firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 19:50:32 GMT
Expires: Sun, 16 Oct 2022 20:38:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hYuTxx4wZHgHQtK9zHaUCBViU852S7gPcgK1RUmwDimph6TsNKQsKw==
Age: 2783
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14361
Expires: Mon, 17 Oct 2022 00:36:17 GMT
Date: Sun, 16 Oct 2022 20:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8448
Expires: Sun, 16 Oct 2022 22:57:44 GMT
Date: Sun, 16 Oct 2022 20:36:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R7AlS1LSNAnxj6poLW5DJalRqVCSSGBTqFe/vKPBshs1NEM//lBomdZWmzOlM4teOi59PObq4m8=
x-amz-request-id: 9HFK2YTFX25R64N1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 20:35:11 GMT
age: 105
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:36:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.xmegadrive.com/videos/nicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob/
37.252.15.5200 OK 9.4 kB URL HTTP/1.1 www.xmegadrive.com/videos/nicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob/
IP 37.252.15.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6441)
Hash d43c749a601285c30efd689cabc0018b
e2a8c70c52c2333a6113c884c3dd261e7df125eb
d5863fadc7ddefcd2327c21d19687988c381e001d52984e1aba2ba26eff861d0
GET /videos/nicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob/ HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=814e3c11867c9b70faf9b8012110adbb; path=/; domain=.xmegadrive.com
kt_qparams=dir%3Dnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob; expires=Mon, 17-Oct-2022 20:36:56 GMT; Max-Age=86400; path=/; domain=.xmegadrive.com
kt_ips=91.90.42.154; expires=Mon, 17-Oct-2022 20:36:56 GMT; Max-Age=86400; path=/; domain=.xmegadrive.com
Content-Encoding: gzip
a.realsrv.com/ads.js
205.185.216.10200 OK 974 B IP 205.185.216.10:0
File type ASCII text, with very long lines (2475), with no line terminators
Hash f2e9f79e4bd643ca1264fca98531c71e
7acaa14a18676a38bdc3043d0e016e8cfacb275a
db8cf84b422102aa8bc89c36a569921dc69ed556703a96ca44434d2fe98af57b
GET /ads.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:36:57 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 974
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"f4fddb85b686269b678e3caf766"
X-HW: 1665952617.dop227.sk1.t,1665952617.cds015.sk1.shn,1665952617.cds015.sk1.c
Access-Control-Allow-Origin: *, *
a.realsrv.com/video-slider.js
205.185.216.10200 OK 13 kB URL HTTP/1.1 a.realsrv.com/video-slider.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (46223), with no line terminators
Hash a1194824fef193e74c7cf8b5af6d258a
35c59215fe50516d0b718a933e62532b215abd6e
cf4ae6e931eb41453a0c1309bd90d7187e5bab14709b2d90b46c1b409725b070
GET /video-slider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:36:57 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 13140
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"1453e5f97d7524164bf7924bef3"
X-HW: 1665952617.dop202.sk1.t,1665952617.cds217.sk1.shn,1665952617.cds217.sk1.c
Access-Control-Allow-Origin: *, *
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 20:07:43 GMT
Expires: Sun, 16 Oct 2022 20:43:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G7PcKMy9zN6o6dg8nLlZ3fheHTvuIf0GIKEpRqlZOYQ6HlEfIoZgFA==
Age: 1754
cdn.tsyndicate.com/sdk/v1/bi.js
8.254.252.210200 OK 3.3 kB URL HTTP/1.1 cdn.tsyndicate.com/sdk/v1/bi.js
IP 8.254.252.210:0
File type C source, ASCII text, with very long lines (7675)
Hash 994ce2eb3c88a9c1025564da2a49a681
8f8e617b60e5626becb9bd5e4edd5461ccf4279e
8927431d37a4d03469c7d618a05ac02c7149c988766fb34667f06f1310a2246e
GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:36:46 GMT
Content-Type: application/javascript
Content-Length: 3253
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 08:53:30 GMT
Server: nginx
X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
Vary: Accept-Encoding
ETag: W/"63282e0a-1e1a"
Age: 2372411
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9562553f42fc31f1726c78f6ceb1211
eb2e81e3bb7df33eb449aeb8aa8e11fa0aeb1312
6c860daaada2c3158199c502d269c01c07851ae75ff674cab9fc2ca16c07a973
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C860DAAADA2C3158199C502D269C01C07851AE75FF674CAB9FC2CA16C07A973"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17056
Expires: Mon, 17 Oct 2022 01:21:13 GMT
Date: Sun, 16 Oct 2022 20:36:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9562553f42fc31f1726c78f6ceb1211
eb2e81e3bb7df33eb449aeb8aa8e11fa0aeb1312
6c860daaada2c3158199c502d269c01c07851ae75ff674cab9fc2ca16c07a973
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C860DAAADA2C3158199C502D269C01C07851AE75FF674CAB9FC2CA16C07A973"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17056
Expires: Mon, 17 Oct 2022 01:21:13 GMT
Date: Sun, 16 Oct 2022 20:36:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9562553f42fc31f1726c78f6ceb1211
eb2e81e3bb7df33eb449aeb8aa8e11fa0aeb1312
6c860daaada2c3158199c502d269c01c07851ae75ff674cab9fc2ca16c07a973
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C860DAAADA2C3158199C502D269C01C07851AE75FF674CAB9FC2CA16C07A973"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17056
Expires: Mon, 17 Oct 2022 01:21:13 GMT
Date: Sun, 16 Oct 2022 20:36:57 GMT
Connection: keep-alive
www.xmegadrive.com/static/styles/jquery.fancybox-white.css?v=7.5
37.252.15.5200 OK 1.5 kB URL HTTP/1.1 www.xmegadrive.com/static/styles/jquery.fancybox-white.css?v=7.5
IP 37.252.15.5:0
File type ASCII text, with CRLF line terminators
Hash 39fb6f050f881fadb010afdaf6fd7473
dec9af223184fe3a84cf49031795caed75d8317e
f1b99bd2d8b6b9c8f7cf7164c6d1dc6607d32bcccb52d1527f7f17578be8efa6
GET /static/styles/jquery.fancybox-white.css?v=7.5 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: text/css
Last-Modified: Mon, 24 Feb 2020 04:34:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5e53526d-14e6"
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
37.252.15.5200 OK 23 kB URL HTTP/1.1 www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
IP 37.252.15.5:0
File type ASCII text, with very long lines (15274), with CRLF line terminators
Hash c29e8768aa982ed21a6d9fd9e9640ad8
4391ca8a9b771a94fdaef85261834c1db021b759
b1ae54a7b0ac4ed282a3b7c07da3366576ba2544ff437fce9551f58849f932fe
GET /static/styles/all-responsive-white.css?v=7.5 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: text/css
Last-Modified: Mon, 24 Feb 2020 04:34:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5e53526d-27b1f"
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1573
Cache-Control: max-age=129363
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:36:57 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 08:33:00 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.xmegadrive.com/static/images/logo.png
37.252.15.5200 OK 2.6 kB URL HTTP/1.1 www.xmegadrive.com/static/images/logo.png
IP 37.252.15.5:0
File type PNG image data, 181 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash b3f6a0588dac83d6f9de55ffafe04e35
13f95ed9dbd19451c67f07a1348d907f1a943068
1af423c9de695ef23202ceac079afb1ac6bb23cad3739e40ad18e2ef221563d7
GET /static/images/logo.png HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: image/png
Content-Length: 2627
Last-Modified: Tue, 25 Feb 2020 13:58:37 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5e55280d-a43"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
www.xmegadrive.com/static/images/emoticons/w00t.png
37.252.15.5200 OK 873 B URL HTTP/1.1 www.xmegadrive.com/static/images/emoticons/w00t.png
IP 37.252.15.5:0
File type PNG image data, 20 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 74b4717dcea34b5703997dc4d72d10b9
1caaa10bca9cb51ded9bb0206196fc05723c8192
e8aa14cf8544fdbef1b052855bed6aa636214da3b1b0386a42f0ac41ce718ef3
GET /static/images/emoticons/w00t.png HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: image/png
Content-Length: 873
Last-Modified: Mon, 24 Feb 2020 04:34:39 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5e53525f-369"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
www.xmegadrive.com/static/js/main.min.js?v=7.5
37.252.15.5200 OK 82 kB URL HTTP/1.1 www.xmegadrive.com/static/js/main.min.js?v=7.5
IP 37.252.15.5:0
File type ASCII text, with very long lines (32089), with CRLF line terminators
Hash 39439bfe5f3cd65d63ef72d7decbb729
7271078c3c00e8a498ae8f3d9d51496052d551d2
bee9a67ba7ec5d4e35ca97a028f9d0385edfa1a177edc322318ccff31f2fa633
GET /static/js/main.min.js?v=7.5 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Feb 2020 04:34:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5e53526d-3fb18"
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F
188.72.219.36301 Moved Permanently 162 B URL HTTP/1.1 glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F
IP 188.72.219.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F HTTP/1.1
Host: glochatuji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CBI0hsEcJDtjruI7twvniQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VtCkgr7LYN9m8F8sPN98ecEJ6WM=
layingprocuregather.com/9e/fd/72/9efd72bfd5c53c3cf275647828023e0b.js
192.243.59.20200 OK 20 kB URL HTTP/1.1 layingprocuregather.com/9e/fd/72/9efd72bfd5c53c3cf275647828023e0b.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59405), with no line terminators
Hash c964e3acdb0e5ba1757fea78ff6b4a61
c05b5f33f63068857ff5726d88d9cb0456ea9281
74dbb021086ee4a8350c2a3667e35e200ad860e966d13a3f75d2c630f28306b1
Analyzer Verdict Alert quad9 Sinkholed
GET /9e/fd/72/9efd72bfd5c53c3cf275647828023e0b.js HTTP/1.1
Host: layingprocuregather.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d10cc999bc4435b22d7522e2aab118cf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.xmegadrive.com/static/images/search.svg
37.252.15.5200 OK 3.1 kB URL HTTP/1.1 www.xmegadrive.com/static/images/search.svg
IP 37.252.15.5:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (545)
Hash c62651bf2decf3a3382df574746a9ffc
800ec9e07fad5adc7b880479cace8af702f59c18
69d77c01823b80be5ef5e5ac9a74cf0fcd2ebfe33f70be009e3ed22393c39899
GET /static/images/search.svg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:57 GMT
Content-Type: image/svg+xml
Content-Length: 3139
Last-Modified: Mon, 24 Feb 2020 04:34:52 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5e53526c-c43"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
syndication.realsrv.com/splash.php?idzone=3743429&cookieconsent=true
95.211.229.245200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=3743429&cookieconsent=true
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1530)
Hash 17fccefd92bcbaef1fad001c5359a2e4
3bb6593cdabda69165fb761b6af1fc9758aea03a
d6cc3ac965589ae870bfa1c9b7c8394cd5d9dac685f941c4e6c40fc064ce9195
GET /splash.php?idzone=3743429&cookieconsent=true HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22634c6b6a0344d3.518106113281603983%22%3B%7D; expires=Tue, 15 Oct 2024 20:36:58 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C3743429%7C75938560%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cxmegadrive.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 17 Oct 2022 20:36:58 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: http://www.xmegadrive.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.xmegadrive.com/static/images/fonts/icomoon.ttf?nddhpi
37.252.15.5200 OK 9.6 kB URL HTTP/1.1 www.xmegadrive.com/static/images/fonts/icomoon.ttf?nddhpi
IP 37.252.15.5:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 21263355cf739547055f2da9fd6759bd
762384d3af0de2d2bd630855b3f388326038ba92
2674595ece6d29bba3197719873b35d8e2893e9eb3a0271bad0ea717e9b3d405
GET /static/images/fonts/icomoon.ttf?nddhpi HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/font-sfnt
Content-Length: 9568
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 24 Feb 2020 04:34:52 GMT
ETag: "2560-59f4ae46e8d46"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146885
Date: Sun, 16 Oct 2022 20:36:58 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:25:03 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QRe_S8Csn6GRhCpA6uSgI7uhQRxDExbp-Pyp0Rcg4e28dJVr80TPFw==
Age: 3245
addresseepaper.com/sfp.js
104.21.235.2200 OK 28 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: a88a99f02d5dc4a30a50c9fcc7dbb978
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 16 Oct 2022 20:36:57 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvV5JMHGybLq82XQPwB5m6sgLEKrmXyKq3tvdD%2F6QbWuCtEj9qyHRMGgHFipejsQjU6WAHfEXFTDKQ7CIMubAGYJdLh4%2FdTRFG1chV%2FWVuU3YxUK4iSFnWRZ%2FCprTeLEUcsnDgk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b396f66a547761-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.xmegadrive.com/static/images/fonts/icomoon.woff?nddhpi
37.252.15.5200 OK 9.6 kB URL HTTP/1.1 www.xmegadrive.com/static/images/fonts/icomoon.woff?nddhpi
IP 37.252.15.5:0
File type Web Open Font Format, TrueType, length 9644, version 0.0\012- data
Hash 745b53c37c08bbcd270d428b61e79eff
3f942a05419f1fee48f750ae9664233b6edd6246
ca81e8ad1747146e2629667e0a163aa859f08cd79f4e2e84842950bd4b3eef08
GET /static/images/fonts/icomoon.woff?nddhpi HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: https://www.xmegadrive.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/font-woff
Content-Length: 9644
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 24 Feb 2020 04:34:52 GMT
ETag: "25ac-59f4ae46f4cae"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 92f54a3047973972264023222d09acf7
41c6a744b6243af5c35959c4694508ce64b7c8b1
7723356c701cd03e8a6d96fe8a69f6f620be157fdce5eea38157048005aa0a3e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:36:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.xmegadrive.com
access-control-allow-credentials: true
set-cookie: uid_id2=50ba1667-73c6-407e-b031-4fa4e709202d:3:1; expires=Wed, 13 Oct 2032 20:36:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F
188.72.219.36200 OK 15 kB URL HTTP/2 glochatuji.com/cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F
IP 188.72.219.36:0
File type Unicode text, UTF-8 text, with very long lines (5600)
Hash 72212794d3b8c2ecfe172adaa3194f66
2f330107809e3d0547050f066b30480f3d6fa6e9
61c72e64137563fdffd27662140e210c865b29b443ec4957df1e60c9aa72ed5b
GET /cIDK9M6.bv2B5nliStW/Qy9VNUDvEB1/Mczkc-5/NwiI0l0MMNTxURzINlzVk/3F HTTP/1.1
Host: glochatuji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xmegadrive.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:36:57 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sun, 16 Oct 2022 20:36:57 GMT
access-control-allow-methods: GET
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NjU5MTcyNTUsInpvbmVzIjp7IjQxNTM3OTYiOls0MTUzNzk2LDEsMTY2NTk1MjYxN10sIjQyODM4NTgiOls0MjgzODU4LDEsMTY2NTkyOTY5Nl0sIjQzNjEyMDMiOls0MzYxMjAzLDEsMTY2NTg4MjMwNV0sIjQzODM2MDAiOls0MzgzNjAwLDEsMTY2NTg3MzM5M10sIjQ0MjcwMzciOls0NDI3MDM3LDMsMTY2NTg4MjI1M10sIjQ1MDU4NzAiOls0NTA1ODcwLDEsMTY2NTkxNzI1NV19fQ==; max-age=1697488617; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
evasiondemandedlearning.com/d3a76329693053849cf13b643f4feb0e/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 evasiondemandedlearning.com/d3a76329693053849cf13b643f4feb0e/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (27003), with no line terminators
Hash 9da7215aa2fb1d1cf960f2956fbe675b
d10844ff301a1778a5628e34a45b4d44a17a3a08
a18da44f78154775c0adca3451b2e606014098d93073b0490d62ee15d4a0651a
GET /d3a76329693053849cf13b643f4feb0e/invoke.js HTTP/1.1
Host: evasiondemandedlearning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 233779519ed38831f60d11301d9d4a82
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
prawnsimply.com/67/39/eb/6739eb614065bcd3904b9d0b177c0184.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 prawnsimply.com/67/39/eb/6739eb614065bcd3904b9d0b177c0184.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37125), with no line terminators
Hash 5a67a77b22e77dea84cf691de2707330
30c0bdfdbe2342dcbd7658d1a6b60a6f01f0af2e
c7b537a046e6a6daf114b88459f185ca88c7a52b9a90482381a6571e477b4119
Analyzer Verdict Alert quad9 Sinkholed
GET /67/39/eb/6739eb614065bcd3904b9d0b177c0184.js HTTP/1.1
Host: prawnsimply.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d139f18484f3388ab2b3be372edec08d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.fovykaxo.pro/eff746/c94f71924a0c.js
67.216.91.19200 OK 28 kB URL HTTP/2 www.fovykaxo.pro/eff746/c94f71924a0c.js
IP 67.216.91.19:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 911309d0dd76ac2361708d1a0179ffa1
a30b5e271f1a28768fb51f2b71bb7d592935a3b1
38ca4a9d117ccc68ee1eb719f05c0a1ad02f89fd4f200f6a9d333e115c111360
Analyzer Verdict Alert quad9 Sinkholed
GET /eff746/c94f71924a0c.js HTTP/1.1
Host: www.fovykaxo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Sun, 16 Oct 2022 20:36:58 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357782, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsog41fW3hOd965Uj5PfSqLO3GY8s5N7WkiuyFrNS0bW2JpoQosFRHg7MChOCzn8QdY=
x-served-from: l1
x-vhostid: 115, 21994
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default,site,description,Feet,HandJob,big,soles,Footjob,feet,Nicoli,Big,Soles,Vol,Footjob,Video,Jhonn,Womens,Feet,FootJob&adb=0&clientjs=1&w=1280&h=1024&tz=0
78.46.40.103200 OK 3.9 kB URL HTTP/1.1 tsyndicate.com/iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default,site,description,Feet,HandJob,big,soles,Footjob,feet,Nicoli,Big,Soles,Vol,Footjob,Video,Jhonn,Womens,Feet,FootJob&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP 78.46.40.103:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4981)
Hash 3312a5f72827718822b0c13588e7d876
f0779a7ba745e33ba14abfe518448d5f4179757a
222ca5328e975951ca34f7b3113412f0c291aabc46af5dc06468cfc2bf014ac3
GET /iframes2/4ddbd08cee2e480aaabfb2269f2cc945.html?keywords=Default,site,description,Feet,HandJob,big,soles,Footjob,feet,Nicoli,Big,Soles,Vol,Footjob,Video,Jhonn,Womens,Feet,FootJob&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding, *
X-Api-Version: 2
Link: <http://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
X-Request-Id: c9ffabb0e6560004
Set-Cookie: ts_uid=4287e91c-f32c-4afc-a0b0-c99e9c124487; expires=Sun, 16 Apr 2023 20:36:58 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
Content-Encoding: gzip
evasiondemandedlearning.com/326b39096325433f5edf5ef14f22925d/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 evasiondemandedlearning.com/326b39096325433f5edf5ef14f22925d/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26971), with no line terminators
Hash c7b961551cb63ddf28eafec8f95ea384
e6970c8f4b412d761f41fbbaaacf70f83a0a5262
7c25e396beca3b61e34c4bda6307c61669113867a869122a2de7c4753a659c92
GET /326b39096325433f5edf5ef14f22925d/invoke.js HTTP/1.1
Host: evasiondemandedlearning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40b645c042c53b3406182fc70d383827
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/428515/5ceded664676db96d2b3b5382cb17da5e728eefc.webp
185.76.9.22200 OK 12 kB URL HTTP/1.1 s3t3d2y8.afcdn.net/library/428515/5ceded664676db96d2b3b5382cb17da5e728eefc.webp
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f873befbe3e52bba71c605062b1ff845
5ceded664676db96d2b3b5382cb17da5e728eefc
480a21117ecb1dac929af83d77cf4e57cb2342a2d424c5b798edf6379d472a41
GET /library/428515/5ceded664676db96d2b3b5382cb17da5e728eefc.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://syndication.realsrv.com/
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: image/webp
Content-Length: 12098
Connection: keep-alive
Last-Modified: Fri, 31 Dec 2021 10:19:16 GMT
ETag: "61ced924-2f42"
Expires: Fri, 30 Jun 2023 11:13:27 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
X-Accel-Expires: @1688195231
Server: CDN77-Turbo
X-Robots-Tag: noindex, follow
X-77-NZT: AblMCRQ8uq7/S86NAA
X-77-NZT-Ray: higbapxBLlU
X-Cache: HIT
X-Age: 9293387
X-77-POP: stockholmSE
X-77-Cache: HIT
Accept-Ranges: bytes
u3y8v8u4.aucdn.net/library/802424/d99d56556b71b25499dff2e104e80de94aef9a8b.mp4
185.76.9.22206 Partial Content 4.0 MB URL HTTP/2 u3y8v8u4.aucdn.net/library/802424/d99d56556b71b25499dff2e104e80de94aef9a8b.mp4
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 4.0 MB (3984102 bytes)
Hash 1d7a7f947bfd60613bbae8ef9743ae4f
77ba700c304d9f0142cfcbc8460399bd0154ca73
aafdf634fb42aa437cbabb799e44d3f44e1622634148595e57c6836933abed8d
GET /library/802424/d99d56556b71b25499dff2e104e80de94aef9a8b.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 16 Oct 2022 20:36:58 GMT
content-type: video/mp4
content-length: 12172614
last-modified: Thu, 22 Sep 2022 14:26:02 GMT
etag: "632c707a-b9bd46"
expires: Fri, 22 Sep 2023 14:36:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1695393422
server: CDN77-Turbo
x-77-nzt: AblMCRRgNln/XPgfAA
x-77-nzt-ray: QgfL/VxSwPo
x-cache: HIT
x-age: 2095196
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-12172613/12172614
X-Firefox-Spdy: h2
www.xmegadrive.com/static/images/kvs.svg
37.252.15.5200 OK 426 B URL HTTP/1.1 www.xmegadrive.com/static/images/kvs.svg
IP 37.252.15.5:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 3b84ffa8ef43a9be58f42a41f8bf3bc6
db310cdc6cd38b8257f28203b2694305258fcbb6
ce516f3cc4770c939f74f9dcd74efc71960b22aed6fe880eab8281d90a9ad6df
GET /static/images/kvs.svg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xmegadrive.com/static/styles/all-responsive-white.css?v=7.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: image/svg+xml
Content-Length: 426
Last-Modified: Mon, 24 Feb 2020 04:34:52 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5e53526c-1aa"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
creepingbrings.com/sfp.js
104.21.234.233200 OK 28 kB URL HTTP/1.1 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: d95c5d2f93caea7b016dfaf48962de1f
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 16 Oct 2022 20:36:58 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yE8y5G%2BGFtaJ4MNhQ6tg8B02SqO%2FTPLIopc6WBL9aCizsOr3yXlGU7XEtQlGqqOXS34sysseIqcWjT%2FfUnqP7Cv8jJ%2B6mLuVnb4XFhRX0Kbzjbv26iI8lIdQVivhJC4FEHbEeUY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b396f9fab0744b-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.xmegadrive.com/contents/videos_screenshots/80000/80127/320x180/3.jpg
37.252.15.5200 OK 8.2 kB URL HTTP/1.1 www.xmegadrive.com/contents/videos_screenshots/80000/80127/320x180/3.jpg
IP 37.252.15.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 543da3f59ccb2eca2cbe8a68dcaeb61c
5c36c51ee691d45cff574328dfbfc88b54047f18
4d323317842e86547b2d943225ec9561fa7af3ce87ddce6b138f27e2c3976cbc
GET /contents/videos_screenshots/80000/80127/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: image/jpeg
Content-Length: 8198
Last-Modified: Wed, 27 Oct 2021 10:39:01 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "61792c45-2006"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
www.xmegadrive.com/contents/videos_screenshots/63000/63952/320x180/3.jpg
37.252.15.5200 OK 10 kB URL HTTP/1.1 www.xmegadrive.com/contents/videos_screenshots/63000/63952/320x180/3.jpg
IP 37.252.15.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 9750d8e19ec9f878d1652dfceb05c047
73fc1eeea2078fe3e7575a065a7deba5947e45f3
7f8342a1d18730eceb3cffb1b52f92c5e29d5cd4a1c05c4eb8f286c641ff6bdd
GET /contents/videos_screenshots/63000/63952/320x180/3.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: image/jpeg
Content-Length: 10318
Last-Modified: Wed, 16 Jun 2021 18:58:01 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60ca49b9-284e"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
www.xmegadrive.com/videos/nicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob/?video_id=105832&mode=async&action=js_stats&rand=1665952622488
37.252.15.5200 OK 43 B URL HTTP/1.1 www.xmegadrive.com/videos/nicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob/?video_id=105832&mode=async&action=js_stats&rand=1665952622488
IP 37.252.15.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /videos/nicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob/?video_id=105832&mode=async&action=js_stats&rand=1665952622488 HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.xmegadrive.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.1.33
Set-Cookie: kt_is_visited=1; expires=Mon, 17-Oct-2022 20:36:58 GMT; Max-Age=86400; path=/; domain=.xmegadrive.com
Strict-Transport-Security: max-age=31536000;
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51888e524274dd5a9f545aaf74dc773d
f92d558999c2ac533d872c5a57ac65465456f3f1
cb956fb32fc9ad87e0ea3e114e0d0a68bf3eb8b0015a0125349ad5e63d6b47ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB956FB32FC9AD87E0EA3E114E0D0A68BF3EB8B0015A0125349AD5E63D6B47EF"
Last-Modified: Fri, 14 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3426
Expires: Sun, 16 Oct 2022 21:34:05 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51888e524274dd5a9f545aaf74dc773d
f92d558999c2ac533d872c5a57ac65465456f3f1
cb956fb32fc9ad87e0ea3e114e0d0a68bf3eb8b0015a0125349ad5e63d6b47ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB956FB32FC9AD87E0EA3E114E0D0A68BF3EB8B0015A0125349AD5E63D6B47EF"
Last-Modified: Fri, 14 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3426
Expires: Sun, 16 Oct 2022 21:34:05 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b4278b479978152c8564dcae880c514f
e1c28f4ecf9a4c7bdc19efef4a7071fca2b59e42
643ea0732c4f4c3dc372058a796e062e9e981b41c8f516b95219fb4ff8895a44
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 15 Oct 2022 15:56:18 GMT
Expires: Sat, 22 Oct 2022 15:56:17 GMT
Etag: "e1c28f4ecf9a4c7bdc19efef4a7071fca2b59e42"
Cache-Control: max-age=500958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b396fb9f9eb518-OSL
lcdn.tsyndicate.com/images/4/c/8d491ddc58a170f663fe1832401a12552ae293/main.jpg
8.247.219.121200 OK 14 kB URL HTTP/2 lcdn.tsyndicate.com/images/4/c/8d491ddc58a170f663fe1832401a12552ae293/main.jpg
IP 8.247.219.121:0
File type JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Hash 73c32e479fa84df7cdca182f7915f13b
3bc57bf096cd856ccf36ef000c5aaf865b6a5763
79e49532d55f7cfe6a10d91ef69612d0842315418663d56d0970e3674b77aaf0
GET /images/4/c/8d491ddc58a170f663fe1832401a12552ae293/main.jpg HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tsyndicate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:36:59 GMT
content-type: image/jpeg
content-length: 13471
last-modified: Tue, 19 Jul 2022 11:59:47 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d69cb3-3522"
age: 7720540
accept-ranges: bytes
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIGWNDDIwYM2K0iCFjTI4WNHLYGNNCjJgcM0aGuVEjB4wZZnDIyEFDxMMwdcZkjBEDR5gcZF629FgDJZkwInHEMAOjxRgYYWqEmTEjh5kZBn1CJGNnoQwYN9I-hFNHDMUcNW7g-AkHDsWPNR_OgTNRxwwbUm_MkPFwTBu7OmigpREjx08yZig-FOPGjVkcNmgMpvGwjRuMDAefXesZtI0ajB_WkcNmYciQMGoQFlFHRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzUGSM1xAb_OCjQs4aOD8gNNjjA43NWbQ0INnjUsxxsd8UaMnB5c6MGDIsEGmhw0ZN5wmhlRixFDGfzLEMAZmMsxQxg1iyHBffvvN0cNfgQ02oX4d9SADZprJQMOG-4lhXQ8wuJBfDCTaAMeJUIxBRhREDDFGFksU4QQdeOihhBU5SPEEGXAc0UYMSiCBRhxCyFGFG02o4UQUQYjBRBw52HGDG2soQYQTQrxhRhxGwDCEHPJBQQMSajBRBhRDoCHEE2oIIUYVcjjRhh5pzHDFDHA0lgMecdiBBR4twLHEF28wigQVMaQxRBlqHHHHF2dUkQQRUlSRRouGkafYDYzZhx-Ha5SRxx3R9UdEGWYAxQYdJcgwxBxp0FFGrUMcNMcY1fGVxhtu8GpEGWXQaisSYbhBhhJviMGriWfwOscbbJQxh7FvvEGHGtHyagayyg7hxHPYpsGrEGlUa-sU2GrLqxXYcustuNLaaoV1ZbzBqxJoEFusrVe80UYZbmxr67HJ2ksHtGK0SIYMPbB46n5kxNDDqKVKPAOKEtNQMV6mUshfDT048YTENvSAx8FnGFSdHWVoZ7DEN1yYHx4y1ADDF2Z0q6scEuPgocQ5XCgWGQZndMfTLrxcRsxkzFzzdmKNEUZfWzTIwoddrIUmRWW0AIMNk0WmQ4ofFQZHG19QJ9TaKuZH00Ny2IFYzw-VMcbbC7HdNm11pJERDR_eUEYOCrbwVUkohWEGS2HA4JFVOeSw-Bgk0UADDjeIlQZiIjDugk0uIO5CQz3h_cXoGZmOuuqsi1VHGBk18QafbLARxgs1qAgCClgQtQMITKThRh14gIAHZl9kdnzeOqikYgogHOH3Gm-8cFYMK34EghFpyAHrG3i8YD0MWc8tgspiRffFGO7D_xAb7uu4dBl2fGF-awyJi1wwlB-8ncEyOugZ6B5ykP6JQQ4LwcFcRNDAL7ThDWS4jA0qQkE5vME1D3mDQhIoNvTlYSGcEYH51DaQ3MChNy942h2iBjOZpYFmNuOOWO4wlA-x7yFoGIp-WieCOeQtIx6kw9ai04Lm5KoFPnMBGThnGwa67yBfmCJJxEKHNlDEBqeBy36KYpE22IYhYKyJbDaIgxqc5jH-0xYcvrC1L4ZxjWQUAf_omC050GGEW1BP2CAihr5QEFaymsha8Be4woAGBn1QQEAA&s=156dbb8ffd4e620634ada273024c41e60e6050a172d9ab5a3c022c6f6003f2d51665952618&w=t&r=1&d=92&priv=false
136.243.134.97200 OK 24 B URL HTTP/1.1 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIGWNDDIwYM2K0iCFjTI4WNHLYGNNCjJgcM0aGuVEjB4wZZnDIyEFDxMMwdcZkjBEDR5gcZF629FgDJZkwInHEMAOjxRgYYWqEmTEjh5kZBn1CJGNnoQwYN9I-hFNHDMUcNW7g-AkHDsWPNR_OgTNRxwwbUm_MkPFwTBu7OmigpREjx08yZig-FOPGjVkcNmgMpvGwjRuMDAefXesZtI0ajB_WkcNmYciQMGoQFlFHRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzUGSM1xAb_OCjQs4aOD8gNNjjA43NWbQ0INnjUsxxsd8UaMnB5c6MGDIsEGmhw0ZN5wmhlRixFDGfzLEMAZmMsxQxg1iyHBffvvN0cNfgQ02oX4d9SADZprJQMOG-4lhXQ8wuJBfDCTaAMeJUIxBRhREDDFGFksU4QQdeOihhBU5SPEEGXAc0UYMSiCBRhxCyFGFG02o4UQUQYjBRBw52HGDG2soQYQTQrxhRhxGwDCEHPJBQQMSajBRBhRDoCHEE2oIIUYVcjjRhh5pzHDFDHA0lgMecdiBBR4twLHEF28wigQVMaQxRBlqHHHHF2dUkQQRUlSRRouGkafYDYzZhx-Ha5SRxx3R9UdEGWYAxQYdJcgwxBxp0FFGrUMcNMcY1fGVxhtu8GpEGWXQaisSYbhBhhJviMGriWfwOscbbJQxh7FvvEGHGtHyagayyg7hxHPYpsGrEGlUa-sU2GrLqxXYcustuNLaaoV1ZbzBqxJoEFusrVe80UYZbmxr67HJ2ksHtGK0SIYMPbB46n5kxNDDqKVKPAOKEtNQMV6mUshfDT048YTENvSAx8FnGFSdHWVoZ7DEN1yYHx4y1ADDF2Z0q6scEuPgocQ5XCgWGQZndMfTLrxcRsxkzFzzdmKNEUZfWzTIwoddrIUmRWW0AIMNk0WmQ4ofFQZHG19QJ9TaKuZH00Ny2IFYzw-VMcbbC7HdNm11pJERDR_eUEYOCrbwVUkohWEGS2HA4JFVOeSw-Bgk0UADDjeIlQZiIjDugk0uIO5CQz3h_cXoGZmOuuqsi1VHGBk18QafbLARxgs1qAgCClgQtQMITKThRh14gIAHZl9kdnzeOqikYgogHOH3Gm-8cFYMK34EghFpyAHrG3i8YD0MWc8tgspiRffFGO7D_xAb7uu4dBl2fGF-awyJi1wwlB-8ncEyOugZ6B5ykP6JQQ4LwcFcRNDAL7ThDWS4jA0qQkE5vME1D3mDQhIoNvTlYSGcEYH51DaQ3MChNy942h2iBjOZpYFmNuOOWO4wlA-x7yFoGIp-WieCOeQtIx6kw9ai04Lm5KoFPnMBGThnGwa67yBfmCJJxEKHNlDEBqeBy36KYpE22IYhYKyJbDaIgxqc5jH-0xYcvrC1L4ZxjWQUAf_omC050GGEW1BP2CAihr5QEFaymsha8Be4woAGBn1QQEAA&s=156dbb8ffd4e620634ada273024c41e60e6050a172d9ab5a3c022c6f6003f2d51665952618&w=t&r=1&d=92&priv=false
IP 136.243.134.97:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIGWNDDIwYM2K0iCFjTI4WNHLYGNNCjJgcM0aGuVEjB4wZZnDIyEFDxMMwdcZkjBEDR5gcZF629FgDJZkwInHEMAOjxRgYYWqEmTEjh5kZBn1CJGNnoQwYN9I-hFNHDMUcNW7g-AkHDsWPNR_OgTNRxwwbUm_MkPFwTBu7OmigpREjx08yZig-FOPGjVkcNmgMpvGwjRuMDAefXesZtI0ajB_WkcNmYciQMGoQFlFHRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzUGSM1xAb_OCjQs4aOD8gNNjjA43NWbQ0INnjUsxxsd8UaMnB5c6MGDIsEGmhw0ZN5wmhlRixFDGfzLEMAZmMsxQxg1iyHBffvvN0cNfgQ02oX4d9SADZprJQMOG-4lhXQ8wuJBfDCTaAMeJUIxBRhREDDFGFksU4QQdeOihhBU5SPEEGXAc0UYMSiCBRhxCyFGFG02o4UQUQYjBRBw52HGDG2soQYQTQrxhRhxGwDCEHPJBQQMSajBRBhRDoCHEE2oIIUYVcjjRhh5pzHDFDHA0lgMecdiBBR4twLHEF28wigQVMaQxRBlqHHHHF2dUkQQRUlSRRouGkafYDYzZhx-Ha5SRxx3R9UdEGWYAxQYdJcgwxBxp0FFGrUMcNMcY1fGVxhtu8GpEGWXQaisSYbhBhhJviMGriWfwOscbbJQxh7FvvEGHGtHyagayyg7hxHPYpsGrEGlUa-sU2GrLqxXYcustuNLaaoV1ZbzBqxJoEFusrVe80UYZbmxr67HJ2ksHtGK0SIYMPbB46n5kxNDDqKVKPAOKEtNQMV6mUshfDT048YTENvSAx8FnGFSdHWVoZ7DEN1yYHx4y1ADDF2Z0q6scEuPgocQ5XCgWGQZndMfTLrxcRsxkzFzzdmKNEUZfWzTIwoddrIUmRWW0AIMNk0WmQ4ofFQZHG19QJ9TaKuZH00Ny2IFYzw-VMcbbC7HdNm11pJERDR_eUEYOCrbwVUkohWEGS2HA4JFVOeSw-Bgk0UADDjeIlQZiIjDugk0uIO5CQz3h_cXoGZmOuuqsi1VHGBk18QafbLARxgs1qAgCClgQtQMITKThRh14gIAHZl9kdnzeOqikYgogHOH3Gm-8cFYMK34EghFpyAHrG3i8YD0MWc8tgspiRffFGO7D_xAb7uu4dBl2fGF-awyJi1wwlB-8ncEyOugZ6B5ykP6JQQ4LwcFcRNDAL7ThDWS4jA0qQkE5vME1D3mDQhIoNvTlYSGcEYH51DaQ3MChNy942h2iBjOZpYFmNuOOWO4wlA-x7yFoGIp-WieCOeQtIx6kw9ai04Lm5KoFPnMBGThnGwa67yBfmCJJxEKHNlDEBqeBy36KYpE22IYhYKyJbDaIgxqc5jH-0xYcvrC1L4ZxjWQUAf_omC050GGEW1BP2CAihr5QEFaymsha8Be4woAGBn1QQEAA&s=156dbb8ffd4e620634ada273024c41e60e6050a172d9ab5a3c022c6f6003f2d51665952618&w=t&r=1&d=92&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tsyndicate.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 24
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=4ddbd08cee2e480aaabfb2269f2cc945&hn=www.xmegadrive.com&et=107
136.243.134.97200 OK 0 B URL HTTP/1.1 pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=4ddbd08cee2e480aaabfb2269f2cc945&hn=www.xmegadrive.com&et=107
IP 136.243.134.97:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/elapsedtime?f=banner%20300x250&sc=4ddbd08cee2e480aaabfb2269f2cc945&hn=www.xmegadrive.com&et=107 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Length: 0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7395
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
www.xmegadrive.com/contents/videos_screenshots/66000/66647/320x180/5.jpg
37.252.15.5200 OK 10 kB URL HTTP/1.1 www.xmegadrive.com/contents/videos_screenshots/66000/66647/320x180/5.jpg
IP 37.252.15.5:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 07cda1a02011d056847a8aaafe57a023
10591b4b68c9a5ee596ba138815a8137c983c405
804540f7b7fe2acad579de4991b20a58c90935bf7c902612d9be330991320cc5
GET /contents/videos_screenshots/66000/66647/320x180/5.jpg HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:58 GMT
Content-Type: image/jpeg
Content-Length: 10176
Last-Modified: Fri, 09 Jul 2021 18:45:01 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "60e8992d-27c0"
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7395
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7395
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7395
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7395
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: 99d6e8b2-1cf3-4eb7-8eb5-0da551a01e3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEqBlEsmIAMFz6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b56d6-4e175354287557c04d7092b8;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 00:56:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03nNWfyAYK1NO23yiuC8Hz3JXgRtVzp5gB0eePR5mzBxNTsrh6QJFw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 07:14:43 GMT
age: 48136
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c75eb52-0ce4-4b74-92b3-a3670b609024.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c75eb52-0ce4-4b74-92b3-a3670b609024.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0dee97568c5306e8334fcc9dce195ccb
194a7c40cdfae31844fa711d53142ea98f007a92
bf4e94f2062baf118da68b2fe3f5f38e20f21fe85900cdc69509119e757707c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c75eb52-0ce4-4b74-92b3-a3670b609024.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: c473888c-7989-4b4d-a5e7-f5f3149e145c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5NEfdoAMFaWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a1-4a1d1eb16fc64022768f622d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: icdYFhmC1BY6tDrbYts7bOdjWH55Fkl-CkRdRhqKEuF4MJNFdLA-sQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:24:22 GMT
age: 79957
etag: "194a7c40cdfae31844fa711d53142ea98f007a92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
massacreintentionalmemorize.com/watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 massacreintentionalmemorize.com/watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1 HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xmegadrive.com
Access-Control-Allow-Origin: http://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Location: https://massacreintentionalmemorize.com/watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=fc1d40d8493024fa1c5c6408c17772599174a11d36c83e6888d0fd2aa2af33c9db2cc804e62771517b70a156d3f421a933d7bfa088507da4897d76d74d888bcfe31982f864a28cc51ae2d9b145b2ef81e18b7a0cb08f889fc2b12d5748058a73&pst=1665952679&rmtc=t
Set-Cookie: u_pl=15242180; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTI0MjE4MCwiayI6ImQzYTc2MzI5NjkzMDUzODQ5Y2YxM2I2NDNmNGZlYjBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6Imsya3RkcGJ0dCIsImNwa3MiOnsgIjI5IjoiNjQ4ZjYwZDA3NDUxYThkYzJlMjkxOTE0MGY0OGRjYzYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3d3LnhtZWdhZHJpdmUuY29tL3ZpZGVvcy9uaWNvbGktYmlnLXNvbGVzLXZvbC0wMS1mb290am9iLXZpZGVvLWpob25uLXdvbWVucy1mZWV0LWZvb3Rqb2IvIn19.uLKMHoioNwN7iQ-lkEmhvB5kaGzU0lrv-ZPPzvJZAHg; expires=Sun, 16 Oct 2022 20:37:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b830ec7c4221d47f2a5b8fa23ef067d7
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: 254a8860-b3bf-4e8d-a08d-31effa209a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5iGQqIAMFmkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a3-1a2820f550f35bf830444c22;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: psWLknan4sVucDaNcLURe-XRPs5FKeJ0Il7ZGWvBxV2rgpTrQvbyVw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:41:19 GMT
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
age: 82540
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
massacreintentionalmemorize.com/watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 massacreintentionalmemorize.com/watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1 HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xmegadrive.com
Access-Control-Allow-Origin: http://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Location: https://massacreintentionalmemorize.com/watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=948d125ac0c44c19f4c859d63fe9abd62309a13f3ae891c194d6969632c5720780215f6e53dca88d01078e3b26185b51c462afed26fe436dcabef7898f0885c93d1e051747a71b5bb73b0a85917cdda4dfa013656543358a23087275358b&pst=1665952679&rmtc=t
Set-Cookie: u_pl=16186702; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NjcwMiwiayI6IjMyNmIzOTA5NjMyNTQzM2Y1ZWRmNWVmMTRmMjI5MjVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJkN2g0NWM5OW1jIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3d3LnhtZWdhZHJpdmUuY29tL3ZpZGVvcy9uaWNvbGktYmlnLXNvbGVzLXZvbC0wMS1mb290am9iLXZpZGVvLWpob25uLXdvbWVucy1mZWV0LWZvb3Rqb2IvIn19.gcwpIj5rKK503bshQllFgx-OdpWPjuZmFAq_ttBG_qo; expires=Sun, 16 Oct 2022 20:37:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 888f35434e142630e26805adf9098410
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 81995
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e20daa74ab04b1b9859672acfc070f7e
d291947f161c928e6c6682a05835478b5f0cffc5
ebbe051930f46dd25de2a4c5795f3bdddf1513c0657cdc986c48f3dfdc90f575
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9260
x-amzn-requestid: dfd8deb0-fc73-4321-b024-330b2a3d1759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aENyFH9RoAMF24w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29a6-0aaf75c43b51d5775bc48a95;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:06 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YVZ4EN-w7lmXTXKTy_A-9P0TW0zAqSa7j5_G2M1XnS-j3EfJSEFplw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:49 GMT
age: 81490
etag: "d291947f161c928e6c6682a05835478b5f0cffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p2Ytir5IhFSnRKz3OJ3J6_SieMyoFAAysH8-jBf_Bh_xfKEDRGy18g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:36:56 GMT
age: 82803
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
massacreintentionalmemorize.com/watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=fc1d40d8493024fa1c5c6408c17772599174a11d36c83e6888d0fd2aa2af33c9db2cc804e62771517b70a156d3f421a933d7bfa088507da4897d76d74d888bcfe31982f864a28cc51ae2d9b145b2ef81e18b7a0cb08f889fc2b12d5748058a73&pst=1665952679&rmtc=t
173.233.137.52200 OK 2.5 kB URL HTTP/1.1 massacreintentionalmemorize.com/watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=fc1d40d8493024fa1c5c6408c17772599174a11d36c83e6888d0fd2aa2af33c9db2cc804e62771517b70a156d3f421a933d7bfa088507da4897d76d74d888bcfe31982f864a28cc51ae2d9b145b2ef81e18b7a0cb08f889fc2b12d5748058a73&pst=1665952679&rmtc=t
IP 173.233.137.52:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (3134)
Hash 4583d6f3bbccae91a03849f977c0d5fc
286b1ee2f97beabe386fbbbfb52116bd646e3800
a4b4d4fc45f5b70dbf16e144f77b4cdba11fd097af5fd2de4baf45443603548b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.769464829183.js?key=d3a76329693053849cf13b643f4feb0e&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=fc1d40d8493024fa1c5c6408c17772599174a11d36c83e6888d0fd2aa2af33c9db2cc804e62771517b70a156d3f421a933d7bfa088507da4897d76d74d888bcfe31982f864a28cc51ae2d9b145b2ef81e18b7a0cb08f889fc2b12d5748058a73&pst=1665952679&rmtc=t HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Referer: http://www.xmegadrive.com/
Connection: keep-alive
Cookie: u_pl=15242180; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTI0MjE4MCwiayI6ImQzYTc2MzI5NjkzMDUzODQ5Y2YxM2I2NDNmNGZlYjBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6Imsya3RkcGJ0dCIsImNwa3MiOnsgIjI5IjoiNjQ4ZjYwZDA3NDUxYThkYzJlMjkxOTE0MGY0OGRjYzYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3d3LnhtZWdhZHJpdmUuY29tL3ZpZGVvcy9uaWNvbGktYmlnLXNvbGVzLXZvbC0wMS1mb290am9iLXZpZGVvLWpob25uLXdvbWVucy1mZWV0LWZvb3Rqb2IvIn19.uLKMHoioNwN7iQ-lkEmhvB5kaGzU0lrv-ZPPzvJZAHg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xmegadrive.com
Access-Control-Allow-Origin: http://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=50ba1667-73c6-407e-b031-4fa4e709202d:3:1; expires=Sun, 23 Oct 2022 20:36:59 GMT; secure; SameSite=None
iprc2063476278cb85ff80b076102febf4e0=3569681; expires=Mon, 17 Oct 2022 00:36:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e59fe6398634cb18b0abad9ddac04cdd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
massacreintentionalmemorize.com/watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=948d125ac0c44c19f4c859d63fe9abd62309a13f3ae891c194d6969632c5720780215f6e53dca88d01078e3b26185b51c462afed26fe436dcabef7898f0885c93d1e051747a71b5bb73b0a85917cdda4dfa013656543358a23087275358b&pst=1665952679&rmtc=t
173.233.137.52200 OK 2.0 kB URL HTTP/1.1 massacreintentionalmemorize.com/watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=948d125ac0c44c19f4c859d63fe9abd62309a13f3ae891c194d6969632c5720780215f6e53dca88d01078e3b26185b51c462afed26fe436dcabef7898f0885c93d1e051747a71b5bb73b0a85917cdda4dfa013656543358a23087275358b&pst=1665952679&rmtc=t
IP 173.233.137.52:0
File type HTML document, ASCII text, with very long lines (2501)
Hash 7f290b8e2b5e2f52b7cfe180b7c8a9d3
9a22d4786f8590d0d6806680c108ce03aa17de67
5e466ecbaf5dffc914888183f6eb295df873902764cbe7e795e5a1d5cc8a0a5d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1499870192431.js?key=326b39096325433f5edf5ef14f22925d&kw=%5B%22nicoli%22%2C%22big%22%2C%22soles%22%2C%22-%22%2C%22vol%22%2C%2201%22%2C%22-%22%2C%22footjob%22%2C%22video%22%2C%22-%22%2C%22jhonn%22%2C%22-%22%2C%22womens%22%2C%22feet%22%2C%22-%22%2C%22footjob%22%5D&refer=http%3A%2F%2Fwww.xmegadrive.com%2Fvideos%2Fnicoli-big-soles-vol-01-footjob-video-jhonn-womens-feet-footjob%2F&tz=0&dev=r&res=12.29&uuid=50ba1667-73c6-407e-b031-4fa4e709202d%3A3%3A1&shu=948d125ac0c44c19f4c859d63fe9abd62309a13f3ae891c194d6969632c5720780215f6e53dca88d01078e3b26185b51c462afed26fe436dcabef7898f0885c93d1e051747a71b5bb73b0a85917cdda4dfa013656543358a23087275358b&pst=1665952679&rmtc=t HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.xmegadrive.com
Referer: http://www.xmegadrive.com/
Connection: keep-alive
Cookie: u_pl=16186702; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjE4NjcwMiwiayI6IjMyNmIzOTA5NjMyNTQzM2Y1ZWRmNWVmMTRmMjI5MjVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjYxMzI0LCJwaWQiOjU3NTg2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJkN2g0NWM5OW1jIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3d3LnhtZWdhZHJpdmUuY29tL3ZpZGVvcy9uaWNvbGktYmlnLXNvbGVzLXZvbC0wMS1mb290am9iLXZpZGVvLWpob25uLXdvbWVucy1mZWV0LWZvb3Rqb2IvIn19.gcwpIj5rKK503bshQllFgx-OdpWPjuZmFAq_ttBG_qo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.xmegadrive.com
Access-Control-Allow-Origin: http://www.xmegadrive.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=50ba1667-73c6-407e-b031-4fa4e709202d:3:1; expires=Sun, 23 Oct 2022 20:36:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
pdhtkv27=true; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
uncs27=1; expires=Mon, 17 Oct 2022 20:36:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69d6a80b6d30d56a962d4fc30e11b5f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
173.233.137.52200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.xmegadrive.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4cb8a3db58b48b476a1adacf0530af5d
Strict-Transport-Security: max-age=0; includeSubdomains
www.xmegadrive.com/favicon.ico
37.252.15.5200 OK 198 B URL HTTP/1.1 www.xmegadrive.com/favicon.ico
IP 37.252.15.5:0
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash fb829808da70bc927bf3fed5177ddb5d
43df104f3f37662c8fc115ef2a306ce05c83a462
807baf9db1936c35cf37208d7ee732be876b661cd8c7ebef234360baea568718
GET /favicon.ico HTTP/1.1
Host: www.xmegadrive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Cookie: kt_is_visited=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:36:59 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 198
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 24 Feb 2020 04:34:34 GMT
ETag: "c6-59f4ae3600c58"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f54a5e8bc9df618c759b36171c3dc59
daa13f44d63b193afc97b0f174b933aa20cb4f05
3b64fc1e4fb9f3f723929f5b66eecff56ffad04b823db4a168d363f5232314bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B64FC1E4FB9F3F723929F5B66EECFF56FFAD04B823DB4A168D363F5232314BB"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10531
Expires: Sun, 16 Oct 2022 23:32:30 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f54a5e8bc9df618c759b36171c3dc59
daa13f44d63b193afc97b0f174b933aa20cb4f05
3b64fc1e4fb9f3f723929f5b66eecff56ffad04b823db4a168d363f5232314bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B64FC1E4FB9F3F723929F5B66EECFF56FFAD04B823DB4A168D363F5232314BB"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10531
Expires: Sun, 16 Oct 2022 23:32:30 GMT
Date: Sun, 16 Oct 2022 20:36:59 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/41/81/9d/41819de1ba1f1bafa6b94672c9a97640/1663334887.png
45.133.44.9200 OK 39 kB URL HTTP/2 cdn.cloudimagesb.com/cti/41/81/9d/41819de1ba1f1bafa6b94672c9a97640/1663334887.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 97c079b6dee7e18281611a8846ff6cd2
08aa9b489b7b4613c6015da16827d45f7f30d664
db3b6ceef9b051a0b4ec17f568fd662cdc3843a93f466a8e69bbe78c83689708
GET /cti/41/81/9d/41819de1ba1f1bafa6b94672c9a97640/1663334887.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:36:59 GMT
content-type: image/png
content-length: 39098
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:28:15 GMT
etag: "632479ef-98ba"
expires: Tue, 18 Oct 2022 20:36:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
45.133.44.9200 OK 145 kB URL HTTP/2 cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 145 kB (145012 bytes)
Hash 620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3
GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:36:59 GMT
content-type: image/png
content-length: 145012
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Tue, 18 Oct 2022 20:36:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.fovykaxo.pro/eff746/c94f71924a0c.js
67.216.91.19200 OK 0 B URL HTTP/2 www.fovykaxo.pro/eff746/c94f71924a0c.js
IP 67.216.91.19:0
Analyzer Verdict Alert quad9 Sinkholed
GET /eff746/c94f71924a0c.js HTTP/1.1
Host: www.fovykaxo.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.xmegadrive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Sun, 16 Oct 2022 20:36:58 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357782, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsog41fW3hOd965Uj5PfSqLO3GY8s5N7WkiuyFrNS0bW2JpoQosFRHg7MChOCzn8QdY=
x-served-from: l1
x-vhostid: 115, 22207
content-encoding: br
X-Firefox-Spdy: h2