9964f45054d0190bd
c2c49efe2ba9364531b6f88d6e06ceb1d06abeee
dfeffb269bc39d06a625639b8596bf88bcba7c2d4f661103218aff2b27205863

HTTP Headers

GET /contents/videos_screenshots/192000/192195/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 13719
Last-Modified: Sat, 02 Sep 2023 21:31:24 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "64f3a9ac-3597"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/162000/162196/320x180/3.jpg

5.61.55.75

200 OK

14 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/162000/162196/320x180/3.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3
Size
14 kB (13939 bytes)
Hash
8e5c0653990fa9eb88c977da66f6fa05
3a23038f55d422658c4a912cadee6129001342d3
956ee60cfdbcde51602196083294e9099da2a668fc11eaf5585e41c382bb04d8

HTTP Headers

GET /contents/videos_screenshots/162000/162196/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 13939
Last-Modified: Tue, 18 Apr 2023 07:59:03 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "643e4dc7-3673"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/195000/195287/320x180/3.jpg

5.61.55.75

200 OK

10 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/195000/195287/320x180/3.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3
Size
10 kB (10286 bytes)
Hash
0569c7b3fa38820cf376217eb974dc1f
939e4364847dcf100785a7835101af2f32e450a1
d24725e88deda0cdde09a026d5eef65660eff609a6c4745bfece7e1e7a626533

HTTP Headers

GET /contents/videos_screenshots/195000/195287/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 10286
Last-Modified: Wed, 20 Sep 2023 20:33:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "650b571a-282e"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

www.xmegadrive.com/contents/videos_screenshots/184000/184002/320x180/3.jpg

5.61.55.75

200 OK

16 kB

URL GET HTTP/1.1
www.xmegadrive.com/contents/videos_screenshots/184000/184002/320x180/3.jpg
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3
Size
16 kB (16035 bytes)
Hash
14b8ce460f9c5ee02270fe3331d65a12
e8867b57e87899faf6c146609307a7af2fc8300b
eb3f83f33d120b14635ebe7fb8588564a29fafccd0586120d7f43d4f9b151b28

HTTP Headers

GET /contents/videos_screenshots/184000/184002/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1; ppu_main_9efd72bfd5c53c3cf275647828023e0b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:52 GMT
Content-Type: image/jpeg
Content-Length: 16035
Last-Modified: Thu, 27 Jul 2023 20:00:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "64c2ccdc-3ea3"
Expires: Sun, 05 May 2024 08:02:52 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes

5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=d&site_id=3112598&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&refdom=www.xmegadrive.com&auction_time=1714809772&subid=1986595641&sid=1245628510&tcid=0&ver=7.282.0-b&ver_c=&spot_id=12598&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=45.76295613690938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1986595641%26spot_id%3D12598%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.xmegadrive.com%252Fvideos%252Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DVLLCH4LUNbHv5uoUB6T5RqhZtUnQMeFODFs1x7ZddiSbmMwpSmi-yRsqa147iLMhjKiezC5KF1lkgEJXAk6fuzEdImn8VrSH1Dj5mk_5aWJqcvXX7aTLOQvL16g1ZGSDOrDXtEKjgnwEv2azRSmNXLC_dAQjOME_YMH5JfZbk8UddesIOubfjDW0uOB5c68Rv71bZr8mGtGckQJmPnF8D9NuV69snaZyvJqIHrofGWIutVNp87EMJPcGE3ik-aBsLchJ4xNYKBg1nDVfI8kubXndgQN9-hlQIoG-qsMJ8YFa5cF9MoxnGiaxpnaAZvzpL2x5yzwFMZZ5w1piMRUIKFI-2uzF3XwD4rIEuwMHXpDWcxA7L_QQ5zkjl10VegXB6P84w7PVBOThiYmrJ_Lm1FarB4zlA4mGsYFHESh4sqW1sUGX4SGQqSwpJNqU5GdKBieWkpTE2QxEU20jmQFB8Uq8e15gd9LCOuiYm2aSZ_2JF7ZPdiK0EQlLSA5WF9-u-ioDah-HUoKcyX3G_OqXk34XbjSKaZMgAeDqkmVtwnkFBrF-yikYMWHGrzvcLFJ_5F7UVOnf5gugralkQhsn-57RTXTEl8CekrBSN8m4LUhk8FptixyF0GR_D_SLsAEYioI36JZjO_oToPUXM8ZYRbn1Uj08ao8frrzuww&icons=jR0x0u7X9HbOTIaXjAbzKzBbMNHQWK84yKXnFIumKHBAnXQBZ4SfqUp2DVmX6YhUE0HIT5yggSF9y5CptyMKGNNkm7A5Oc4A5ihJn87DqKX0XC4zGS3GbKjiZYPBJDk8dBGRThmYgSLwaZSsUAuols-3oZCMMUG1ZheDOJE9QfP3QdhJag&ext_cid=175&px_id=5312598&min_cpm=0.10330291291769383&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=7512884403737260235&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12324218765015789&cpm=0&verify_hash=18ca546e0d869f20ac0b7a76c93965df&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,89,20,27,108,0,4&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&mlc=1&st=0.04&cpa=4226cf02-5aac-41d8-9aaa-27079d9223db&prev_step_diff=981

94.130.198.6

200 OK

0 B

URL GET HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=d&site_id=3112598&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&refdom=www.xmegadrive.com&auction_time=1714809772&subid=1986595641&sid=1245628510&tcid=0&ver=7.282.0-b&ver_c=&spot_id=12598&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=45.76295613690938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1986595641%26spot_id%3D12598%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.xmegadrive.com%252Fvideos%252Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DVLLCH4LUNbHv5uoUB6T5RqhZtUnQMeFODFs1x7ZddiSbmMwpSmi-yRsqa147iLMhjKiezC5KF1lkgEJXAk6fuzEdImn8VrSH1Dj5mk_5aWJqcvXX7aTLOQvL16g1ZGSDOrDXtEKjgnwEv2azRSmNXLC_dAQjOME_YMH5JfZbk8UddesIOubfjDW0uOB5c68Rv71bZr8mGtGckQJmPnF8D9NuV69snaZyvJqIHrofGWIutVNp87EMJPcGE3ik-aBsLchJ4xNYKBg1nDVfI8kubXndgQN9-hlQIoG-qsMJ8YFa5cF9MoxnGiaxpnaAZvzpL2x5yzwFMZZ5w1piMRUIKFI-2uzF3XwD4rIEuwMHXpDWcxA7L_QQ5zkjl10VegXB6P84w7PVBOThiYmrJ_Lm1FarB4zlA4mGsYFHESh4sqW1sUGX4SGQqSwpJNqU5GdKBieWkpTE2QxEU20jmQFB8Uq8e15gd9LCOuiYm2aSZ_2JF7ZPdiK0EQlLSA5WF9-u-ioDah-HUoKcyX3G_OqXk34XbjSKaZMgAeDqkmVtwnkFBrF-yikYMWHGrzvcLFJ_5F7UVOnf5gugralkQhsn-57RTXTEl8CekrBSN8m4LUhk8FptixyF0GR_D_SLsAEYioI36JZjO_oToPUXM8ZYRbn1Uj08ao8frrzuww&icons=jR0x0u7X9HbOTIaXjAbzKzBbMNHQWK84yKXnFIumKHBAnXQBZ4SfqUp2DVmX6YhUE0HIT5yggSF9y5CptyMKGNNkm7A5Oc4A5ihJn87DqKX0XC4zGS3GbKjiZYPBJDk8dBGRThmYgSLwaZSsUAuols-3oZCMMUG1ZheDOJE9QfP3QdhJag&ext_cid=175&px_id=5312598&min_cpm=0.10330291291769383&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=7512884403737260235&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12324218765015789&cpm=0&verify_hash=18ca546e0d869f20ac0b7a76c93965df&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,89,20,27,108,0,4&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&mlc=1&st=0.04&cpa=4226cf02-5aac-41d8-9aaa-27079d9223db&prev_step_diff=981
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=d&site_id=3112598&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&refdom=www.xmegadrive.com&auction_time=1714809772&subid=1986595641&sid=1245628510&tcid=0&ver=7.282.0-b&ver_c=&spot_id=12598&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=45.76295613690938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1986595641%26spot_id%3D12598%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.xmegadrive.com%252Fvideos%252Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DVLLCH4LUNbHv5uoUB6T5RqhZtUnQMeFODFs1x7ZddiSbmMwpSmi-yRsqa147iLMhjKiezC5KF1lkgEJXAk6fuzEdImn8VrSH1Dj5mk_5aWJqcvXX7aTLOQvL16g1ZGSDOrDXtEKjgnwEv2azRSmNXLC_dAQjOME_YMH5JfZbk8UddesIOubfjDW0uOB5c68Rv71bZr8mGtGckQJmPnF8D9NuV69snaZyvJqIHrofGWIutVNp87EMJPcGE3ik-aBsLchJ4xNYKBg1nDVfI8kubXndgQN9-hlQIoG-qsMJ8YFa5cF9MoxnGiaxpnaAZvzpL2x5yzwFMZZ5w1piMRUIKFI-2uzF3XwD4rIEuwMHXpDWcxA7L_QQ5zkjl10VegXB6P84w7PVBOThiYmrJ_Lm1FarB4zlA4mGsYFHESh4sqW1sUGX4SGQqSwpJNqU5GdKBieWkpTE2QxEU20jmQFB8Uq8e15gd9LCOuiYm2aSZ_2JF7ZPdiK0EQlLSA5WF9-u-ioDah-HUoKcyX3G_OqXk34XbjSKaZMgAeDqkmVtwnkFBrF-yikYMWHGrzvcLFJ_5F7UVOnf5gugralkQhsn-57RTXTEl8CekrBSN8m4LUhk8FptixyF0GR_D_SLsAEYioI36JZjO_oToPUXM8ZYRbn1Uj08ao8frrzuww&icons=jR0x0u7X9HbOTIaXjAbzKzBbMNHQWK84yKXnFIumKHBAnXQBZ4SfqUp2DVmX6YhUE0HIT5yggSF9y5CptyMKGNNkm7A5Oc4A5ihJn87DqKX0XC4zGS3GbKjiZYPBJDk8dBGRThmYgSLwaZSsUAuols-3oZCMMUG1ZheDOJE9QfP3QdhJag&ext_cid=175&px_id=5312598&min_cpm=0.10330291291769383&out_id=1&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=7512884403737260235&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12324218765015789&cpm=0&verify_hash=18ca546e0d869f20ac0b7a76c93965df&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=83,89,20,27,108,0,4&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&mlc=1&st=0.04&cpa=4226cf02-5aac-41d8-9aaa-27079d9223db&prev_step_diff=981 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 08:02:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=d&site_id=3112598&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&refdom=www.xmegadrive.com&auction_time=1714809772&subid=1986595641&sid=1245628510&tcid=0&ver=7.282.0-b&ver_c=&spot_id=12598&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=45.76295613690938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1986595641%26spot_id%3D12598%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.xmegadrive.com%252Fvideos%252Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DVLLCH4LUNbHv5uoUB6T5RqhZtUnQMeFODFs1x7ZddiSbmMwpSmi-yRsqa147iLMhjKiezC5KF1lkgEJXAk6fuzEdImn8VrSH1Dj5mk_5aWJqcvXX7aTLOQvL16g1ZGSDOrDXtEKjgnwEv2azRSmNXLC_dAQjOME_YMH5JfZbk8UddesIOubfjDW0uOB5c68Rv71bZr8mGtGckQJmPnF8D9NuV69snaZyvJqIHrofGWIutVNp87EMJPcGE3ik-aBsLchJ4xNYKBg1nDVfI8kubXndgQN9-hlQIoG-qsMJ8YFa5cF9MoxnGiaxpnaAZvzpL2x5yzwFMZZ5w1piMRUIKFI-2uzF3XwD4rIEuwMHXpDWcxA7L_QQ5zkjl10VegXB6P84w7PVBOThiYmrJ_Lm1FarB4zlA4mGsYFHESh4sqW1sUGX4SGQqSwpJNqU5GdKBieWkpTE2QxEU20jmQFB8Uq8e15gd9LCOuiYm2aSZ_2JF7ZPdiK0EQlLSA5WF9-u-ioDah-HUoKcyX3G_OqXk34XbjSKaZMgAeDqkmVtwnkFBrF-yikYMWHGrzvcLFJ_5F7UVOnf5gugralkQhsn-57RTXTEl8CekrBSN8m4LUhk8FptixyF0GR_D_SLsAEYioI36JZjO_oToPUXM8ZYRbn1Uj08ao8frrzuww&icons=dnjRimmp60U06FCSknq_K3lvX_ZU8h1axal7DJEYiXCXhX0OjRZmNcvfV-n-wnsu72QP38Wvo-zL2aHaeYaBYa4d8UhU9ZCGVWPM5cl-2Mpe6_sI88t8mn7wQq5_CWp72Hv2NBCoKfIXJEGX3LUcujPLJjFHryejz-8tZI0VZlMRn7ljWg&ext_cid=175&px_id=5312598&min_cpm=0.10330291291769383&out_id=0&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=7512884403737260235&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12324218765015789&cpm=0&verify_hash=18ca546e0d869f20ac0b7a76c93965df&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=20,27,108,0,89,4,83&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&st=0.04&cpa=12b3dd63-4e9a-49eb-987d-8925a14f5ed2&prev_step_diff=980

94.130.198.6

200 OK

0 B

URL GET HTTP/2
5d39fe7c75.2ac4fce9b8.com/in/show/?tag_ab=d&site_id=3112598&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&refdom=www.xmegadrive.com&auction_time=1714809772&subid=1986595641&sid=1245628510&tcid=0&ver=7.282.0-b&ver_c=&spot_id=12598&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=45.76295613690938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1986595641%26spot_id%3D12598%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.xmegadrive.com%252Fvideos%252Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DVLLCH4LUNbHv5uoUB6T5RqhZtUnQMeFODFs1x7ZddiSbmMwpSmi-yRsqa147iLMhjKiezC5KF1lkgEJXAk6fuzEdImn8VrSH1Dj5mk_5aWJqcvXX7aTLOQvL16g1ZGSDOrDXtEKjgnwEv2azRSmNXLC_dAQjOME_YMH5JfZbk8UddesIOubfjDW0uOB5c68Rv71bZr8mGtGckQJmPnF8D9NuV69snaZyvJqIHrofGWIutVNp87EMJPcGE3ik-aBsLchJ4xNYKBg1nDVfI8kubXndgQN9-hlQIoG-qsMJ8YFa5cF9MoxnGiaxpnaAZvzpL2x5yzwFMZZ5w1piMRUIKFI-2uzF3XwD4rIEuwMHXpDWcxA7L_QQ5zkjl10VegXB6P84w7PVBOThiYmrJ_Lm1FarB4zlA4mGsYFHESh4sqW1sUGX4SGQqSwpJNqU5GdKBieWkpTE2QxEU20jmQFB8Uq8e15gd9LCOuiYm2aSZ_2JF7ZPdiK0EQlLSA5WF9-u-ioDah-HUoKcyX3G_OqXk34XbjSKaZMgAeDqkmVtwnkFBrF-yikYMWHGrzvcLFJ_5F7UVOnf5gugralkQhsn-57RTXTEl8CekrBSN8m4LUhk8FptixyF0GR_D_SLsAEYioI36JZjO_oToPUXM8ZYRbn1Uj08ao8frrzuww&icons=dnjRimmp60U06FCSknq_K3lvX_ZU8h1axal7DJEYiXCXhX0OjRZmNcvfV-n-wnsu72QP38Wvo-zL2aHaeYaBYa4d8UhU9ZCGVWPM5cl-2Mpe6_sI88t8mn7wQq5_CWp72Hv2NBCoKfIXJEGX3LUcujPLJjFHryejz-8tZI0VZlMRn7ljWg&ext_cid=175&px_id=5312598&min_cpm=0.10330291291769383&out_id=0&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=7512884403737260235&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12324218765015789&cpm=0&verify_hash=18ca546e0d869f20ac0b7a76c93965df&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=20,27,108,0,89,4,83&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&st=0.04&cpa=12b3dd63-4e9a-49eb-987d-8925a14f5ed2&prev_step_diff=980
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject2ac4fce9b8.com
Fingerprint98:AB:7F:A9:60:1A:91:AC:3C:20:E1:6B:57:8E:E0:AA:25:8F:4F:E1
ValidityTue, 30 Apr 2024 14:01:58 GMT - Mon, 29 Jul 2024 14:01:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=d&site_id=3112598&adblock=0&testab=2&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&refdom=www.xmegadrive.com&auction_time=1714809772&subid=1986595641&sid=1245628510&tcid=0&ver=7.282.0-b&ver_c=&spot_id=12598&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-04&iabcat=IAB25-3&keywords=&user_fp=14185762356588688897&score=45.76295613690938&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1986595641%26spot_id%3D12598%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.xmegadrive.com%252Fvideos%252Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=54175&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3DVLLCH4LUNbHv5uoUB6T5RqhZtUnQMeFODFs1x7ZddiSbmMwpSmi-yRsqa147iLMhjKiezC5KF1lkgEJXAk6fuzEdImn8VrSH1Dj5mk_5aWJqcvXX7aTLOQvL16g1ZGSDOrDXtEKjgnwEv2azRSmNXLC_dAQjOME_YMH5JfZbk8UddesIOubfjDW0uOB5c68Rv71bZr8mGtGckQJmPnF8D9NuV69snaZyvJqIHrofGWIutVNp87EMJPcGE3ik-aBsLchJ4xNYKBg1nDVfI8kubXndgQN9-hlQIoG-qsMJ8YFa5cF9MoxnGiaxpnaAZvzpL2x5yzwFMZZ5w1piMRUIKFI-2uzF3XwD4rIEuwMHXpDWcxA7L_QQ5zkjl10VegXB6P84w7PVBOThiYmrJ_Lm1FarB4zlA4mGsYFHESh4sqW1sUGX4SGQqSwpJNqU5GdKBieWkpTE2QxEU20jmQFB8Uq8e15gd9LCOuiYm2aSZ_2JF7ZPdiK0EQlLSA5WF9-u-ioDah-HUoKcyX3G_OqXk34XbjSKaZMgAeDqkmVtwnkFBrF-yikYMWHGrzvcLFJ_5F7UVOnf5gugralkQhsn-57RTXTEl8CekrBSN8m4LUhk8FptixyF0GR_D_SLsAEYioI36JZjO_oToPUXM8ZYRbn1Uj08ao8frrzuww&icons=dnjRimmp60U06FCSknq_K3lvX_ZU8h1axal7DJEYiXCXhX0OjRZmNcvfV-n-wnsu72QP38Wvo-zL2aHaeYaBYa4d8UhU9ZCGVWPM5cl-2Mpe6_sI88t8mn7wQq5_CWp72Hv2NBCoKfIXJEGX3LUcujPLJjFHryejz-8tZI0VZlMRn7ljWg&ext_cid=175&px_id=5312598&min_cpm=0.10330291291769383&out_id=0&campaign_type=lq-pop&aid=3780&cid=16324&uniq=&mid=7512884403737260235&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.12324218765015789&cpm=0&verify_hash=18ca546e0d869f20ac0b7a76c93965df&is_native=2&real_bid=0.0031140000820160003&original_bid_usd=0.004&original_bid=0.004&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=20,27,108,0,89,4,83&need_redirect_show=0&applied_features=test_skins,stage-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.004&hostname=auc-inpage-hz-4-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000004000000000000001&ext_campaign_id_str=175&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&st=0.04&cpa=12b3dd63-4e9a-49eb-987d-8925a14f5ed2&prev_step_diff=980 HTTP/1.1
Host: 5d39fe7c75.2ac4fce9b8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 08:02:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz_YjCAro76-pr9dbieCt3aRQNIXKqM1sdkf7pTlbdtiF1dnK5BWIF2UFkF4w2QOBY-He4Qeg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S855721053%3A1714809772666505&theme=mn&ddm=0

74.125.131.84

403 Forbidden

3.1 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz_YjCAro76-pr9dbieCt3aRQNIXKqM1sdkf7pTlbdtiF1dnK5BWIF2UFkF4w2QOBY-He4Qeg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S855721053%3A1714809772666505&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data, max compression
Size
3.1 kB (3087 bytes)
Hash
d91325d1020e3e8b23d102317aabdced
20db7f8f6d749c44184ce8037ecd728ca425d68b
d1252d26073e299fe0e0f6ae02d00400a0c9276f744344448721135e49ae3088

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQz_YjCAro76-pr9dbieCt3aRQNIXKqM1sdkf7pTlbdtiF1dnK5BWIF2UFkF4w2QOBY-He4Qeg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S855721053%3A1714809772666505&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:02:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-d-kENpWG_ZZVV0pNZ3nbRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&mlc=1&st=0.04&cpa=3999900a-ee25-4069-a48a-fc17a898be37&prev_step_diff=980

45.133.44.24

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&mlc=1&st=0.04&cpa=3999900a-ee25-4069-a48a-fc17a898be37&prev_step_diff=980
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&mlc=1&st=0.04&cpa=3999900a-ee25-4069-a48a-fc17a898be37&prev_step_diff=980 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:53 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 08:02:53 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:53 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 08:02:53 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:53 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sun, 04 May 2025 08:02:53 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&st=0.04&cpa=334b8391-3914-41d7-b771-529074bc7451&prev_step_diff=980

45.133.44.24

200 OK

486 B

URL GET HTTP/2
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&st=0.04&cpa=334b8391-3914-41d7-b771-529074bc7451&prev_step_diff=980
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76
ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_l-body&mlf=1&st=0.04&cpa=334b8391-3914-41d7-b771-529074bc7451&prev_step_diff=980 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:53 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sun, 04 May 2025 08:02:53 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=22074dd9528da2017ba0af2c5fbb65c8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=22074dd9528da2017ba0af2c5fbb65c8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=22074dd9528da2017ba0af2c5fbb65c8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea5cf057337ed2f1950f79d49a1c23b1
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9efd72bfd5c53c3cf275647828023e0b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9efd72bfd5c53c3cf275647828023e0b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=f81ad0dd-3425-4e7d-af9d-07901a7eb89e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9efd72bfd5c53c3cf275647828023e0b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee1f64506337b5ec2afe226e7e2183d8
Strict-Transport-Security: max-age=0; includeSubdomains

a.magsrv.com/build-iframe-js-url.js?idzone=5282684

185.76.9.26

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5282684
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
0f6de7f77d3dfd0bc62052f13a520ae7
7b9be0d826a09929d0380ad7b861a4ce9c85a725
cc00693d146001c1d5d459a7d2900f710f27b85a0e845b2785764942d7408b19

HTTP Headers

GET /build-iframe-js-url.js?idzone=5282684 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"48eccd8d4f35b55d5ce9cd50abb"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:45:55 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH34AMAAAwBuUwKAQH3FwAAAAwBnJIhHwH3AgAAAA
x-77-nzt-ray: af5856302d401fb8aceb35667e586811
x-accel-expires: @1714819570
x-accel-date: 1714808780
x-77-cache: HIT
x-77-age: 992
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 992
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

bn3.trafget.com/addqa.php?subid=10159

104.21.0.238

200 OK

200 B

URL GET HTTP/2
bn3.trafget.com/addqa.php?subid=10159
IP
104.21.0.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0
Certificate
IssuerGoogle Trust Services LLC
Subjecttrafget.com
Fingerprint21:4F:83:6D:42:DE:0A:73:BA:94:4E:43:E8:C9:76:38:5D:12:9C:33
ValidityFri, 05 Apr 2024 19:23:00 GMT - Thu, 04 Jul 2024 19:22:59 GMT

File type
ASCII text, with no line terminators
Size
200 B (200 bytes)
Hash
7a30b32bfa31270e95f830bd6b93ab3c
91fe8f2b2739b567a4f2b5fdb69ec0462edcebc3
bb762fc78440acb9fbaa31f6821aa82384a009a41f6394d40bd4775cb413a66b

HTTP Headers

GET /addqa.php?subid=10159 HTTP/1.1
Host: bn3.trafget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wm%2BI7N2YGcGa97Je5XOxtjp68dTzqx3OQMaNA7I4RmXGy91Sh821RLB7Gsu8v1Ho3rcXtBbc4dUyfv8hIJ1F5t3TJF00GBRBkDHZxVEoArPyFeSj%2FEB1845AF3Wx7nXlPcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6f88b4d34b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159

185.76.9.26

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
b583c2223c43f49f7359d894941cc32f
7e85636dccc68ef8e23ec3b90a6628e56bc91330
f5c325de5978b1ca80bd99296e0be86ad401ee0ebd725d99f48412eb6bbb8d15

HTTP Headers

GET /iframe.php?idzone=5282682&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: 
expires: Sat, 04 May 2024 08:30:35 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3fxMAAAwBuUwKAQH35w8AAAwBisclxAH3SwAAAA
x-77-nzt-ray: af5856302d401fb8aceb35666b6b6803
x-accel-expires: @1714811435
x-accel-date: 1714804781
x-77-cache: HIT
x-77-age: 4991
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 4991
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/15599?version_name=d

45.133.44.52

200 OK

3.3 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/22802538876b351854c895125b33cfd1/15599?version_name=d
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3688), with no line terminators
Size
3.3 kB (3262 bytes)
Hash
6d3687dff21a52f0a22636a26e14df02
e427adbbcfd15e4762adf64de1f6947f9f6c1bca
dcec9da2db1d41015beae83939cb6536d040b3c2642ca8fa8544198d93e18829

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /22802538876b351854c895125b33cfd1/15599?version_name=d HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 04 May 2024 08:07:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

a.magsrv.com/iframe.js?idzone=5282678&size=300x250&sub=10159

185.76.9.26

200 OK

2.3 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5282678&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2418), with no line terminators
Size
2.3 kB (2297 bytes)
Hash
b520823ea663faba990940ab6f200646
af50bcfa7f04b18a1345396b54b1b4c3f5346d91
867e7ebc6cf1e763b645670808b818747ad2f1eeb4c7e155b3c2f3d189a62889

HTTP Headers

GET /iframe.js?idzone=5282678&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"fb8bfc677080e59abbeea4b7362"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:49:15 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3gBMAAAwBuUwKCQH3hyMAAAwB1GY4EQH3cgAAAA
x-77-nzt-ray: af5856302d401fb8abeb35668d9ac219
x-accel-expires: @1714810021
x-accel-date: 1714804779
x-77-cache: HIT
x-77-age: 4992
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 4992
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.js?idzone=5282680&size=300x250&sub=10159

185.76.9.26

200 OK

2.3 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5282680&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2418), with no line terminators
Size
2.3 kB (2297 bytes)
Hash
128cb11452ed019b8db4d4a2f8a64be9
d56510f0ae05cbea04a6acd7636a501e02170e5e
47a6cfda057ba6244664e00d2eee064b97adc3dff083b047476881aa028d9df5

HTTP Headers

GET /iframe.js?idzone=5282680&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"472849290e4c2e1c82ed4386220"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:49:16 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3fhMAAAwBuUwKDAH3gCMAAAwBnJIhJwH3dgAAAA
x-77-nzt-ray: af5856302d401fb8abeb3566b897a62e
x-accel-expires: @1714810021
x-accel-date: 1714804781
x-77-cache: HIT
x-77-age: 4990
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 4990
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

gobreadthpopcorn.com/watch.1700661882944.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&tz=0&dev=e&res=14.2071&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1

192.243.61.227

307 Temporary Redirect

4.0 kB

URL GET HTTP/1.1
gobreadthpopcorn.com/watch.1700661882944.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&tz=0&dev=e&res=14.2071&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectgobreadthpopcorn.com
FingerprintC5:CA:73:FB:70:A9:E9:62:8F:51:AE:54:ED:96:FB:84:99:6B:A6:B9
ValidityMon, 29 Apr 2024 08:16:23 GMT - Sun, 28 Jul 2024 08:16:22 GMT

File type

Size
4.0 kB (4035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1700661882944.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&tz=0&dev=e&res=14.2071&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1 HTTP/1.1
Host: gobreadthpopcorn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.xmegadrive.com
Access-Control-Allow-Origin: https://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Location: https://gobreadthpopcorn.com/watch.1700661882944.js?dev=e&key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22brat%22%2C%22princess%22%2C%222%22%2C%22-%22%2C%22jazmine%22%2C%22and%22%2C%22penelope%22%2C%22-%22%2C%22tease%22%2C%22the%22%2C%22flat%22%2C%22chastity%22%2C%22device%22%2C%224k%22%5D&pst=1714809830&refer=https%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k%2F&res=14.2071&rmtc=t&shu=face47b7323b9119f36b81cd1df1789755f81f242ff0893b9b1df11137e70132d63cce599508b67ab5a58a0cf704f4461181b73df332a1f17ab3f1f4e71a059e21a4ae36ef69c58920d62c4baeb9b2fbff44432bcf4edac58c02931f88a8d9&tz=0&uuid=e610fe86-2edc-41e7-b62c-eb9277c09863%3A2%3A1
Set-Cookie: u_pl=15242180; expires=Sun, 05 May 2024 08:02:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTI0MjE4MCwiayI6ImQzYTc2MzI5NjkzMDUzODQ5Y2YxM2I2NDNmNGZlYjBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6Imsya3RkcGJ0dCIsImNwa3MiOnsiMjkiOiI2NDhmNjBkMDc0NTFhOGRjMmUyOTE5MTQwZjQ4ZGNjNiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cueG1lZ2Fkcml2ZS5jb20vdmlkZW9zL2JyYXQtcHJpbmNlc3MtMi1qYXptaW5lLWFuZC1wZW5lbG9wZS10ZWFzZS10aGUtZmxhdC1jaGFzdGl0eS1kZXZpY2UtNGsvIiwiYXIiOltdfX0.iVuU6_MoTD8Crjqa14Mn94eY7r1myOaBTmYbgpNXvL0; expires=Sat, 04 May 2024 08:03:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b9c56fbd6fec7cc134db203ce8d11456
Strict-Transport-Security: max-age=0; includeSubdomains

a.magsrv.com/build-iframe-js-url.js?idzone=5282682

185.76.9.26

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5282682
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
6be5fd905836b59c9a46dd100299afba
fda4db1183bba466e0685d72e96f6b5eee009825
632381e3b800574aaabd8126b97722437d9760584cb87c8cd0d4a964da2b5760

HTTP Headers

GET /build-iframe-js-url.js?idzone=5282682 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"d86c3daa3b49d753e0af82c6d2f"
accept-ch: 
expires: Thu, 02 May 2024 13:45:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH35AMAAAwBuUwKCQH3GQAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: af5856302d401fb8aceb35662cc86e05
x-accel-expires: @1714819570
x-accel-date: 1714808776
x-77-cache: HIT
x-77-age: 996
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 996
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

www.similarlength.pro/ecc874/795b9af97abd.js

67.216.89.41

200 OK

70 kB

URL GET HTTP/2
www.similarlength.pro/ecc874/795b9af97abd.js
IP
67.216.89.41:443
ASN
#35415 Webzilla B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.similarlength.pro
Fingerprint0B:AC:39:1D:B7:7C:8C:27:2D:CE:00:3E:35:D5:FB:F3:AB:F9:1F:22
ValidityThu, 02 May 2024 09:48:11 GMT - Wed, 31 Jul 2024 09:48:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
70 kB (70406 bytes)
Hash
8fa75dc9276bf4184fc6d184bcdfd39e
c12bc6389248c6a34744619ceb96934339b7214c
5bd880f8beb58d07106966fdb15a6c6a75ccba0d7adf92c47501077b10772461

HTTP Headers

GET /ecc874/795b9af97abd.js HTTP/1.1
Host: www.similarlength.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ucdn/1.24.0
date: Sat, 04 May 2024 08:02:49 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315209757, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsrP7jnHS8YSuPjrkuTCVphpWXyPtXW95OS25mdhT/tjlBu+/ThX10k5rdTAQ2swmYU=
x-served-from: l1
x-vhostid: 93, 17033
content-encoding: br
X-Firefox-Spdy: h2

mcpuwpsh.com/get/

94.130.197.240

200 OK

2.3 kB

URL POST HTTP/2
mcpuwpsh.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2291), with no line terminators
Size
2.3 kB (2279 bytes)
Hash
d2ec0cfc451e41f21b2c6dcc3d16791f
ebceab28c12d5a132f8187482e0102b8de294a11
ab205aca6ff58da6e03cae8d1154987562be8352b865e7f8842cf16905c7cce7

HTTP Headers

POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.xmegadrive.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1185
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 04 May 2024 08:02:53 GMT
content-type: application/json
content-length: 2279
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

nereserv.com/in/dip?site=native-push&wl=1&event_id=44930f57-fa17-446e-b418-39193d118bcd&subid=1986595641&sid=1245628510&spot_id=12598&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1

167.235.163.216

200 OK

0 B

URL GET HTTP/2
nereserv.com/in/dip?site=native-push&wl=1&event_id=44930f57-fa17-446e-b418-39193d118bcd&subid=1986595641&sid=1245628510&spot_id=12598&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1
IP
167.235.163.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20
ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=44930f57-fa17-446e-b418-39193d118bcd&subid=1986595641&sid=1245628510&spot_id=12598&created_at=2024-05-04&timezone=0&ver=7.282.0-b&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 08:02:52 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

glochatuji.com/Y.2-xppqZrWs5_0uZvGwFx0-YzTA9ByCc_mElFkGPHT-AJ5KMLjME_5OZPWQMR1-MTzUEV3WM_TYMZ3aZbD-BdheZfTgZ_iiZjjkYlz-ZnGoEp5qY_TsAtyuZvT-Fxmy

188.72.219.36

200 OK

0 B

URL POST HTTP/2
glochatuji.com/Y.2-xppqZrWs5_0uZvGwFx0-YzTA9ByCc_mElFkGPHT-AJ5KMLjME_5OZPWQMR1-MTzUEV3WM_TYMZ3aZbD-BdheZfTgZ_iiZjjkYlz-ZnGoEp5qY_TsAtyuZvT-Fxmy
IP
188.72.219.36:443
ASN
#35415 Webzilla B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectglochatuji.com
Fingerprint2A:B9:99:72:9E:7F:F3:A2:3B:22:DC:5E:DE:3F:DE:2D:21:E1:AA:7E
ValiditySun, 31 Mar 2024 02:51:57 GMT - Sat, 29 Jun 2024 02:51:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /Y.2-xppqZrWs5_0uZvGwFx0-YzTA9ByCc_mElFkGPHT-AJ5KMLjME_5OZPWQMR1-MTzUEV3WM_TYMZ3aZbD-BdheZfTgZ_iiZjjkYlz-ZnGoEp5qY_TsAtyuZvT-Fxmy HTTP/1.1
Host: glochatuji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 118
Origin: https://www.xmegadrive.com
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:02:49 GMT
content-length: 0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.similarlength.pro/ecc874/795b9af97abd.js

67.216.89.41

200 OK

70 kB

URL GET HTTP/2
www.similarlength.pro/ecc874/795b9af97abd.js
IP
67.216.89.41:443
ASN
#35415 Webzilla B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.similarlength.pro
Fingerprint0B:AC:39:1D:B7:7C:8C:27:2D:CE:00:3E:35:D5:FB:F3:AB:F9:1F:22
ValidityThu, 02 May 2024 09:48:11 GMT - Wed, 31 Jul 2024 09:48:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
70 kB (70406 bytes)
Hash
8fa75dc9276bf4184fc6d184bcdfd39e
c12bc6389248c6a34744619ceb96934339b7214c
5bd880f8beb58d07106966fdb15a6c6a75ccba0d7adf92c47501077b10772461

HTTP Headers

GET /ecc874/795b9af97abd.js HTTP/1.1
Host: www.similarlength.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ucdn/1.24.0
date: Sat, 04 May 2024 08:02:49 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315209757, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsrP7jnHS8YSuPjrkuTCVphpWXyPtXW95OS25mdhT/tjlBu+/ThX10k5rdTAQ2swmYU=
x-served-from: l1
x-vhostid: 93, 17132
content-encoding: br
X-Firefox-Spdy: h2

tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0

136.243.44.113

200 OK

7.4 kB

URL GET HTTP/2
tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP
136.243.44.113:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF5:9F:1F:89:8F:08:CD:46:43:4B:55:0A:42:66:52:21:16:57:43:31
ValidityFri, 12 Apr 2024 09:06:37 GMT - Thu, 11 Jul 2024 09:06:36 GMT

File type
HTML document, ASCII text, with very long lines (7469), with no line terminators
Size
7.4 kB (7403 bytes)
Hash
086f4cfa0da53194b26e87aecf3c924f
8d1d3fa1295db605a37c886ef6ab7f837ac813d5
e189bda0e09daac09c9a60f8fbace7d70f8b32b8e333fffbf0b6bd0f2b973496

HTTP Headers

GET /iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:02:50 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://acdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 328d8bf060ca7e70
set-cookie: ts_uid=766aaa24-0d40-4e0b-abc2-cc518d641da3; expires=Mon, 04 Nov 2024 08:02:50 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js

45.133.44.52

200 OK

97 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/69e850fd67f4bef7c987ce894adc6a8e.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type

Size
97 kB (97000 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /69e850fd67f4bef7c987ce894adc6a8e.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Sat, 04 May 2024 08:07:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.xmegadrive.com/player/stats.php?embed=0&event=VideoError,&rnd=1714809771779

5.61.55.75

200 OK

43 B

URL GET HTTP/1.1
www.xmegadrive.com/player/stats.php?embed=0&event=VideoError,&rnd=1714809771779
IP
5.61.55.75:443
ASN
#58061 Scalaxy B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectwww.xmegadrive.com
Fingerprint10:9D:B4:39:29:D5:8E:F8:A3:59:1F:53:0B:86:34:B4:31:D3:07:81
ValidityFri, 19 Apr 2024 23:34:16 GMT - Thu, 18 Jul 2024 23:34:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /player/stats.php?embed=0&event=VideoError,&rnd=1714809771779 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872; test_variant=0.7262680184314496; kt_tcookie=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f81ad0dd-3425-4e7d-af9d-07901a7eb89e%3A2%3A1; kt_is_visited=1; pp_idelay_22074dd9528da2017ba0af2c5fbb65c8=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 08:02:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33

da7b22a400.13199960a1.com/9ce5c366c56b3eb801b7fc5bb76cb452.js

45.133.44.52

200 OK

470 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/9ce5c366c56b3eb801b7fc5bb76cb452.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type

Size
470 kB (470386 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9ce5c366c56b3eb801b7fc5bb76cb452.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 15 Apr 2024 13:02:16 GMT
etag: W/"661d2558-72d72"
content-encoding: gzip
expires: Sat, 04 May 2024 08:07:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

a.realsrv.com/ads.js

185.76.9.24

200 OK

1.9 kB

URL GET HTTP/2
a.realsrv.com/ads.js
IP
185.76.9.24:443
ASN
#60068 Datacamp Limited

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint0E:69:CE:5E:E5:4B:3B:03:49:89:DA:FE:B3:5F:5F:CF:9A:87:92:1F
ValidityTue, 27 Feb 2024 16:51:07 GMT - Mon, 27 May 2024 16:51:06 GMT

File type
JavaScript source, ASCII text, with very long lines (2076), with no line terminators
Size
1.9 kB (1935 bytes)
Hash
6155f8497f6745c62b56604751e5ed95
dc10e543a41ec7d089e292c4f22c7b91f5d449c4
3dfb671d9394e5ab13a2f059a1f793a7c6a2c80098694939e3fcfb66daad0a88

HTTP Headers

GET /ads.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:49 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"502a7c8276f014085d4080e07fe"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:45:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3vwMAAAwBuUwKAQH3DAAAAAwBJRPCLgH3AgAAAA
x-77-nzt-ray: af5856302a422d83a9eb356657f99306
x-accel-expires: @1714819609
x-accel-date: 1714808810
x-77-cache: HIT
x-77-age: 959
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 959
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

acdn.tsyndicate.com/sdk/v1/b.b.js

45.133.44.71

200 OK

6.1 kB

URL GET HTTP/2
acdn.tsyndicate.com/sdk/v1/b.b.js
IP
45.133.44.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default%20site%20description.%2CFemDom%2CBrat%20Princess%2CBrat%20Princess%202%2Cbrat%2Cprincess%2Ctease%2Cthe%2CChastity%2C4K%2CBrat%20Princess%202%20-%20Jazmine%20and%20Penelope%20-%20Tease%20the%20Flat%20Chastity%20Device%204K&adb=0&clientjs=1&w=1280&h=1024&tz=0
Certificate
IssuerLet's Encrypt
Subjectacdn.tsyndicate.com
Fingerprint9A:AE:79:BE:2C:BB:CF:C7:A3:F0:FB:72:3D:0F:55:E4:E8:E3:4D:5F
ValiditySat, 30 Mar 2024 03:00:48 GMT - Fri, 28 Jun 2024 03:00:47 GMT

File type
JavaScript source, ASCII text, with very long lines (6267), with no line terminators
Size
6.1 kB (6079 bytes)
Hash
0157845e81c4011579b3619f0401b161
efde716a44cd9f829e7fbc29875d093d3dc821e7
dd214b0311d8bdd6a5af8ea5b86070bb7d59f047baa2f06b5494dcf04ad50ecc

HTTP Headers

GET /sdk/v1/b.b.js HTTP/1.1
Host: acdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=766aaa24-0d40-4e0b-abc2-cc518d641da3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 19 Apr 2024 10:07:39 GMT
etag: W/"6622426b-17bf"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Mon, 06 May 2024 08:02:50 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2

video.xmegadrive.com/remote_control.php?time=1714809770&cv=ee68366ae9fee051398fb9ec537d6a75&lr=0&cv2=61bd15cf0705fe22727a8404da181c22&file=%2Fcontents%2Fvideos%2F210000%2F210105%2F210105.mp4&cv3=8bf7857f53f62e0d61688091c3a3b8b1&cv4=67debce2be6c1ac960c720323dfdf1e2

0.0.0.0

0 B

URL GET
video.xmegadrive.com/remote_control.php?time=1714809770&cv=ee68366ae9fee051398fb9ec537d6a75&lr=0&cv2=61bd15cf0705fe22727a8404da181c22&file=%2Fcontents%2Fvideos%2F210000%2F210105%2F210105.mp4&cv3=8bf7857f53f62e0d61688091c3a3b8b1&cv4=67debce2be6c1ac960c720323dfdf1e2
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectvideo.xmegadrive.com
Fingerprint2A:30:3D:4D:23:11:81:2D:BE:E2:6D:9A:6A:91:33:DB:FF:D1:DB:15
ValidityThu, 11 Apr 2024 23:17:15 GMT - Wed, 10 Jul 2024 23:17:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /remote_control.php?time=1714809770&cv=ee68366ae9fee051398fb9ec537d6a75&lr=0&cv2=61bd15cf0705fe22727a8404da181c22&file=%2Fcontents%2Fvideos%2F210000%2F210105%2F210105.mp4&cv3=8bf7857f53f62e0d61688091c3a3b8b1&cv4=67debce2be6c1ac960c720323dfdf1e2 HTTP/1.1
Host: video.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://www.xmegadrive.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=cb6c36a75d2926a349d025251bd54dd6; kt_qparams=dir%3Dbrat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k; kt_ips=91.90.42.154; kt_vast_511662=94a15829137354224a360b0de8631872
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sat, 04 May 2024 08:02:50 GMT
Content-Type: video/mp4
Content-Length: 48978393
Last-Modified: Tue, 28 Nov 2023 16:01:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Content-Disposition: inline; filename="210105.mp4"
ETag: "65660eee-2eb59d9"
Content-Range: bytes 0-48978392/48978393

a.magsrv.com/iframe.js?idzone=5282684&size=300x250&sub=10159

185.76.9.26

200 OK

2.3 kB

URL GET HTTP/2
a.magsrv.com/iframe.js?idzone=5282684&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2418), with no line terminators
Size
2.3 kB (2297 bytes)
Hash
2d1a4a41aafed866d792ccf4e585a005
b04221e72729ecf954a9d38301a902f3b5aa5630
4c78121c2c275a8ac5c0acf8be73aaff8b72b562a93e84bbc3b6704950bff59d

HTTP Headers

GET /iframe.js?idzone=5282684&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"f01e2b902d5e6bffedb8b048499"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 02 May 2024 13:49:17 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3fRMAAAwBuUwKDAH39AAAAAgB1GY4EQGB
x-77-nzt-ray: af5856302d401fb8aceb35668905ce12
x-accel-expires: @1714811436
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1714804783
x-77-age: 4989
server: CDN77-Turbo
x-cache: HIT
x-age: 4989
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159

185.76.9.26

200 OK

275 B

URL GET HTTP/2
a.magsrv.com/iframe.php?idzone=5282684&size=300x250&sub=10159
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
HTML document, ASCII text, with no line terminators
Size
275 B (275 bytes)
Hash
d15a8c0e441cbab7d0727abcc4d55dcf
06debf31221f75e3098fc8bdac53dd2a4b98dad9
897eddf6d7b6aef5c6bf0ea32acba4335e73b9ec040cfec3599a6d97ccbec26c

HTTP Headers

GET /iframe.php?idzone=5282684&size=300x250&sub=10159 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=10159
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226635ebab7dbb29.178118604014872169%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: 
expires: Sat, 04 May 2024 08:30:36 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3fRMAAAwBuUwKDAH3Aw4AAAwBisclxAH3MAIAAA
x-77-nzt-ray: af5856302d401fb8aceb35664e2e7a0f
x-accel-expires: @1714811436
x-accel-date: 1714804783
x-77-cache: HIT
x-77-age: 4989
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 4989
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

a.magsrv.com/build-iframe-js-url.js?idzone=5282678

185.76.9.26

200 OK

759 B

URL GET HTTP/2
a.magsrv.com/build-iframe-js-url.js?idzone=5282678
IP
185.76.9.26:443
ASN
#60068 Datacamp Limited

Requested by
https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C
ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT

File type
JavaScript source, ASCII text, with very long lines (784), with no line terminators
Size
759 B (759 bytes)
Hash
97dba738b62f88cdf3765ae7d3178947
139ebfec0a3a525dbee765feea965dda1fcba85b
fc2589143559dcaab9778720b8a83ed70f434caffec4b29fff328a71661d4179

HTTP Headers

GET /build-iframe-js-url.js?idzone=5282678 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=10159
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"fae22932d57431a393406a1a5ac"
accept-ch: 
expires: Thu, 02 May 2024 13:45:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH35wMAAAwBuUwKCQH3GgAAAAwBJRPCMQH3AQAAAA
x-77-nzt-ray: af5856302d401fb8abeb356622699b11
x-accel-expires: @1714819570
x-accel-date: 1714808772
x-77-cache: HIT
x-77-age: 999
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 999
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

da7b22a400.13199960a1.com/19d44b098ab6aa7dfec36de417c310f1.js

45.133.44.52

200 OK

168 kB

URL GET HTTP/2
da7b22a400.13199960a1.com/19d44b098ab6aa7dfec36de417c310f1.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectda7b22a400.13199960a1.com
Fingerprint07:F4:C8:88:64:13:2A:27:21:B9:21:22:4E:39:31:C9:B4:0B:24:CD
ValidityWed, 01 May 2024 02:20:21 GMT - Tue, 30 Jul 2024 02:20:20 GMT

File type

Size
168 kB (168338 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /19d44b098ab6aa7dfec36de417c310f1.js HTTP/1.1
Host: da7b22a400.13199960a1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 24 Apr 2024 09:09:17 GMT
etag: W/"6628cc3d-29192"
content-encoding: gzip
expires: Sat, 04 May 2024 08:07:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.wpshsdk.com/extention/build.m.js

45.133.44.52

200 OK

20 kB

URL GET HTTP/2
js.wpshsdk.com/extention/build.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.xmegadrive.com/videos/brat-princess-2-jazmine-and-penelope-tease-the-flat-chastity-device-4k/
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD
ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT

File type
JavaScript source, ASCII text, with very long lines (19879), with no line terminators
Size
20 kB (19879 bytes)
Hash
3e7592609ad6832acdf316d2a331f51e
6cd418dacff53ad51e926d2f51bc95b45dc5fe91
555d5195d9e6b6bbd648eccc1ec41fd5f018484a0ef5ef5c8f27753372f22942

HTTP Headers

GET /extention/build.m.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:02:51 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 06 Apr 2022 15:30:54 GMT
etag: W/"624db22e-4da7"
content-encoding: gzip
expires: Sat, 04 May 2024 08:07:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (55)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML