r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13456
Expires: Sun, 27 Nov 2022 03:32:05 GMT
Date: Sat, 26 Nov 2022 23:47:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5321
Cache-Control: max-age=130320
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:49 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:59:49 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2369
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 23:47:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 23:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1816
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FlhTK7aZMhdIaAPz12HGb/+UX2nd92ilpBQ2dRDFuNDkWbUPJV1k4q5efba/Ymla1o7Hz+jLy64=
x-amz-request-id: 2AE0F6GE5712Q7B2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 23:44:25 GMT
age: 204
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 23:08:54 GMT
cache-control: public,max-age=3600
age: 2335
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
107.6.168.100200 OK 37 kB URL HTTP/1.1 xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
IP 107.6.168.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (44737), with CRLF, LF line terminators
Hash 4ca9922911c488efdde86121aadc5060
9a298d74597033165a2c1cf0ff795d2d863a8b90
df1d46144ef17dc95207b04036d013802936a733ecb673faba792e71f2692a78
GET /the-legend-of-zelda-breath-of-the-wild-s4/ HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: __wpdm_client=a59f007fbf3384ccc33cc586d5d348f0; HttpOnly
content-type: text/html; charset=UTF-8
x-pingback: http://xcigamesdd.com/xmlrpc.php
link: <https://xcigamesdd.com/wp-json/>; rel="https://api.w.org/", <https://xcigamesdd.com/wp-json/wp/v2/posts/3879>; rel="alternate"; type="application/json", <https://xcigamesdd.com/?p=3879>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 229_HTTP.200,229_post,229_URL.9d07cef6ca81954f54ee4ef085789009,229_Po.3879,229_
cache-control: public, max-age=0
expires: Sat, 26 Nov 2022 23:47:48 GMT
x-litespeed-cache: miss
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
date: Sat, 26 Nov 2022 23:47:48 GMT
xcigamesdd.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.5.0.1
107.6.168.100200 OK 12 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.5.0.1
IP 107.6.168.100:0
File type ASCII text, with very long lines (65371)
Hash be7f4c7d5b01eeb9658f928317e6d6b4
8f7d25b03481d045dc2f87119959459630265351
ba0ad71c3596a80cc6dc24f6c8c4ae90693cdcda8c02c314cec234860f785b04
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.5.0.1 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 23 Nov 2022 15:58:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 11759
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
107.6.168.100200 OK 1.7 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 107.6.168.100:0
File type ASCII text, with very long lines (4875)
Hash b7fad5256cf7aca9fd70a62bb93844c6
903085b7db8cb10da60739104d2b8b500d7bdf57
d35186efbbda488c7ad9e5b7c44d5d340e96c7823e609d791ef0d4bd29b4afd6
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1657
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/allow-webp-image/public/css/allow-webp-image-public.css?ver=1.0.1
107.6.168.100200 OK 98 B URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/allow-webp-image/public/css/allow-webp-image-public.css?ver=1.0.1
IP 107.6.168.100:0
Hash e6094661d8923e95b233019ebff7c8f0
cfd836d385d475baffee45d85cfeb9bb36e70d9e
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
GET /wp-content/plugins/allow-webp-image/public/css/allow-webp-image-public.css?ver=1.0.1 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 22 Mar 2022 02:01:23 GMT
accept-ranges: bytes
content-length: 98
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
xcigamesdd.com/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.2.3
107.6.168.100200 OK 463 B URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.2.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (1451), with no line terminators
Hash 245e525ddd673a0a9a7ebe8a1a32eb00
68410696a60f51dcb5df8fa9d0c0ef96879197e8
94db2ea5cd36e9dd7e7758bd12e65e7b19d96e87488b5aadafccde60884f917a
GET /wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.2.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 02 Sep 2022 16:48:09 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 463
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3
107.6.168.100200 OK 9.8 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (57835), with no line terminators
Hash 399ba5b3f84b6def00ce6b87e33fbb50
665985a193f8d9f3df9a8639adaebb401c03d75c
1bccaeb95d636659690f1220233e083ce31272d50ca7142a27fb9c59b8fdc525
GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 02 Nov 2022 15:50:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 9771
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3
107.6.168.100200 OK 12 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (482)
Hash a4c7398634fdfefa2438148aac1c00d0
45d3dbee49ac5d499a6d4429f98e78e5f15b9741
6f0f132936a00fa08dd112b80ce1058290821c853896e4594844647aee6a628c
GET /wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 02 Nov 2022 15:50:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 11716
date: Sat, 26 Nov 2022 23:47:49 GMT
arsnivyr.com/1?z=5382937
139.45.197.242200 OK 6.8 kB IP 139.45.197.242:0
File type ASCII text, with very long lines (16471)
Hash 08fbe0042e6700073b2ff7ec58e23541
76e1a6f269dd1dc1d600c093a513c09c66758d0f
fd4d2bb110fc187e7a67cddc0582fd6a701f099f03592b3522139e4ed6bbeb7f
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5382937 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 23:47:50 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: 05b5748db747679cc9fcd29bf58d6e8a
Access-Control-Expose-Headers: X-Sc
X-Sc: qfyauurQ3CyyKdLf5p7oIDULLVerLYfUSPVlxubmqYWflCV8ijnWN_rUVb_uHbGXV3TUWPjpNU9M_sjuZDVBhkOf9lE=
Set-Cookie: scm=1; expires=Sun, 26 Nov 2023 23:47:50 GMT; secure; SameSite=None
OAID=0b1208d14b824b3dba03470fcd12b363; expires=Sun, 26 Nov 2023 23:47:50 GMT; secure; SameSite=None
oaidts=1669506470; expires=Sun, 26 Nov 2023 23:47:50 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
xcigamesdd.com/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3
107.6.168.100200 OK 21 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (65317)
Hash 5e17a5be51d5306c1f0cf06584857b5a
012e4548497b1183ed61e76adc32921f1d71df61
f1d26d7b6a4d8c71f0397878b2d70bb7ac05e89d59f52ee30331e9a12ee9e163
GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.min.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 02 Nov 2022 15:50:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 20848
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/css/font-awesome/css/font-awesome.min.css?ver=6.0.3
107.6.168.100200 OK 4.7 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/css/font-awesome/css/font-awesome.min.css?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (20604)
Hash 2cb90fac97922f17341da79b40c6fd8b
d5b9b24bff8cba81e5c345483e7a107414325b43
dc1a9cc5dbad4697419ba2abcf7a4789657a718177f1974b6e36838dfac517e0
GET /wp-content/plugins/responsive-accordion-and-collapse/css/font-awesome/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 10 Nov 2022 12:31:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 4653
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/css/bootstrap-front.css?ver=6.0.3
107.6.168.100200 OK 1.6 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/css/bootstrap-front.css?ver=6.0.3
IP 107.6.168.100:0
Hash 80bced94327e5768680e9eaa99458c7a
a7a4a0b80521d015572c968a73bf4f666ecd3300
02a566fe43f6cebf0d491eb007147939c867a42af384bc5d276477aca528cfc5
GET /wp-content/plugins/responsive-accordion-and-collapse/css/bootstrap-front.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 10 Nov 2022 12:31:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1572
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.0.3
107.6.168.100200 OK 491 B URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.0.3
IP 107.6.168.100:0
Hash 9dc75495a901b0f89baf50f2fb963f4e
948f3e9c570f041c440a58cccd2485a1b09b203e
b5d3cd652f4d5c2a8d565ed3cb3b9fec781ddaa0d296ce4fc07a628e97a6513d
GET /wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 27 Jun 2022 03:09:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 491
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/themes/orbital/assets/css/main.css?ver=6.0.3
107.6.168.100200 OK 11 kB URL HTTP/1.1 xcigamesdd.com/wp-content/themes/orbital/assets/css/main.css?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (55626)
Hash 8b0b80e1670e19e21b21518fc248ecdd
5d9eff9ea9ae4875fff2e8d9f5a005dc6e926be5
ad4698f12c9b9c535bd1d7077065806bf3a9690c1a1a02f5dc66afd9b1dc1bb3
GET /wp-content/themes/orbital/assets/css/main.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 29 Jan 2022 15:58:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 11233
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.4.1
107.6.168.100200 OK 1.8 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.4.1
IP 107.6.168.100:0
File type ASCII text, with very long lines (8319)
Hash 0689a6c3f80a5459a071f1011cdf3960
f7422ba0692c1615df809d59cda5d66b992d8061
cb30e5065929317605de07d6d5b68dddf00674132ffd71e153f844d469fe5ae5
GET /wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.4.1 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 01 Nov 2022 12:28:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1786
date: Sat, 26 Nov 2022 23:47:49 GMT
use.fontawesome.com/releases/v5.7.2/js/all.js?ver=6.0.3
172.64.133.15200 OK 402 kB URL HTTP/1.1 use.fontawesome.com/releases/v5.7.2/js/all.js?ver=6.0.3
IP 172.64.133.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 402 kB (402168 bytes)
Hash 2e77c777e56da87903605efc63a17a2e
1609e549e4bda4d6c0d185ddc8f0b302e8597c32
076bf0a40668e22b3cc9070631537f2d7812408717a40f2f2cee22a21342020d
GET /releases/v5.7.2/js/all.js?ver=6.0.3 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:47:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 69IXyPp293b4FMD4J8H0GgxauvGq3gZR3b2exxjD2am514YfreFIX2rCGrfKBQ4DPT1647l+jb4=
x-amz-request-id: F5BZX7REMW96VGVZ
Last-Modified: Wed, 30 Jun 2021 15:45:57 GMT
ETag: W/"3321acfaaf879848a1f6773e691e2dd0"
Cache-Control: max-age=31556926
CF-Cache-Status: HIT
Age: 779093
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiCHXxWWD5UKTTE4JpzW%2FHmJgi3y0ANqfi2bLPW3AQy1n1RR%2Fz%2FnU5LjYpRMAgRqU8QAWmUHMieN%2F2d%2Bz7%2BGyzpoe4IQcpa%2FCOWKrrRyJA8%2BuJIBguw6OErQt0Pun%2BEWOGfLab4A"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770682ee388675db-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
xcigamesdd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
107.6.168.100200 OK 4.2 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 107.6.168.100:0
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 4168
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
107.6.168.100200 OK 31 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 107.6.168.100:0
File type ASCII text, with very long lines (65447)
Hash 554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 30969
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.59
107.6.168.100200 OK 11 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.59
IP 107.6.168.100:0
File type ASCII text, with very long lines (4122)
Hash 3cbd85c841637aad5fb79be852864447
1101da7834adea5fbd347c9012921dc50ae61853
74cec79ecb31abcb3d25e5db47719ae1ed103b8f0381ef7448b91701c1828845
GET /wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.59 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 02 Nov 2022 15:50:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 10932
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1
107.6.168.100200 OK 4.6 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1
IP 107.6.168.100:0
File type ASCII text, with very long lines (1003)
Hash 93d7cb00bbc250edd78c272982b90307
4328c70a78dc96b27b643861d2ba762444a14aa4
d49120a793bef2442eb9d233a1e1fc6f6ecb2851e2a8ecc5c6f79985f858a1a3
GET /wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Nov 2022 12:28:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 4588
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.0.35
107.6.168.100200 OK 917 B URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.0.35
IP 107.6.168.100:0
File type ASCII text, with very long lines (1729)
Hash 34e383794549e60bb496efa8ffbd295d
7fb74e563b62d3d882c1773e9976b296ca1d96f5
3dafc0f691470cc0a36ffac7d9dd47dd7e85ee34f674246731fc0f463c2e5769
GET /wp-content/plugins/koko-analytics/assets/dist/js/script.js?ver=1.0.35 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 27 Oct 2022 12:29:29 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 917
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.5.0.1
107.6.168.100200 OK 6.7 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.5.0.1
IP 107.6.168.100:0
File type ASCII text, with very long lines (12198), with CRLF line terminators
Hash 2e22c8149399e73ff0da65402d803699
129f97cae31d3d3dca417341ec415d2303dce30b
114ee3bb4212ea8f6d7d9d10c786a684674a4973b9b938c21b0f7e8aaa5b5971
GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.5.0.1 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 23 Nov 2022 15:58:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 6730
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
107.6.168.100200 OK 12 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (43771)
Hash 9f76c05d4aec8a23bbb9131800060916
ba854132574f3add765c016ff6cef2a30bddc5e0
c73bcff8e403046219e8f9dfb99e029b8d58099b8c5fb5f6508127702fd1b275
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 11658
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
107.6.168.100200 OK 7.1 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 107.6.168.100:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash a0798e1907e23a55c0f4ffebabb1fd48
aae64554a44eb45ae03b497cacfbb56b30cedade
5eb6c2a3b9c101ee2806a07fbd9177c4480db87871bef7d6a760a26dff1bd12b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:14 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 7098
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.8.0
107.6.168.100200 OK 20 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.8.0
IP 107.6.168.100:0
File type ASCII text, with very long lines (42471), with CRLF line terminators
Hash e1a90e1a59f0501563ad5915ad7d3861
bb806e4914f278c7e77ce186a5d73fff6b9aff88
0d878b4af92bf67eaaf8fb1d52d4ae908d31d3cd8a6660328acb15dac84b39b3
GET /wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css?ver=5.8.0 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Tue, 28 Jul 2020 23:30:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 20413
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
107.6.168.100200 OK 2.4 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 107.6.168.100:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 9939da8da9b306b91ddc5c68ea402d66
4cd4ea5f2dcd09fec713c36cb1c1c31ace0373b5
63b97ebb1748143ca6093d63ccdb14b2748f002df4caddfaa15c1173cb2c4942
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:14 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 2439
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
107.6.168.100200 OK 3.9 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 107.6.168.100:0
Hash 744d07a5a18516a5eda2c915c57a8d3e
848f74eb379c38dd0a1928f07673804e0f08d5a1
39243a0d7eff0b8436162e5964241b334691314c7dee690b05e696c48f354c14
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:17 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 3863
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
107.6.168.100200 OK 6.0 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 107.6.168.100:0
File type ASCII text, with very long lines (16109), with no line terminators
Hash e1eac240de23271e5a12f769c9c3e307
8f72405f81d6da160bd92473762be6590da8821f
ef1b6af6826be7419985283ef0c69093e0e5c06cbd499c8ef13d4c07ffc8c5f2
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 5952
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/easy-affiliate-links/dist/public.js?ver=3.7.0
107.6.168.100200 OK 7.2 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/easy-affiliate-links/dist/public.js?ver=3.7.0
IP 107.6.168.100:0
File type ASCII text, with very long lines (1004)
Hash 6d6bc1b948a9e8016ed5733b65f0f8d2
9dde6af420a147c905f5b2aaf35753c97f8e322d
f92fbcbd02da631a978569076d1f2c6987b797322747d876ba8e3f9486b56737
GET /wp-content/plugins/easy-affiliate-links/dist/public.js?ver=3.7.0 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sun, 04 Sep 2022 01:03:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 7150
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/js/accordion-custom.js?ver=6.0.3
107.6.168.100200 OK 14 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/js/accordion-custom.js?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with CRLF line terminators
Hash 9c7b2f3263a89dfa926be94a632a9ea9
0e0122f253a7b88f92db5d63f2d4fa984b422b49
dacfba7cd7237777205ffce28936dea4cb0d9dac5c009cf8aeeb3fc78797a923
GET /wp-content/plugins/responsive-accordion-and-collapse/js/accordion-custom.js?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Nov 2022 12:31:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 13615
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/js/accordion.js?ver=6.0.3
107.6.168.100200 OK 206 B URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/responsive-accordion-and-collapse/js/accordion.js?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (409), with CRLF line terminators
Hash c9fc246cc82759202472df0d2b598db4
1e7c1dac85ee36c0becb07515ad602946efb2e21
7ffd4a4d3620f7b6e868fdb809fd5aa47330241f03b3b991bde3ad5c03317ca2
GET /wp-content/plugins/responsive-accordion-and-collapse/js/accordion.js?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Nov 2022 12:31:00 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 206
date: Sat, 26 Nov 2022 23:47:49 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4372
Cache-Control: max-age=124313
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:19:43 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
xcigamesdd.com/wp-content/themes/orbital/assets/js/navigation.js?ver=20190101
107.6.168.100200 OK 0 B URL HTTP/1.1 xcigamesdd.com/wp-content/themes/orbital/assets/js/navigation.js?ver=20190101
IP 107.6.168.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/orbital/assets/js/navigation.js?ver=20190101 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 29 Jan 2022 15:58:54 GMT
accept-ranges: bytes
content-length: 0
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
xcigamesdd.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.8.0
107.6.168.100200 OK 46 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.8.0
IP 107.6.168.100:0
File type Unicode text, UTF-8 text, with very long lines (32126)
Hash 0aec5f99695007286dc53e9e8a1c2c70
80eeeb6ee67b570ee83e254e566ab5ae40191e13
d612d876e075d3811706cc42f6ec102c9ead6cacc80e574f6f8c5f17c6bd43e8
GET /wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.8.0 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 28 Jul 2020 23:30:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 46186
date: Sat, 26 Nov 2022 23:47:49 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xcigamesdd.com/wp-content/themes/orbital/assets/js/main.js?ver=20190101
107.6.168.100200 OK 1.4 kB URL HTTP/1.1 xcigamesdd.com/wp-content/themes/orbital/assets/js/main.js?ver=20190101
IP 107.6.168.100:0
Hash 2f0b0bb5aa7056365134163018b2c575
3ae8af3913ac9842c2b10fe1b7492a36849dbf33
db0f85bf0e90832fe96638d57f3cfae9b3904a0076366324d97c6b454b4f3d83
GET /wp-content/themes/orbital/assets/js/main.js?ver=20190101 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 29 Jan 2022 15:58:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1448
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/themes/orbital/assets/js/social.min.js?ver=20190101
107.6.168.100200 OK 2.6 kB URL HTTP/1.1 xcigamesdd.com/wp-content/themes/orbital/assets/js/social.min.js?ver=20190101
IP 107.6.168.100:0
File type ASCII text, with very long lines (6521), with no line terminators
Hash e4cd24c4790b9aa939d63faf551e7cea
356cccc76e8254e79ca93e547a1b278c02c14c8f
b388508e87fecdb8b25850685793e09ca2608db1990ad31ced923795e24d16ca
GET /wp-content/themes/orbital/assets/js/social.min.js?ver=20190101 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 29 Jan 2022 15:58:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 2622
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
107.6.168.100200 OK 1.3 kB URL HTTP/1.1 xcigamesdd.com/wp-includes/js/comment-reply.min.js?ver=6.0.3
IP 107.6.168.100:0
File type ASCII text, with very long lines (2946)
Hash 1cfd4f485ffd20e7ee7693364fef33f9
a8c5d35ad20664ccfe03d7acfcbdb0a1e28d3fd8
b433efd57400d409a207820e22b93662fa48a0737a96eb44a4c6ce3b46ee7403
GET /wp-includes/js/comment-reply.min.js?ver=6.0.3 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 10 Sep 2022 21:42:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1349
date: Sat, 26 Nov 2022 23:47:49 GMT
xcigamesdd.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1
107.6.168.100200 OK 1.1 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1
IP 107.6.168.100:0
File type HTML document, ASCII text, with very long lines (3102)
Hash bef20d56c920050759600f6a69638e38
d29ad33842c8879355e9f3fb8a53a5f7570e9375
ff2622bcaf53c73f4598e54038b16dd1f3e8c0605d5c7f41c33f9c2ddab9adfb
GET /wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 01 Nov 2022 12:28:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 1076
date: Sat, 26 Nov 2022 23:47:49 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xcigamesdd.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664421472
107.6.168.100200 OK 3.1 kB URL HTTP/1.1 xcigamesdd.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664421472
IP 107.6.168.100:0
Hash 50d912e2d0b9482f62619f6f29b0d519
be42483c21612c384532ca8e122b7fb8ed8ef54e
504c01b2ee73c18370d0e074a899b55655c1c4c7a18f4ec1b8c2d492b928e8c2
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664421472 HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000,public
expires: Sun, 26 Nov 2023 23:47:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 29 Sep 2022 03:17:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-length: 3067
date: Sat, 26 Nov 2022 23:47:49 GMT
www.googletagmanager.com/gtag/js?id=UA-12043064-122
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-12043064-122
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 623b7d43c176f397ea8e57f6aa64c5dc
8fd8cd5fc96bb0d14fb1c27aa7c0a560e77d9dee
23f326f2b33dbb9d880e578a0448382c8e131ecf54d5b212036542a96bf0ad4b
GET /gtag/js?id=UA-12043064-122 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 23:47:50 GMT
expires: Sat, 26 Nov 2022 23:47:50 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl17661227.profitablegatetocontent.com/849ad080ebdaa9ca9dd84f2d9f8c2306/invoke.js
192.243.59.13200 OK 9.3 kB URL HTTP/1.1 pl17661227.profitablegatetocontent.com/849ad080ebdaa9ca9dd84f2d9f8c2306/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25070), with no line terminators
Hash 97d44f1e79feb4bdffd902e65fbb24eb
4b88e21fd7cca31151f64fe8f5a9abe039b9aa22
5a88ae20edc26a1927dd22f42bc7878a1b497df193b5b362c700dfefcbd3c719
Analyzer Verdict Alert quad9 Sinkholed
GET /849ad080ebdaa9ca9dd84f2d9f8c2306/invoke.js HTTP/1.1
Host: pl17661227.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:47:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dfd2ba8a229283c80f687050b19a8d98
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ardslediana.com/5/5260642/?oo=1&aab=1
139.45.197.236200 OK 1.3 kB URL HTTP/1.1 ardslediana.com/5/5260642/?oo=1&aab=1
IP 139.45.197.236:0
File type JSON data\012- , ASCII text, with very long lines (2760), with no line terminators
Hash 268c83a36ad0de0e61934ee5cb3210e5
32ae3c56131fcf601ae6ad7624e31b5bc5e69f0c
3c2becab007e94fb5722693a83d1d7eb57698b159c12a1a1c97d094f08bbcba1
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5260642/?oo=1&aab=1 HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 23:47:50 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: dfac9454952247caaf9bc52b46a3dca8
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=56b7c6a3af7249829cad03a4b0a8c066; expires=Sun, 26 Nov 2023 23:47:50 GMT; path=/
oaidts=1669506470; expires=Sun, 26 Nov 2023 23:47:50 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
ardslediana.com/tag.min.js
139.45.197.236200 OK 25 kB URL HTTP/1.1 ardslediana.com/tag.min.js
IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12f5f5ba0f240dd3325aaa5917486bbf
25f310a1e475e2bde41ea9c3dfb3bd327a39b6ca
5ddab7b3a48a315db357a50032345507fdeda80292df90eb6dc4f3ba11e4192b
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 23:47:50 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 24915
Connection: keep-alive
Content-Encoding: gzip
X-Trace-Id: c022d76589e6a7b6b1868bd2d32fc90e
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Accept-Ranges: bytes
Last-Modified: Wed, 23 Nov 2022 10:03:42 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
push.services.mozilla.com/
52.24.78.9101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.24.78.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qbOLVNJ/IFBPR/HuSqTdsQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vKwS5bOrpswe6Rsofud81vnTs2o=
xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
107.6.168.100200 OK 0 B URL HTTP/1.1 xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
IP 107.6.168.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /the-legend-of-zelda-breath-of-the-wild-s4/ HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
Cookie: __wpdm_client=a59f007fbf3384ccc33cc586d5d348f0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
x-pingback: http://xcigamesdd.com/xmlrpc.php
x-litespeed-tag: 229_HTTP.200
link: <https://xcigamesdd.com/wp-json/>; rel="https://api.w.org/", <https://xcigamesdd.com/wp-json/wp/v2/posts/3879>; rel="alternate"; type="application/json", <https://xcigamesdd.com/?p=3879>; rel=shortlink
x-litespeed-cache-control: no-cache
cache-control: public, max-age=0
expires: Sat, 26 Nov 2022 23:47:49 GMT
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
xcigamesdd.com/wp-content/themes/orbital/assets/fonts/fontawesome-webfont.woff
107.6.168.100200 OK 98 kB URL HTTP/1.1 xcigamesdd.com/wp-content/themes/orbital/assets/fonts/fontawesome-webfont.woff
IP 107.6.168.100:0
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
GET /wp-content/themes/orbital/assets/fonts/fontawesome-webfont.woff HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://xcigamesdd.com/wp-content/themes/orbital/assets/css/main.css?ver=6.0.3
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=10368000
expires: Sun, 26 Mar 2023 23:47:49 GMT
content-type: font/woff
last-modified: Sat, 29 Jan 2022 15:58:55 GMT
accept-ranges: bytes
content-length: 98024
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
xcigamesdd.com/wp-content/uploads/2020/07/mega.png
107.6.168.100200 OK 18 kB URL HTTP/2 xcigamesdd.com/wp-content/uploads/2020/07/mega.png
IP 107.6.168.100:0
File type PNG image data, 368 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 83e8f8608d41ab78b1576cbfd4b88ecb
39024b7093764cc1bbbd964a70da3aabf1db7bf3
52f170c9a428acc1b5c7873dd2ec43bc9e6705c7fd29980581d09af8c472ee29
GET /wp-content/uploads/2020/07/mega.png HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Sun, 26 Mar 2023 23:47:49 GMT
content-type: image/png
last-modified: Wed, 29 Jul 2020 00:05:11 GMT
accept-ranges: bytes
content-length: 18354
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
xcigamesdd.com/wp-content/uploads/2022/01/logoxci.png
107.6.168.100200 OK 10 kB URL HTTP/2 xcigamesdd.com/wp-content/uploads/2022/01/logoxci.png
IP 107.6.168.100:0
File type PNG image data, 334 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b646576d6afbe79ad073d2ff3f945b4
a98a2981b600bc08a7e3381696ef999f5ce4c651
82f3f21007e3ae451a7b0183f02388891d264e2da939050aad86a3a08464e37d
GET /wp-content/uploads/2022/01/logoxci.png HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Sun, 26 Mar 2023 23:47:49 GMT
content-type: image/png
last-modified: Sat, 29 Jan 2022 20:52:16 GMT
accept-ranges: bytes
content-length: 10423
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
xcigamesdd.com/wp-content/uploads/2020/07/The-Legend-of-Zelda-Breath-of-the-Wild.jpeg
107.6.168.100200 OK 42 kB URL HTTP/2 xcigamesdd.com/wp-content/uploads/2020/07/The-Legend-of-Zelda-Breath-of-the-Wild.jpeg
IP 107.6.168.100:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 286x465, components 3\012- data
Hash a403744d5c37b2eb0e11ae5502de1c13
4b622e39ecd3ea851215d1b221ff67e6c113940e
c960e8f2aeef876c65cac26098036f6825902f49aeef23d2c1d5fd5ea2aadc4a
GET /wp-content/uploads/2020/07/The-Legend-of-Zelda-Breath-of-the-Wild.jpeg HTTP/1.1
Host: xcigamesdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Sun, 26 Mar 2023 23:47:49 GMT
content-type: image/jpeg
last-modified: Tue, 28 Jul 2020 22:20:08 GMT
accept-ranges: bytes
content-length: 42505
date: Sat, 26 Nov 2022 23:47:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c1110d51de4424a45f2b55d25cce77aa
6c65ff3af4d33ba452c703a5e0649ada35f3c4ab
68d44af5dca12d99ea7a2d7ed2877375db59cdd8286fa12d50fcb574fbade9e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4044
Cache-Control: max-age=121106
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Etag: "6381cbec-118"
Expires: Mon, 28 Nov 2022 09:26:16 GMT
Last-Modified: Sat, 26 Nov 2022 08:18:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a937208e2fa3e8b0074c987dc01a7161
115240a18e98625dfe7686be74220da5a43deea5
1d6a38a3d4aa4931f972dc279d30a03ef23425733de4a27972994dcf0e9f040a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D6A38A3D4AA4931F972DC279D30A03EF23425733DE4A27972994DCF0E9F040A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7056
Expires: Sun, 27 Nov 2022 01:45:26 GMT
Date: Sat, 26 Nov 2022 23:47:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c1110d51de4424a45f2b55d25cce77aa
6c65ff3af4d33ba452c703a5e0649ada35f3c4ab
68d44af5dca12d99ea7a2d7ed2877375db59cdd8286fa12d50fcb574fbade9e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4044
Cache-Control: max-age=121106
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:50 GMT
Etag: "6381cbec-118"
Expires: Mon, 28 Nov 2022 09:26:16 GMT
Last-Modified: Sat, 26 Nov 2022 08:18:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43dca8ebcf06bd09eb16b5516072ec48
84fe572e189c13383dc0a805a90c07de69c48ee6
be524e069364f1231ff9f6f8a5ca6ae8aa4353ba95fa7913c30c13ed008ab8fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9047
Expires: Sun, 27 Nov 2022 02:18:37 GMT
Date: Sat, 26 Nov 2022 23:47:50 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=56b7c6a3af7249829cad03a4b0a8c066
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=56b7c6a3af7249829cad03a4b0a8c066
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 73a1ae7d093c3693973a92f119556a8f
b40fe3e1bca7d1d86b8b6e2f8ff29ba9bf4aa376
81d46b56196ff436498d71b6c112a6cb4f4c80dd3a91d969bf83afb6dd712151
GET /gid.js?userId=56b7c6a3af7249829cad03a4b0a8c066 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=56b7c6a3af7249829cad03a4b0a8c066; expires=Sun, 26 Nov 2023 23:47:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c910a44bf58b708c25d146fd52adb8e9
374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5
3cf34029e6a112320130d154ac1291e49bcb4a80f0caaf84309456986f0adc77
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:47:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=480924,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770682f3ecbffac4-OSL
ardslediana.com/?rb=s_LIJNogsqTFWVAHSXv1Xd4CDisJ3F1suBCDYV_yCkUBok8wv6Q4iaqtMZjBBjWFEjO8FIBPpiWHPFAzjqKftQCxyXrd39JKrz3rT04bt6eW4lNJ9c3tz_rpPsn66BT6B5KU7XTlG1_EqWj4auj6-tK9PNKZqaoP1F2SX1awwDGluwj_VB_74h2WB_WhBiOvZrdtUajxqhEa04OF8tFKBFeB5qoAW4gKrqZNwf6loV1LosyI&request_ab2=96003&zoneid=5260642&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=70a1cfd8-7b7d-4c46-8590-797b792fef04&userId=56b7c6a3af7249829cad03a4b0a8c066&m=link
139.45.197.236200 OK 1.7 kB URL HTTP/1.1 ardslediana.com/?rb=s_LIJNogsqTFWVAHSXv1Xd4CDisJ3F1suBCDYV_yCkUBok8wv6Q4iaqtMZjBBjWFEjO8FIBPpiWHPFAzjqKftQCxyXrd39JKrz3rT04bt6eW4lNJ9c3tz_rpPsn66BT6B5KU7XTlG1_EqWj4auj6-tK9PNKZqaoP1F2SX1awwDGluwj_VB_74h2WB_WhBiOvZrdtUajxqhEa04OF8tFKBFeB5qoAW4gKrqZNwf6loV1LosyI&request_ab2=96003&zoneid=5260642&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=70a1cfd8-7b7d-4c46-8590-797b792fef04&userId=56b7c6a3af7249829cad03a4b0a8c066&m=link
IP 139.45.197.236:0
File type JSON data\012- , ASCII text, with very long lines (2261), with no line terminators
Hash 405fa4d98a54b557340fc0af54b923e6
e08abed5167b32de48be08ea8af7dcc4780d77e7
31944a775ba4fc4160341b4db4bd959b021fd04bc1e30e20b0ab631dcd36cf0a
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=s_LIJNogsqTFWVAHSXv1Xd4CDisJ3F1suBCDYV_yCkUBok8wv6Q4iaqtMZjBBjWFEjO8FIBPpiWHPFAzjqKftQCxyXrd39JKrz3rT04bt6eW4lNJ9c3tz_rpPsn66BT6B5KU7XTlG1_EqWj4auj6-tK9PNKZqaoP1F2SX1awwDGluwj_VB_74h2WB_WhBiOvZrdtUajxqhEa04OF8tFKBFeB5qoAW4gKrqZNwf6loV1LosyI&request_ab2=96003&zoneid=5260642&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=70a1cfd8-7b7d-4c46-8590-797b792fef04&userId=56b7c6a3af7249829cad03a4b0a8c066&m=link HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://xcigamesdd.com/
Origin: http://xcigamesdd.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 23:47:51 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f4c2c9c988c70f686511a20784c496b2
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=56b7c6a3af7249829cad03a4b0a8c066; expires=Sun, 26 Nov 2023 23:47:51 GMT; path=/
oaidts=1669506471; expires=Sun, 26 Nov 2023 23:47:51 GMT; path=/
syncedCookie=true; expires=Sat, 03 Dec 2022 23:47:51 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 926
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 26 Nov 2022 23:47:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.highperformancedisplayformat.com/a91295b86ab6fe2c5666ef59da3743bf/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/a91295b86ab6fe2c5666ef59da3743bf/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26971), with no line terminators
Hash 07c6c6ccacd4ff698d9d1f5c034110a6
366455a8ce5e91ececbb86663ec71aa6f8ba5399
8b6a1232ac7296ca5b33ea835b75c026b41e3607f1ad0e22809ede29eea3e3fd
Analyzer Verdict Alert quad9 Sinkholed
GET /a91295b86ab6fe2c5666ef59da3743bf/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 110510d847edd67374e40b1b73eea2ca
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
arsnivyr.com/9?z=5382937&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=56b7c6a3af7249829cad03a4b0a8c066
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5382937&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=56b7c6a3af7249829cad03a4b0a8c066
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5382937&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=56b7c6a3af7249829cad03a4b0a8c066 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://xcigamesdd.com/
Origin: http://xcigamesdd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
i0.wp.com/i.imgur.com/CoB6Avn.gif?w=640&ssl=1
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/i.imgur.com/CoB6Avn.gif?w=640&ssl=1
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.imgur.com/CoB6Avn.gif?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
content-type: text/html
content-length: 138
location: https://i.imgur.com/CoB6Avn.gif
x-nc: EXPIRED arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139279
Date: Sat, 26 Nov 2022 23:47:51 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:29:10 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cASBdDpzuOSn0KhDtoOPD9nNA9wamGKlYE4-kkojY4LNYBZJXg_p5g==
Age: 3487
i.imgur.com/CoB6Avn.gif
151.101.84.193200 OK 1.8 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 18 x 12\012- data
Hash 525002e748f47493289ca5db81507561
3c9870231d2b5a2c8ef5a443b021ff71c78f7355
51ad49acc9b350532f226ea8a878959d0fd4ed0e03ee21742806cfdd754d476d
GET /CoB6Avn.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xcigamesdd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 28 Nov 2017 22:46:59 GMT
etag: "525002e748f47493289ca5db81507561"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 26 Nov 2022 23:47:51 GMT
age: 2219226
x-served-by: cache-iad-kcgs7200036-IAD, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 193, 1
x-timer: S1669506471.472151,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1764
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 32a96c42d7baa6c1c7baf05b9ee45d68
4fd8289a3bc4bce3e3897f9704b8745212c28e09
db6f80bcf81373e8b6587f2b723b28c2a0d7f52180de3d3deb4602ebf2a831df
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:47:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-credentials: true
set-cookie: uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1; expires=Tue, 23 Nov 2032 23:47:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=238
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=238
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=238 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sc
Referer: http://xcigamesdd.com/
Origin: http://xcigamesdd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LTBNRSB0H2>m=2oeb90&_p=2000226470&gdid=dZTNiMT&cid=1713393897.1669506471&ul=en-us&sr=1280x1024&_s=1&sid=1669506470&sct=1&seg=0&dl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&dt=The%20Legend%20of%20Zelda%20%3A%20Breath%20of%20the%20Wild%20XCI%20NSP%20NSZ%20Download%20%7C%20SwitchXCI&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LTBNRSB0H2>m=2oeb90&_p=2000226470&gdid=dZTNiMT&cid=1713393897.1669506471&ul=en-us&sr=1280x1024&_s=1&sid=1669506470&sct=1&seg=0&dl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&dt=The%20Legend%20of%20Zelda%20%3A%20Breath%20of%20the%20Wild%20XCI%20NSP%20NSZ%20Download%20%7C%20SwitchXCI&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LTBNRSB0H2>m=2oeb90&_p=2000226470&gdid=dZTNiMT&cid=1713393897.1669506471&ul=en-us&sr=1280x1024&_s=1&sid=1669506470&sct=1&seg=0&dl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&dt=The%20Legend%20of%20Zelda%20%3A%20Breath%20of%20the%20Wild%20XCI%20NSP%20NSZ%20Download%20%7C%20SwitchXCI&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://xcigamesdd.com
date: Sat, 26 Nov 2022 23:47:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=238
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=238
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=238 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sc: UdF_3t3yi0ojaJ-IShW4djmrjkU04_Xa1-YNDTOPg4-vf7eYH3pUB9HIyXLUklz7ZL-OvE6345XaOYMby3adC_WgytU=
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Cookie: scm=1; OAID=56b7c6a3af7249829cad03a4b0a8c066; oaidts=1669506471
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c0659ce4c5abede5054186712aac5b71
access-control-expose-headers: X-Sc
x-sc:
set-cookie: OAID=56b7c6a3af7249829cad03a4b0a8c066; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
oaidts=1669506471; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sc
Referer: http://xcigamesdd.com/
Origin: http://xcigamesdd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=3597901076&z=5382937&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&bag=IEhZEyLGECAwgOWAvoPnjFC7ZZWp0tS0&ruid=621d7f81-433e-47cf-b200-f926d93acc0e
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=3597901076&z=5382937&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&bag=IEhZEyLGECAwgOWAvoPnjFC7ZZWp0tS0&ruid=621d7f81-433e-47cf-b200-f926d93acc0e
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=3597901076&z=5382937&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&bag=IEhZEyLGECAwgOWAvoPnjFC7ZZWp0tS0&ruid=621d7f81-433e-47cf-b200-f926d93acc0e HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=56b7c6a3af7249829cad03a4b0a8c066; oaidts=1669506471
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 68efa4cd87b8d69b7da96b6aeb5d3663
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=797759827&z=5382937&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=z1xkVTLLCWRmgHXGbIMgClVI3KdeoH-hdFpNTPDA6uCydyvbi4TMIU4qwvawYNKcwLgj5UiEsXH-5Z-jyzT2U9JVOdev78XFgpnYYiTqfjqjTnFSw_ilJgqxHGUEn2j0t4o63Z61gOgu2H-ETzc4pWK7LOmpgQSY00uUK8h0xkuKm1p-kq9FJ-oKlZuvXNtKaZ-ncpRMVORwuXmoL02DcaFBtzIcryqlue2fhj_BgBn05V13e3c6laqDLA0wiyRSuBQJ5ozjYBCATcsZTLkYhHZ7IgqeAd65pp_zMTw36LyVMXRtzONJAikzLj2URWeciJjbfqFvBAdfsDvgdWbKHuVnkVSyUoQOIq6nv6_5pZ7uuZht2s-oc2MgvDMvsyJLtwBCoQEBw4-4o0UHZGmyOwNXNubYvi6rArEK6xlhScnnlGwHeQGL02cvFMaC3A_biJcWRA8ZiyR3EwtKJIRZ_y3eFEDNf95bwFceirsw4e9VE58QVz_rfREcsvrzuo_c98skKcQP1f_MwXm147MYDxVmlSEeBoKAFzAlTZy_YzqQ7YaemLjPdTWk1V_qihwCQjC3t-uRhtQDDfhE5O7zLmuEniRumsNnDzIEi9sWlGULiSdLLn2_PUZMTpmkMSIq7kW6OO6rL8A372E4aTU81dyDkW82ZpJh40fuX6kGImERG02gF3r8YlFhr7sKUpRmsoQJyGVUs6k=&ruid=621d7f81-433e-47cf-b200-f926d93acc0e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sc: UdF_3t3yi0ojaJ-IShW4djmrjkU04_Xa1-YNDTOPg4-vf7eYH3pUB9HIyXLUklz7ZL-OvE6345XaOYMby3adC_WgytU=
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Cookie: scm=1; OAID=56b7c6a3af7249829cad03a4b0a8c066; oaidts=1669506471
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8fb6a9dad2b97b3c568cb87b159e7985
access-control-expose-headers: X-Sc
x-sc:
set-cookie: OAID=56b7c6a3af7249829cad03a4b0a8c066; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
oaidts=1669506471; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
CNT=1_v1_B0jsAAEAAAB6SzUw; expires=Sun, 27 Nov 2022 00:47:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10963
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc51742200b699c93a6ede66c7997d2a
1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6
a7cc50883ac1a59fc14f0467551dec16cef3b033df599b23916427c5e42be1aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: 8aaa302d-30b2-4fb0-aafe-e63f3d9bf680
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCSogEkHIAMFtxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d97cf-660d88387db5e9a145718d46;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:47:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZhJ2zj6Ca5gubdHU0DyM-doTvt2pU38IBKx_vLKtDdN2G8VUW-fg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 19:43:10 GMT
age: 14681
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
139.45.197.242200 OK 133 kB URL HTTP/2 arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 133 kB (132815 bytes)
Hash 87ace6ae024a061a9423067b20ce472a
eb39f288af34e8ec5fa4001fcdb931a29758273e
6087cba61678baa781ac3649f035e291684718ca35951cd485fb82b787394121
Analyzer Verdict Alert quad9 Sinkholed
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:50 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:28:34 GMT
age: 33557
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 7112
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 7537
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JmJEzqrxMdQtAWft6FHjIqo-WhpiUDfaLpRUe59RcOwReYf1sL-xRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 04:48:54 GMT
age: 68337
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 7537
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.highperformancedisplayformat.com/31224abe9de8da03816b59f2882025e3/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/31224abe9de8da03816b59f2882025e3/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /31224abe9de8da03816b59f2882025e3/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9e5d13cb6bb83ef513db9587a3c4222d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17054ba5605a5e3265c0007f0bcb3054
278c2e5beb8f5764e12d3ff71567bf4c48006e8d
9f2999a85c93fde1a188b2685eb3994e7d73329d5ed6ffb62f8434e223a0382e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F2999A85C93FDE1A188B2685EB3994E7D73329D5ED6FFB62F8434E223A0382E"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3186
Expires: Sun, 27 Nov 2022 00:40:57 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f1c45518b9bf016e4d08d82627299df
a5952aa6dc61ba3bd4e6149b81a9772034f0ce17
7c7b7487eaeb36381e21338f2192c9c53f2cb7621f536aebebf9472d9e29690b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7B7487EAEB36381E21338F2192C9C53F2CB7621F536AEBEBF9472D9E29690B"
Last-Modified: Thu, 24 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2542
Expires: Sun, 27 Nov 2022 00:30:13 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcada78533765936c1211ec9ec8377dd
37f6763de5496c49fb62bbd7cbf59598c8be4fb4
ef0a8bc0bae96d13c9d93bc924f7fe8c639ae52e323028bbd06a6ce2a442c052
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0A8BC0BAE96D13C9D93BC924F7FE8C639AE52E323028BBD06A6CE2A442C052"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5546
Expires: Sun, 27 Nov 2022 01:20:17 GMT
Date: Sat, 26 Nov 2022 23:47:51 GMT
Connection: keep-alive
integrityprinciplesthorough.com/watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 integrityprinciplesthorough.com/watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://xcigamesdd.com
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Location: https://integrityprinciplesthorough.com/watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=5d3b370b9836b86f37ae4ae3bf29af4d0e5de9e8891bfd78f388338034ca0ef796182c9bbfff0785b48e1774c6e1bfa018a9df39b1166cc5f3a16681e31aa13e812a4c0eba24d2ad1a61499dfa0ae2a46f325eb7&pst=1669506532&rmtc=t
Set-Cookie: u_pl=17632624; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYzMjYyNCwiayI6ImE5MTI5NWI4NmFiNmZlMmM1NjY2ZWY1OWRhMzc0M2JmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ3MjUzLCJwaWQiOjE1ODEwNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3d3VnZnNneTYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3hjaWdhbWVzZGQuY29tL3RoZS1sZWdlbmQtb2YtemVsZGEtYnJlYXRoLW9mLXRoZS13aWxkLXM0LyJ9fQ.OZKx8pofmVAK_I0idxGj37lgLb0fx4jiGT5omkpEZzI; expires=Sat, 26 Nov 2022 23:48:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a1257969bdaa40ef79d8575f5479cbf
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98eaecd9f0e022d4b9b424cb0ec55799
53276f3d6b49cba36107c5bbad4b975b62f1d345
ac20339846844f8e6595584114a9c389a838d3773d27d2fd25d2591bdfbc3507
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC20339846844F8E6595584114A9C389A838D3773D27D2FD25D2591BDFBC3507"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1364
Expires: Sun, 27 Nov 2022 00:10:36 GMT
Date: Sat, 26 Nov 2022 23:47:52 GMT
Connection: keep-alive
analytics.linkmoe.org/matomo.js
50.31.177.118200 OK 22 kB URL HTTP/1.1 analytics.linkmoe.org/matomo.js
IP 50.31.177.118:0
File type ASCII text, with very long lines (1601)
Hash 48e67f21b901e3584c7a34f1a2f96894
00fa75a956ddcfff2690c27f62d3ede53e88a745
d76669dac74f5ba885b6f95aafc76395a923f7eb2e303ff49dc1ca305fa89737
GET /matomo.js HTTP/1.1
Host: analytics.linkmoe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 23:47:51 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 13:13:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 21519
date: Sat, 26 Nov 2022 23:47:51 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d7194132f3926cf4c0cc0cba0d1a1d5f
94e321281174b32394e34e4a9ece6a0c0aa9e011
dcf5885214fc0bfabfdf53807303bd0715be72ddbb9088ec40f3fc2fbb5923ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCF5885214FC0BFABFDF53807303BD0715BE72DDBB9088EC40F3FC2FBB5923EE"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16699
Expires: Sun, 27 Nov 2022 04:26:11 GMT
Date: Sat, 26 Nov 2022 23:47:52 GMT
Connection: keep-alive
burlydeclined.com/ntv.json?key=849ad080ebdaa9ca9dd84f2d9f8c2306&vstc=4&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D
173.233.137.60200 OK 17 kB URL HTTP/1.1 burlydeclined.com/ntv.json?key=849ad080ebdaa9ca9dd84f2d9f8c2306&vstc=4&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (17251), with no line terminators
Hash c306f55960a3c39916d6626ed741e684
7a1b089c0f3bcbdc2fec2410818800cdeab97ce5
3c38dc3e5e9d7e767999ee7b91e0725b820a574e61b51f1dfb1d42e1f7d6bf53
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=849ad080ebdaa9ca9dd84f2d9f8c2306&vstc=4&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: application/json
Content-Length: 17251
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://xcigamesdd.com
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17560728; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1; expires=Sat, 03 Dec 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
nlec849ad080ebdaa9ca9dd84f2d9f8c2306=[2106764,2229213,2229214,2229215]; expires=Sat, 26 Nov 2022 23:47:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e65a9887e9a15904e8d5b904fe25e35a
Strict-Transport-Security: max-age=0; includeSubdomains
soldierreproduceadmiration.com/watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 soldierreproduceadmiration.com/watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://xcigamesdd.com
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Location: https://soldierreproduceadmiration.com/watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=249bb515ea1241b89c27d8988f92b431349398ce8eccc8c99966bfc49f5d26985fe473781f98ee14935f5cfccd4da24ba6cbb0f0a736cc48598ee162dc4c0e5cb5a9004acf1e58b576defae8a32a1f16f8b8aaee25679dd2556eef4d954bf6f4d606bde5&pst=1669506532&rmtc=t
Set-Cookie: u_pl=17596898; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU5Njg5OCwiayI6ImUwNTQ1ZWE0ZTlmYWQ4NmJiYzM5N2JjMGNmNDBkYjhjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ3MjUzLCJwaWQiOjE1ODEwNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoidDh0aW5hZngiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3hjaWdhbWVzZGQuY29tL3RoZS1sZWdlbmQtb2YtemVsZGEtYnJlYXRoLW9mLXRoZS13aWxkLXM0LyJ9fQ.j7KTk_5qqPhpebNYg_mebSfKBERj3rNW2UxBNtm606U; expires=Sat, 26 Nov 2022 23:48:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a2cf5b257bd9f23588b69186aec7f2d
Strict-Transport-Security: max-age=0; includeSubdomains
integrityprinciplesthorough.com/watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=5d3b370b9836b86f37ae4ae3bf29af4d0e5de9e8891bfd78f388338034ca0ef796182c9bbfff0785b48e1774c6e1bfa018a9df39b1166cc5f3a16681e31aa13e812a4c0eba24d2ad1a61499dfa0ae2a46f325eb7&pst=1669506532&rmtc=t
192.243.61.227200 OK 642 B URL HTTP/1.1 integrityprinciplesthorough.com/watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=5d3b370b9836b86f37ae4ae3bf29af4d0e5de9e8891bfd78f388338034ca0ef796182c9bbfff0785b48e1774c6e1bfa018a9df39b1166cc5f3a16681e31aa13e812a4c0eba24d2ad1a61499dfa0ae2a46f325eb7&pst=1669506532&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash b1f7f308d518937546ecfa528afa7a38
efc2c7158efa0c81fe92910cea6b0ab4c92f1556
d746f7622e4b2253d6c61c0318bc1c47ca62456b06d6cbb7dacc876d0903a89b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1609503856191.js?key=a91295b86ab6fe2c5666ef59da3743bf&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=5d3b370b9836b86f37ae4ae3bf29af4d0e5de9e8891bfd78f388338034ca0ef796182c9bbfff0785b48e1774c6e1bfa018a9df39b1166cc5f3a16681e31aa13e812a4c0eba24d2ad1a61499dfa0ae2a46f325eb7&pst=1669506532&rmtc=t HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Referer: http://xcigamesdd.com/
Connection: keep-alive
Cookie: u_pl=17632624; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYzMjYyNCwiayI6ImE5MTI5NWI4NmFiNmZlMmM1NjY2ZWY1OWRhMzc0M2JmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ3MjUzLCJwaWQiOjE1ODEwNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3d3VnZnNneTYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3hjaWdhbWVzZGQuY29tL3RoZS1sZWdlbmQtb2YtemVsZGEtYnJlYXRoLW9mLXRoZS13aWxkLXM0LyJ9fQ.OZKx8pofmVAK_I0idxGj37lgLb0fx4jiGT5omkpEZzI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://xcigamesdd.com
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1; expires=Sat, 03 Dec 2022 23:47:52 GMT; secure; SameSite=None
iprc687b601df97f4cafc4a8e0d3f5e9a05f=2717340; expires=Mon, 28 Nov 2022 01:47:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccfdd388658c614a9204cbde973ae069
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mediasama.com/starharem/01/s/index_rt.html
144.217.67.42200 OK 1.5 kB URL HTTP/1.1 mediasama.com/starharem/01/s/index_rt.html
IP 144.217.67.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:47:52 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html
soldierreproduceadmiration.com/watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=249bb515ea1241b89c27d8988f92b431349398ce8eccc8c99966bfc49f5d26985fe473781f98ee14935f5cfccd4da24ba6cbb0f0a736cc48598ee162dc4c0e5cb5a9004acf1e58b576defae8a32a1f16f8b8aaee25679dd2556eef4d954bf6f4d606bde5&pst=1669506532&rmtc=t
173.233.137.52200 OK 2.1 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=249bb515ea1241b89c27d8988f92b431349398ce8eccc8c99966bfc49f5d26985fe473781f98ee14935f5cfccd4da24ba6cbb0f0a736cc48598ee162dc4c0e5cb5a9004acf1e58b576defae8a32a1f16f8b8aaee25679dd2556eef4d954bf6f4d606bde5&pst=1669506532&rmtc=t
IP 173.233.137.52:0
File type HTML document, ASCII text, with very long lines (2582)
Hash dd352c991f68e748415da2794caa6cdd
f8abf4410bbb73d8ed8b68e89b2c50ee3aeb265c
4bf3109cb0552b4a5aed1b0b5395221b3d69ca924b99aa4d4f1151ca6c6b4539
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.911889357703.js?key=e0545ea4e9fad86bbc397bc0cf40db8c&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&shu=249bb515ea1241b89c27d8988f92b431349398ce8eccc8c99966bfc49f5d26985fe473781f98ee14935f5cfccd4da24ba6cbb0f0a736cc48598ee162dc4c0e5cb5a9004acf1e58b576defae8a32a1f16f8b8aaee25679dd2556eef4d954bf6f4d606bde5&pst=1669506532&rmtc=t HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xcigamesdd.com
Referer: http://xcigamesdd.com/
Connection: keep-alive
Cookie: u_pl=17596898; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU5Njg5OCwiayI6ImUwNTQ1ZWE0ZTlmYWQ4NmJiYzM5N2JjMGNmNDBkYjhjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ3MjUzLCJwaWQiOjE1ODEwNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoidDh0aW5hZngiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3hjaWdhbWVzZGQuY29tL3RoZS1sZWdlbmQtb2YtemVsZGEtYnJlYXRoLW9mLXRoZS13aWxkLXM0LyJ9fQ.j7KTk_5qqPhpebNYg_mebSfKBERj3rNW2UxBNtm606U
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://xcigamesdd.com
Access-Control-Allow-Origin: http://xcigamesdd.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1; expires=Sat, 03 Dec 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 04610ba217928425ed36e4e239d570a6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
analytics.linkmoe.org/matomo.php?action_name=The%20Legend%20of%20Zelda%20%3A%20Breath%20of%20the%20Wild%20XCI%20NSP%20NSZ%20Download%20%7C%20SwitchXCI&idsite=3&rec=1&r=432233&h=23&m=47&s=52&url=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&_id=12bfdeda927da0ae&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=p6rSIs&pf_net=48&pf_srv=770&pf_tfr=51&pf_dm1=2007&uadata=%7B%7D
50.31.177.118204 No Content 0 B URL HTTP/1.1 analytics.linkmoe.org/matomo.php?action_name=The%20Legend%20of%20Zelda%20%3A%20Breath%20of%20the%20Wild%20XCI%20NSP%20NSZ%20Download%20%7C%20SwitchXCI&idsite=3&rec=1&r=432233&h=23&m=47&s=52&url=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&_id=12bfdeda927da0ae&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=p6rSIs&pf_net=48&pf_srv=770&pf_tfr=51&pf_dm1=2007&uadata=%7B%7D
IP 50.31.177.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=The%20Legend%20of%20Zelda%20%3A%20Breath%20of%20the%20Wild%20XCI%20NSP%20NSZ%20Download%20%7C%20SwitchXCI&idsite=3&rec=1&r=432233&h=23&m=47&s=52&url=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&_id=12bfdeda927da0ae&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=p6rSIs&pf_net=48&pf_srv=770&pf_tfr=51&pf_dm1=2007&uadata=%7B%7D HTTP/1.1
Host: analytics.linkmoe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
HTTP/1.1 204 No Content
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 23:47:52 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d544e647515cb189a384f9c20ec9bd24
b7b52713f8f4c02a47192ef56456e16d0ca408a9
375fc9ebeb579498db5f3df773f4a94debbab4b0f809abc2fa414e9c2bea052c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FC9EBEB579498DB5F3DF773F4A94DEBBAB4B0F809ABC2FA414E9C2BEA052C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10236
Expires: Sun, 27 Nov 2022 02:38:28 GMT
Date: Sat, 26 Nov 2022 23:47:52 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/4b/80/d5/4b80d57e7b251c0d49a00ef46da44612/1668177348.gif
45.133.44.10200 OK 26 kB URL HTTP/2 cdn.cloudimagesb.com/bi/4b/80/d5/4b80d57e7b251c0d49a00ef46da44612/1668177348.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 468 x 60\012- data
Hash 47015c49363b9680a7555e6836d2f6ee
11f07cefc4b64286d9d4131c57de2ff7187b0ef6
b7f30029b825b8313cdc4c3f90ba0cff82cc7209267a13b829859cacbcaa7f56
GET /bi/4b/80/d5/4b80d57e7b251c0d49a00ef46da44612/1668177348.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:47:52 GMT
content-type: image/gif
content-length: 26433
server: nginx/1.17.6
last-modified: Fri, 11 Nov 2022 14:35:56 GMT
etag: "636e5dcc-6741"
expires: Mon, 28 Nov 2022 23:47:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f6b302933d460ab447356556838501c
00d2123ec7f0ef5bf0d648bf4d15e69cd9902f4e
8240f397607869e239c216ca93f78f84e25299c0ad4e7483b2bd53f7861142f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8240F397607869E239C216CA93F78F84E25299C0AD4E7483B2BD53F7861142F0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4672
Expires: Sun, 27 Nov 2022 01:05:44 GMT
Date: Sat, 26 Nov 2022 23:47:52 GMT
Connection: keep-alive
lightssyrupdecree.com/watch.404303267703?key=31224abe9de8da03816b59f2882025e3&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 lightssyrupdecree.com/watch.404303267703?key=31224abe9de8da03816b59f2882025e3&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (644)
Hash 07c5718224bae9e125762a0c541904c5
8bc3f43d5a6be6770781277cb56264ea69d7a383
b0ca69a11a660b12f702d0042e4ea25a6d5fa8f06e69b3d50c68053af10e1d2f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.404303267703?key=31224abe9de8da03816b59f2882025e3&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17632612; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYzMjYxMiwiayI6IjMxMjI0YWJlOWRlOGRhMDM4MTZiNTlmMjg4MjAyNWUzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ3MjUzLCJwaWQiOjE1ODEwNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoieTExNXQwMTN3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly94Y2lnYW1lc2RkLmNvbS90aGUtbGVnZW5kLW9mLXplbGRhLWJyZWF0aC1vZi10aGUtd2lsZC1zNC8ifX0.4_cn916P1XtVW7CWkLPBoGVp3NPeikjeLflO4OZfFDM; expires=Sat, 26 Nov 2022 23:48:52 GMT; secure; SameSite=None
uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1; expires=Sat, 03 Dec 2022 23:47:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f283463458331a51210b68823a11b3bb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.404303267703?shu=887f1b64b1cba975a596d51af0d8140d5a99bc75c3ddb2def4d9ccc81833d33c772be4257514c67715ec679bbdcedee17310cb40784ca7c06dce8290adb2714a9e7c83ad41c1b1e5ccf62751bf540002eb2c47ecff8dacb1359a042ead4c&pst=1669506532&rmtc=t&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&pii=&in=false&key=31224abe9de8da03816b59f2882025e3&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D
173.233.137.36200 OK 1.8 kB URL HTTP/1.1 lightssyrupdecree.com/watch.404303267703?shu=887f1b64b1cba975a596d51af0d8140d5a99bc75c3ddb2def4d9ccc81833d33c772be4257514c67715ec679bbdcedee17310cb40784ca7c06dce8290adb2714a9e7c83ad41c1b1e5ccf62751bf540002eb2c47ecff8dacb1359a042ead4c&pst=1669506532&rmtc=t&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&pii=&in=false&key=31224abe9de8da03816b59f2882025e3&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2543)
Hash 0cb4719c61e956c8d8b84cd17ba1ad42
96965b5cd3254cf73cd009c2c9b6779dcd60e82e
2a92ca00848cb966e92e2de9a88e9a6596e9cf937af95402dcbf444446a1a684
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.404303267703?shu=887f1b64b1cba975a596d51af0d8140d5a99bc75c3ddb2def4d9ccc81833d33c772be4257514c67715ec679bbdcedee17310cb40784ca7c06dce8290adb2714a9e7c83ad41c1b1e5ccf62751bf540002eb2c47ecff8dacb1359a042ead4c&pst=1669506532&rmtc=t&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1&pii=&in=false&key=31224abe9de8da03816b59f2882025e3&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/watch.404303267703?key=31224abe9de8da03816b59f2882025e3&kw=%5B%22the%22%2C%22legend%22%2C%22of%22%2C%22zelda%22%2C%22breath%22%2C%22of%22%2C%22the%22%2C%22wild%22%2C%22xci%22%2C%22nsp%22%2C%22nsz%22%2C%22download%22%2C%22switchxci%22%5D&refer=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&tz=0&dev=e&res=12.1053&uuid=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2%3A2%3A1
Cookie: u_pl=17632612; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYzMjYxMiwiayI6IjMxMjI0YWJlOWRlOGRhMDM4MTZiNTlmMjg4MjAyNWUzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ3MjUzLCJwaWQiOjE1ODEwNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoieTExNXQwMTN3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly94Y2lnYW1lc2RkLmNvbS90aGUtbGVnZW5kLW9mLXplbGRhLWJyZWF0aC1vZi10aGUtd2lsZC1zNC8ifX0.4_cn916P1XtVW7CWkLPBoGVp3NPeikjeLflO4OZfFDM; uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
Access-Control-Allow-Origin: http://xcigamesdd.com/the-legend-of-zelda-breath-of-the-wild-s4/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=487b4eb0-51dc-4b2e-bbbb-514f654b4fd2:2:1; expires=Sat, 03 Dec 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
uncs32=1; expires=Sun, 27 Nov 2022 23:47:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae82fd9ade740a310ebddd717b931706
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17632624
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17632624
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash bf29008a592dc0c4b29cf22c7f956c36
fae85a031f91d09923db85c2357eb198442d2e62
c4cfe96c3d7ca110d4841e58108be68d602eb347be9ee75bcac1f1f043812cd2
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17632624 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:47:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sun, 27 Nov 2022 23:47:52 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc2MzI2MjQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3hjaWdhbWVzZGQuY29tLyJ9fQ.jIozudj1lvDC9zsEa_lRIc7EU11vIS5A9x-CGf1aHM8; expires=Sat, 26 Nov 2022 23:48:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a33b14e1d4ac06b1f5db4144330ccd71
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/66/77/35/667735f0500e98a68bc73487c35b40bb/1652452916.jpg
45.133.44.10200 OK 10 kB URL HTTP/2 cdn.cloudimagesb.com/bi/66/77/35/667735f0500e98a68bc73487c35b40bb/1652452916.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 320x50, components 3\012- data
Hash ac14c547c1f732a4b37a4b5ecab88a6d
b9d8d1a072c9714c2436e0b3a22ffca180242d60
77d8ebdf1b1d60ef7ae2371181c141d43b920599b95fedd8a6d76e1211c298da
GET /bi/66/77/35/667735f0500e98a68bc73487c35b40bb/1652452916.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:47:53 GMT
content-type: image/jpeg
content-length: 10278
server: nginx/1.17.6
last-modified: Fri, 13 May 2022 14:42:04 GMT
etag: "627e6e3c-2826"
expires: Mon, 28 Nov 2022 23:47:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 46dda5be353512353171448e29f7f03b
a7762e1f0130eaee496fc90addba1fce26baba49
456caa2aa1630968307c596ce7d2f0dd8c3e686e3420b191fd1f25113eadcdf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "456CAA2AA1630968307C596CE7D2F0DD8C3E686E3420B191FD1F25113EADCDF0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12008
Expires: Sun, 27 Nov 2022 03:08:01 GMT
Date: Sat, 26 Nov 2022 23:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 362b71066ac42c4db9352d63fb425acc
0b670f094abb1398c62d03acca354a8b9ebab040
f7298930224cc72206a7cb528ea1d0c01a88c90a2b2b1650d62066f14be59016
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7298930224CC72206A7CB528EA1D0C01A88C90A2B2B1650D62066F14BE59016"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11134
Expires: Sun, 27 Nov 2022 02:53:27 GMT
Date: Sat, 26 Nov 2022 23:47:53 GMT
Connection: keep-alive
e2ertt.com/bucket
139.45.197.233204 No Content 0 B IP 139.45.197.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bucket HTTP/1.1
Host: e2ertt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://xcigamesdd.com/
Origin: http://xcigamesdd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 23:47:53 GMT
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
e2ertt.com/bucket
139.45.197.233200 OK 0 B IP 139.45.197.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bucket HTTP/1.1
Host: e2ertt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/json
Content-Length: 546
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:53 GMT
content-length: 0
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=dc068b60c59f92f10c701370079c7ce511184380245ccfbcc96c820365b1d57609a4eea36eb4a68ebb18db8f943dcad148df32221bb3fc659cb394d5a5bc8ab91e4741dece1fc90a15acaa57c5f11feeacb04ebb&pst=1669506532&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fxcigamesdd.com%2F&psid=17632624
192.243.59.13302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=dc068b60c59f92f10c701370079c7ce511184380245ccfbcc96c820365b1d57609a4eea36eb4a68ebb18db8f943dcad148df32221bb3fc659cb394d5a5bc8ab91e4741dece1fc90a15acaa57c5f11feeacb04ebb&pst=1669506532&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fxcigamesdd.com%2F&psid=17632624
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=dc068b60c59f92f10c701370079c7ce511184380245ccfbcc96c820365b1d57609a4eea36eb4a68ebb18db8f943dcad148df32221bb3fc659cb394d5a5bc8ab91e4741dece1fc90a15acaa57c5f11feeacb04ebb&pst=1669506532&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fxcigamesdd.com%2F&psid=17632624 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc2MzI2MjQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3hjaWdhbWVzZGQuY29tLyJ9fQ.jIozudj1lvDC9zsEa_lRIc7EU11vIS5A9x-CGf1aHM8; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:47:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c1e86f4bfc616bbe18d31874ac0459&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprc7eded274d4cb2c988403757b9f27f619=3806410; expires=Sun, 27 Nov 2022 23:47:53 GMT
pdhtkv=true; expires=Sun, 27 Nov 2022 23:47:53 GMT
uncs=1; expires=Sun, 27 Nov 2022 23:47:53 GMT
pdhtkv28=true; expires=Sun, 27 Nov 2022 23:47:53 GMT
uncs28=1; expires=Sun, 27 Nov 2022 23:47:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca7b49b6d20f67e08189a966b53654c0
Strict-Transport-Security: max-age=0; includeSubdomains
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c1e86f4bfc616bbe18d31874ac0459&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
78.46.92.254302 Found 0 B URL HTTP/1.1 spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c1e86f4bfc616bbe18d31874ac0459&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18c1e86f4bfc616bbe18d31874ac0459&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9q5fywhwj; expires=Sun, 27-Nov-2022 23:47:53 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15; expires=Sun, 27-Nov-2022 23:47:53 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=1691699750bf677973&uclick=h9q5fywhwj&uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15
Strict-Transport-Security: max-age=31536000
bo2217ok3tro9.com/1/?lpkey=1691699750bf677973&uclick=h9q5fywhwj&uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15
78.46.92.254200 OK 1.4 kB URL HTTP/1.1 bo2217ok3tro9.com/1/?lpkey=1691699750bf677973&uclick=h9q5fywhwj&uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004
GET /1/?lpkey=1691699750bf677973&uclick=h9q5fywhwj&uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15 HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c68738619a804148d1c723255009198
aa5b458f6fce0c4f4aef0623f3bf5d8c6f6cfafd
9707f3ee6320844cad2474031ec9651e771581031ca5b9d2fb21f899847b2892
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6507
Cache-Control: max-age=147334
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:54 GMT
Etag: "638228c5-117"
Expires: Mon, 28 Nov 2022 16:43:28 GMT
Last-Modified: Sat, 26 Nov 2022 14:55:01 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 26 Nov 2022 23:47:54 GMT
date: Sat, 26 Nov 2022 23:47:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/axios/dist/axios.min.js
104.16.125.175302 Found 12 kB URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.125.175:0
Hash 68d09804447586799519ef20970e0513
7571b0bdb29524e56ccae6e0973f5d5933c9d63e
f15f2303253c9655d55d95d4621413c2e09c6627c8a57d8c140fcef108bd6d70
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 26 Nov 2022 23:47:54 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJV59CAXHPY1HCMYK8SKATJK-fra
cf-cache-status: HIT
age: 160
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770683083dd2b4fd-OSL
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash f85bb160eb8dd2221a8bc1d2e2bae64e
360c7f097d45c32696fc6793660fac47c156284a
c6b1d50d1375ca87a7fb1ef795755d14f375b47c9941933861fe7f32bd614341
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 23:47:54 GMT
expires: Sat, 26 Nov 2022 23:47:54 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bo2217ok3tro9.com/1/bg.png
78.46.92.254200 OK 61 kB URL HTTP/1.1 bo2217ok3tro9.com/1/bg.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 400 x 299, 8-bit grayscale, non-interlaced\012- data
Hash d7096ad35844972e015e865729d13235
42c79d98b50275dcc447bd61d845ee2ed52ae45e
8bccdb408e67a3b44e0f5d417486c8d251f2e4acbae8542465aad3c7052341dd
GET /1/bg.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=1691699750bf677973&uclick=h9q5fywhwj&uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:54 GMT
Content-Type: image/png
Content-Length: 61362
Last-Modified: Wed, 13 Jul 2022 07:58:38 GMT
Connection: keep-alive
ETag: "62ce7b2e-efb2"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bo2217ok3tro9.com/favicon.png
78.46.92.254404 Not Found 114 B URL HTTP/1.1 bo2217ok3tro9.com/favicon.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=1691699750bf677973&uclick=h9q5fywhwj&uclickhash=h9q5fywhwj-h9q5fywhwj-17dz-166o-ir8n-bza7-oje8-bc6c15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:47:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 8510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 40556
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik
IP 142.250.74.10:0
GET /css?family=Rubik HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:47:50 GMT
date: Sat, 26 Nov 2022 23:47:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:47:50 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmXfTzXyJ3SUa4dZqAoS8XnTuLKlzHYLJlyWxnWEgT%2Fi9hKM5B6rlMlE0cDMd%2BwSkWkUoH59BSTYdd6ICJJwnAw6zahYSO6yCYVD18vhqNkCDSya1e%2FaT1CjOOCwfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770682f2fcd8b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5382937&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=56b7c6a3af7249829cad03a4b0a8c066
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/9?z=5382937&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=56b7c6a3af7249829cad03a4b0a8c066
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5382937&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fxcigamesdd.com%2Fthe-legend-of-zelda-breath-of-the-wild-s4%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=56b7c6a3af7249829cad03a4b0a8c066 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 274
Origin: http://xcigamesdd.com
Connection: keep-alive
Referer: http://xcigamesdd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:47:51 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: http://xcigamesdd.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 40ceb666cdc290fc2e495d15a93af3cf
access-control-expose-headers: X-Sc
x-sc: UdF_3t3yi0ojaJ-IShW4djmrjkU04_Xa1-YNDTOPg4-vf7eYH3pUB9HIyXLUklz7ZL-OvE6345XaOYMby3adC_WgytU=
set-cookie: scm=1; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
OAID=56b7c6a3af7249829cad03a4b0a8c066; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
oaidts=1669506471; expires=Sun, 26 Nov 2023 23:47:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2