| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-23"
expires: Fri, 24 May 2024 08:30:37 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/embed-g0yo2s7mf83f.html | 78.142.18.54 | 200 OK | 81 kB |
URL User Request GET HTTP/2videzz.net/embed-g0yo2s7mf83f.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, max speed, from Unix Hashd82bb6aa2059713acfee3b3d09979e65 bdd32fd4ca2b2bcb1958eceb2d0d9412598b2803 51f0a2687bba0a0a2b0bed1b946ccc5edb034b5c74cab3859fb1acd790f2ab4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /embed-g0yo2s7mf83f.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 23 Apr 2024 08:30:57 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 25-Apr-2023 08:30:57 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ubbfpm.com/ms/1000284/inpage_adult.js | 95.216.206.230 | 200 OK | 256 kB |
URL GET HTTP/1.1ubbfpm.com/ms/1000284/inpage_adult.js IP95.216.206.230:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectubbfpm.com Fingerprint0A:31:CC:85:42:02:6E:D7:B9:FF:4B:B8:53:82:8D:0B:55:2D:28:37 ValidityThu, 04 Apr 2024 20:03:13 GMT - Wed, 03 Jul 2024 20:03:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size256 kB (255601 bytes) Hash3208d9d292aa283e89c77e1f4e58c612 79c9c6386365ba5bd430d96feebd9af2318d49eb c7db360813223c6b0dfa3a65d6ba6dc1202b32ba3f7aa0d070c238e670a6885a
GET /ms/1000284/inpage_adult.js HTTP/1.1
Host: ubbfpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:30:58 GMT
Content-Type: application/javascript
Content-Length: 255601
Last-Modified: Fri, 21 Apr 2023 15:45:14 GMT
Connection: keep-alive
ETag: "6442af8a-3e671"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-d3"
expires: Fri, 24 May 2024 08:30:43 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-2074"
expires: Fri, 24 May 2024 08:30:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-18e9"
expires: Fri, 24 May 2024 08:21:00 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| vz.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.cpbj8ddae04d.shop Fingerprint05:51:C2:15:91:D1:D4:BC:15:B2:36:C5:1A:40:61:CC:74:87:18:53 ValidityTue, 23 Apr 2024 10:27:07 GMT - Mon, 22 Jul 2024 10:27:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/henYKwb.js | 135.181.208.216 | 200 OK | 88 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /henYKwb.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 740943
expires: Mon, 14 Apr 2025 08:30:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HX8ercSbtAQU7veDDouQgoR7k6TAOFtgkRn%2FDWclVmjj3wd9tDtP2i3x%2BRHT8EW%2Ff3U15Azt2H5zYzuKDPF85keFHuYwAkr0xtwU%2FLlFrqzN1aYuobMy%2F%2BWi3XkOiUCYKVTkrf6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8794bbfeeb9256a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 41 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Hash223cb60d8e2d85b088d71cb6e2829d33 50bf1a42f52ca8558b74c1e4dfe8cba22d2f51ba d3f3dd666aabe0bf18156d1a2b251af7ee54959c9f15b8cc78d5dd28935e6e9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-22364"
expires: Fri, 24 May 2024 08:21:04 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| kr.cafenehkikki.com/1clkn/14903 | 23.109.170.241 | 200 OK | 26 B |
URL GET HTTP/1.1kr.cafenehkikki.com/1clkn/14903 IP23.109.170.241:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectkr.cafenehkikki.com Fingerprint50:EE:4F:95:B6:16:97:F3:4B:CE:8F:41:22:EB:63:02:F2:48:7A:F2 ValidityThu, 18 Apr 2024 00:50:14 GMT - Wed, 17 Jul 2024 00:50:13 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: kr.cafenehkikki.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:30:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 08:30:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 08:30:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hash5b2770b33934d3633aaaec8b33f3cdf7 63ae412324a3db21d0274438bc143ce8c673a6e9 80e5fc68af518a20fad7461f8499d49b960d1a4d50a0a423a0e3ed0ad934bfe3
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:30:58 GMT
expires: Wed, 24 Apr 2024 08:30:58 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js | 192.243.61.227 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44065), with no line terminators Hashe2a5e0193911f4323427a1626607ce46 bb14360161dbafa1a46b981cfb2b0f7e276c5e03 acdefe56e1dee09ac95a7a1a7cdaeea8cee6dcd03ee4d83407059ecbbba96e5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 08:30:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc191760cc42edbf44c50b4cac1898f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.70.197 | 200 OK | 26 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uyznthxAYKLdqkqMFs%2BlEmSND%2FCZW0SgKJ90BaRtGb5KqnzDppiPL7X%2FonZ8a7tCIwb6q1ayJ2CjdGXG%2F%2FKHGIr3pkK%2BZl5ILozvXlUtMJT9pwQBhRfaQMa48icbnNAN1iN5Sbc"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3620
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc005a0a92d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLWcweW8yczdtZjgzZi5odG1s | 185.162.85.14 | 204 No Content | 0 B |
URL GET HTTP/2xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLWcweW8yczdtZjgzZi5odG1s IP185.162.85.14:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectxngqoc.com Fingerprint74:49:02:07:2C:4D:A7:02:77:1D:8C:AA:44:24:E1:12:35:DE:56:11 ValiditySat, 24 Feb 2024 00:26:56 GMT - Fri, 24 May 2024 00:26:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLWcweW8yczdtZjgzZi5odG1s HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 24 Apr 2024 08:30:58 GMT
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash8b31b2fe4a1d2ae1463d9085bae8acad 6da6b3a2508bdecd6162ba27f6e37ef91ac165af a3cab03dc42ab8d04fa35322385992bfeb159e3e56b8edbaecffda40ab2f32a2
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4f02c285-5879-43f8-8696-814a63be83c7:2:1; expires=Sat, 22 Apr 2034 08:30:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| str33.vidoza.net/i/02/07322/g0yo2s7mf83f.jpg?v=1713947457 | 213.152.167.246 | 200 OK | 31 kB |
URL GET HTTP/2str33.vidoza.net/i/02/07322/g0yo2s7mf83f.jpg?v=1713947457 IP213.152.167.246:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, baseline, precision 8, 480x856, components 3 Hasheee61a9ac1b639f4796550296a08eaef 9eb515cb5f8744e4670db9418c70d4499dd49ec1 f5a4daba5bf3a9d83d4b3b065c0675b9977f1bc21d8235b2a49b71838a2ba6fd
GET /i/02/07322/g0yo2s7mf83f.jpg?v=1713947457 HTTP/1.1
Host: str33.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: image/jpeg
content-length: 31441
last-modified: Wed, 25 Oct 2023 20:40:07 GMT
etag: "65397d27-7ad1"
expires: Wed, 08 May 2024 08:30:59 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 104.22.70.197 | 200 OK | 776 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA%2B6CgmC8jseqBD58yzw3g08jOUphhgsylzMxZ9D42vO%2BJBt32H6ze0OdR1laWID89ODHa4t%2Bxndp0DSd5UXaRTw8BQyEZ3vgr9VvN7BcD2jiKHRKXH68v4autIBxyvEqTc%2B93g%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25960
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc047f6c92d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 94 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash892db56ff78f1d031800753ef31cb601 aa6dfe01c4367cb179a3744adbe050468f5acc16 91e018c18d5e8d0790c75b5bc903ff74a4aa838fe8205719628cf1264696c764
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:30:59 GMT
expires: Wed, 24 Apr 2024 08:30:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| chroniclesugar.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js | 192.243.59.13 | 200 OK | 31 kB |
URL GET HTTP/1.1chroniclesugar.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectchroniclesugar.com Fingerprint10:4E:AB:21:CE:9D:B4:D1:EE:98:F9:04:AD:CE:0E:B1:15:57:C1:E2 ValidityTue, 23 Apr 2024 10:51:42 GMT - Mon, 22 Jul 2024 10:51:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash5cf4de59e388c14a038cc673d8c332c3 57ba5060e068e3558e47b0e82db7ec9ea1d09a42 2818c3d7cc35118449e005a4ae6446dd80617565db5d9a817084dc12004da344
GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: chroniclesugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 08:30:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5b8a55c7d52871a8aa845572fa3f1bc0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash8b31b2fe4a1d2ae1463d9085bae8acad 6da6b3a2508bdecd6162ba27f6e37ef91ac165af a3cab03dc42ab8d04fa35322385992bfeb159e3e56b8edbaecffda40ab2f32a2
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=4f02c285-5879-43f8-8696-814a63be83c7:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| chroniclesugar.com/sbar.json?key=9785383bf0d8f2fb611d938245088565 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1chroniclesugar.com/sbar.json?key=9785383bf0d8f2fb611d938245088565 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectchroniclesugar.com Fingerprint10:4E:AB:21:CE:9D:B4:D1:EE:98:F9:04:AD:CE:0E:B1:15:57:C1:E2 ValidityTue, 23 Apr 2024 10:51:42 GMT - Mon, 22 Jul 2024 10:51:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sbar.json?key=9785383bf0d8f2fb611d938245088565 HTTP/1.1
Host: chroniclesugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 08:30:59 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071529; expires=Thu, 25 Apr 2024 08:30:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d886488253d7dfe2834ff6a34260b458
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1828469
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc0918bfb51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.96.1 | 200 OK | 738 B |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.96.1:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (852), with CRLF line terminators Hashb340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5141
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snNPSWkjSx8xlPN6iDHyVmrKU1PBw%2Fi716qwA9VIKV5myxzf%2FKrFmaXgF67ZprfZTufTMu7zipyHsgnTFvIuCFFukEVJzqGrG0CGnqKKS2x%2BC96oE%2BaNEpbcf4PNB88SWXsfYfsVaWL6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc059b09b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=767867585.1713947460>m=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1727741204 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=767867585.1713947460>m=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1727741204 IP142.250.74.163:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=767867585.1713947460>m=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1727741204 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 08:31:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70101?s1=17561&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a | 135.181.208.216 | 200 OK | 74 B |
URL GET HTTP/2zv.7vid.net/api/spots/70101?s1=17561&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML 1.0 document, ASCII text Hash7d127b85dbedcd3bae75b08dab4799cd a4b20a54ddc501e5d068d937b3c5e57abcd4fe2b 15a239584cd532591d34c08ea6af79c346d6ab3b342965ebb150a17fb70a5836
GET /api/spots/70101?s1=17561&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=kDKIPcquO9ko7JPfXdQt; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2fV5mvwHqnOiNtamMdrrG8flnOMbTAVUnmKhpfpJW4I_0_4
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash8b31b2fe4a1d2ae1463d9085bae8acad 6da6b3a2508bdecd6162ba27f6e37ef91ac165af a3cab03dc42ab8d04fa35322385992bfeb159e3e56b8edbaecffda40ab2f32a2
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=4f02c285-5879-43f8-8696-814a63be83c7:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash8b31b2fe4a1d2ae1463d9085bae8acad 6da6b3a2508bdecd6162ba27f6e37ef91ac165af a3cab03dc42ab8d04fa35322385992bfeb159e3e56b8edbaecffda40ab2f32a2
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=4f02c285-5879-43f8-8696-814a63be83c7:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| xngqoc.com/trt?a=1&t=1595 | 185.162.85.14 | 200 OK | 0 B |
URL GET HTTP/2xngqoc.com/trt?a=1&t=1595 IP185.162.85.14:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectxngqoc.com Fingerprint74:49:02:07:2C:4D:A7:02:77:1D:8C:AA:44:24:E1:12:35:DE:56:11 ValiditySat, 24 Feb 2024 00:26:56 GMT - Fri, 24 May 2024 00:26:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /trt?a=1&t=1595 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 Apr 2024 08:31:00 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| str33.vidoza.net/nvl4etyucefeieno3u6qpdp6oymfeglm7ucsjgxkawh2yp5iepn4iemhf6sa/v.mp4 | 213.152.167.246 | 206 Partial Content | 2.9 MB |
URL GET HTTP/2str33.vidoza.net/nvl4etyucefeieno3u6qpdp6oymfeglm7ucsjgxkawh2yp5iepn4iemhf6sa/v.mp4 IP213.152.167.246:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size2.9 MB (2949491 bytes) Hash4ccd56a862f00a2ffa6d9b766362e7c5 15b5747207ce76aa2f866554da39091a2170f065 06a8e95565dd21f459f2eb7e6fb49cffd3876382e30c189a8d83b322267f954f
GET /nvl4etyucefeieno3u6qpdp6oymfeglm7ucsjgxkawh2yp5iepn4iemhf6sa/v.mp4 HTTP/1.1
Host: str33.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: video/mp4
content-length: 11251248
last-modified: Wed, 25 Oct 2023 20:40:06 GMT
etag: "65397d26-abae30"
content-range: bytes 0-11251247/11251248
X-Firefox-Spdy: h2
|
|
| xngqoc.com/admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=5db3a4e34790624df926db520a13f79f&f=8&tz=0 | 185.162.85.14 | 200 OK | 0 B |
URL GET HTTP/2xngqoc.com/admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=5db3a4e34790624df926db520a13f79f&f=8&tz=0 IP185.162.85.14:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectxngqoc.com Fingerprint74:49:02:07:2C:4D:A7:02:77:1D:8C:AA:44:24:E1:12:35:DE:56:11 ValiditySat, 24 Feb 2024 00:26:56 GMT - Fri, 24 May 2024 00:26:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=5db3a4e34790624df926db520a13f79f&f=8&tz=0 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 Apr 2024 08:31:00 GMT
content-length: 0
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 104.21.37.74 | 200 OK | 148 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash3e4f8d950f382330e0d32f9aa59bb11b 0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d 25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ubi6SSqKOztMvEie4jLGUNyayPXjx0ozIjboB5qvyY8wpKrxLf6f3J%2FJdF5H1NDE99zMTgbwJFNpFAZCAULV1ekfuO0RFcztpQ7pHxCJKUpyvg6k2tdV19nmFpU24KlAzwKgG12rwUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc035cbe5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| prhzxq.com/wnrw?aid=4212595371997349551&a=1 | 185.162.85.2 | 200 OK | 0 B |
URL GET HTTP/2prhzxq.com/wnrw?aid=4212595371997349551&a=1 IP185.162.85.2:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectprhzxq.com Fingerprint87:C3:48:A2:19:6F:6E:8D:38:0C:0F:36:C4:B2:6A:3B:DA:2F:18:5F ValidityWed, 13 Mar 2024 04:32:08 GMT - Tue, 11 Jun 2024 04:32:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnrw?aid=4212595371997349551&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 Apr 2024 08:31:00 GMT
content-length: 0
access-control-allow-origin: https://videzz.net
X-Firefox-Spdy: h2
|
|
| ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU5KSOCY2Jr8weIUjfhFuqA2i3sHrTJnYDo3DFY0d_rqw_0_4 | 23.226.122.79 | 302 Found | 99 B |
URL GET HTTP/2ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU5KSOCY2Jr8weIUjfhFuqA2i3sHrTJnYDo3DFY0d_rqw_0_4 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerUnizeto Technologies S.A. Subject*.admidainsight.com Fingerprint37:A5:03:98:37:9F:EC:60:A5:A6:29:EF:7B:E2:DF:62:3D:BD:D3:FA ValidityMon, 08 Jan 2024 09:11:15 GMT - Tue, 07 Jan 2025 09:11:14 GMT
File typeHTML document, ASCII text Hash9489078b97deb1c28322ed7bc3c04349 48230a06ae34ff51d047e8c86d9f71ced57bc482 51747136ef0a5b3b7896770f895c8fa06a81429e0fa97fde6fc6a14a05aa9019
GET /nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU5KSOCY2Jr8weIUjfhFuqA2i3sHrTJnYDo3DFY0d_rqw_0_4 HTTP/1.1
Host: ownxmlclick.admidainsight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=utf-8
content-length: 99
location: https://meetbenjen.com/in/p/?spot_id=548226&cat=25&sub_id=1982928765
X-Firefox-Spdy: h2
|
|
| ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2fV5mvwHqnOiNtamMdrrG8flnOMbTAVUnmKhpfpJW4I_0_4 | 23.226.122.79 | 302 Found | 99 B |
URL GET HTTP/2ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2fV5mvwHqnOiNtamMdrrG8flnOMbTAVUnmKhpfpJW4I_0_4 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerUnizeto Technologies S.A. Subject*.admidainsight.com Fingerprint37:A5:03:98:37:9F:EC:60:A5:A6:29:EF:7B:E2:DF:62:3D:BD:D3:FA ValidityMon, 08 Jan 2024 09:11:15 GMT - Tue, 07 Jan 2025 09:11:14 GMT
File typeHTML document, ASCII text Hash9489078b97deb1c28322ed7bc3c04349 48230a06ae34ff51d047e8c86d9f71ced57bc482 51747136ef0a5b3b7896770f895c8fa06a81429e0fa97fde6fc6a14a05aa9019
GET /nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2fV5mvwHqnOiNtamMdrrG8flnOMbTAVUnmKhpfpJW4I_0_4 HTTP/1.1
Host: ownxmlclick.admidainsight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=utf-8
content-length: 99
location: https://meetbenjen.com/in/p/?spot_id=548226&cat=25&sub_id=1982928765
X-Firefox-Spdy: h2
|
|
| ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2UeJYh0y8OCjGh0cC1UEckSSWoesa-uSJAT0kZMGM6d_0_4 | 23.226.122.79 | 302 Found | 99 B |
URL GET HTTP/2ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2UeJYh0y8OCjGh0cC1UEckSSWoesa-uSJAT0kZMGM6d_0_4 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerUnizeto Technologies S.A. Subject*.admidainsight.com Fingerprint37:A5:03:98:37:9F:EC:60:A5:A6:29:EF:7B:E2:DF:62:3D:BD:D3:FA ValidityMon, 08 Jan 2024 09:11:15 GMT - Tue, 07 Jan 2025 09:11:14 GMT
File typeHTML document, ASCII text Hash9489078b97deb1c28322ed7bc3c04349 48230a06ae34ff51d047e8c86d9f71ced57bc482 51747136ef0a5b3b7896770f895c8fa06a81429e0fa97fde6fc6a14a05aa9019
GET /nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2UeJYh0y8OCjGh0cC1UEckSSWoesa-uSJAT0kZMGM6d_0_4 HTTP/1.1
Host: ownxmlclick.admidainsight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=utf-8
content-length: 99
location: https://meetbenjen.com/in/p/?spot_id=548226&cat=25&sub_id=1982928765
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashdf061fb4dfb37e95d4e0a2d1981251d2 eccdd447dfa92af7f474978ed596be9b6cb1d7e8 ef712eaabe9f00b4048c74b413208880d1644101b82c37b0c2de2dcd69ef5f76
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/0YDX8OE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vQX3AJ57bLp%2BlJDEgnJVPl2DI2jMzlj9NKdieG105BF%2FNaDGctaQEo4oPKzSad2Bf1g0%2BAxo0sTzDhqctWVEPuMI710eGv8MpXLJm5r0YEbW787Dihd0G%2Fp3qYDu%2BUssQsqO1SyblA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc061eba5684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=4f02c285-5879-43f8-8696-814a63be83c7&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=4f02c285-5879-43f8-8696-814a63be83c7&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=4f02c285-5879-43f8-8696-814a63be83c7&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f69873437ab126570fd2b9578e040c3a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=4f02c285-5879-43f8-8696-814a63be83c7&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=4f02c285-5879-43f8-8696-814a63be83c7&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=4f02c285-5879-43f8-8696-814a63be83c7&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ef249e0bde54109b66d63a42c5828de
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://rb.gy/cz5e2h
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://t4.lowtid.com/o.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=EUFu90gwicI_0&s=613633_612978
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK | 142.250.74.168 | | 102 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size102 kB (101626 bytes) Hasheb068fabed14a17952e28ad04d0c004a 38a537a6706cf8a17a94c313c8a0e8902d17a823 2d0ae4aaffaaa57caaa06ea5af43ca1e5cf7593c9451ce077caf19d18520b6fb
GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:31:01 GMT
expires: Wed, 24 Apr 2024 08:31:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-7 | 142.250.74.168 | | 71 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-7 IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash85d66bd0c9f4f77b46a7a07a470348b1 78e7892c9504851775ab82ef837e7400926cf4a6 1dea34841bb022689bbc5233adfb9047761fecb30936d899cec55ce84f5973a2
GET /gtag/js?id=UA-119774978-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:31:01 GMT
expires: Wed, 24 Apr 2024 08:31:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| meetbenjen.com/in/p/?spot_id=548226&cat=25&sub_id=1982928765 | 109.206.191.198 | 200 OK | 2.6 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=548226&cat=25&sub_id=1982928765 IP109.206.191.198:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typegzip compressed data, from Unix Hash26bf2e60a57c1469f34e13e962eb4ed4 722893a842d59b0082fbf1f9c9ce57b1577644a2 04254d0e2b862f6270dc8896ff62a199b7ba1ecaaf36cccbce5316c876ce53bd
GET /in/p/?spot_id=548226&cat=25&sub_id=1982928765 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Thu, 25 Apr 2024 08:31:00 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyMzB9fQ== | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyMzB9fQ== IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyMzB9fQ== HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://boloptrex.com/popunder/in/click/?mid=7905986621213686751&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=cce0313e08a2c6198d8c435537396d0b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c | 142.250.74.168 | | 69 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hash2a94f4bd2de2ffeae27b673a52f7e07f 303f685d508b973125c4c3352428836ed5978fc7 c74b62d99a5a2098972d1a5e6094050caece21705b32ead2ff2715b37921217b
GET /gtag/js?id=UA-119774978-8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:31:01 GMT
expires: Wed, 24 Apr 2024 08:31:01 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyNjR9fQ== | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyNjR9fQ== IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyNjR9fQ== HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://boloptrex.com/popunder/in/click/?mid=3632550936476684120&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=16324&price=0&is_cpm=0&cpm=4&ecpm=3.0467998981476&crid=54175&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=http%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fwin%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pop_winurl=&ip=91.90.42.154&testab=&px_id=548226&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.16069319166567783&placement_type_id=7&skin_test=&verify_hash=a139f12f1ad88061a414d8eb9f0197bd&score=1&durl=&ml=&tag_ab=&original_bid=0.004&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=89,4,83&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=175&scroll_percent=0&empty_clicks=0&aid=3780&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=89,4,83
X-Firefox-Spdy: h2
|
|
| boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyNDl9fQ== | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyNDl9fQ== IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTgyOTI4NzY1Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1NDgyMjYsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTQ4MjI2IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiMzM0a2g3ZjN4aDZ2NnpmbHJkN2w3byJ9LCJleHQiOnsiZHQiOjE3MTM5NDc0NjEyNDl9fQ== HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://boloptrex.com/popunder/in/click/?mid=7954962668047947007&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ed09992d6440347df29e77998242f382&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| boloptrex.com/popunder/in/click/?mid=7905986621213686751&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=cce0313e08a2c6198d8c435537396d0b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/popunder/in/click/?mid=7905986621213686751&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=cce0313e08a2c6198d8c435537396d0b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=7905986621213686751&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=cce0313e08a2c6198d8c435537396d0b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c | 142.250.74.168 | | 93 kB |
URL www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash9306a4b9536245d4554647dd7fe15298 4714cf5d20fc32aacb3821cdb36f1b4739e6c939 9f2ee62c1e5c203d05f9c2a4e653d254971fae632887cf99a7edcac56fdb0625
GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:31:01 GMT
expires: Wed, 24 Apr 2024 08:31:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92943
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| boloptrex.com/popunder/in/click/?mid=7954962668047947007&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ed09992d6440347df29e77998242f382&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/popunder/in/click/?mid=7954962668047947007&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ed09992d6440347df29e77998242f382&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=7954962668047947007&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ed09992d6440347df29e77998242f382&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1982928765%26site_id%3D548226%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D548226%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| boloptrex.com/popunder/in/click/?mid=3632550936476684120&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=16324&price=0&is_cpm=0&cpm=4&ecpm=3.0467998981476&crid=54175&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=http%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fwin%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pop_winurl=&ip=91.90.42.154&testab=&px_id=548226&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.16069319166567783&placement_type_id=7&skin_test=&verify_hash=a139f12f1ad88061a414d8eb9f0197bd&score=1&durl=&ml=&tag_ab=&original_bid=0.004&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=89,4,83&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=175&scroll_percent=0&empty_clicks=0&aid=3780&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=89,4,83 | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/popunder/in/click/?mid=3632550936476684120&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=16324&price=0&is_cpm=0&cpm=4&ecpm=3.0467998981476&crid=54175&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=http%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fwin%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pop_winurl=&ip=91.90.42.154&testab=&px_id=548226&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.16069319166567783&placement_type_id=7&skin_test=&verify_hash=a139f12f1ad88061a414d8eb9f0197bd&score=1&durl=&ml=&tag_ab=&original_bid=0.004&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=89,4,83&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=175&scroll_percent=0&empty_clicks=0&aid=3780&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=89,4,83 IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=3632550936476684120&pid=0&site=548226&sc=NO&usage_type=DCH&subid=1982928765&sid=0&cid=16324&price=0&is_cpm=0&cpm=4&ecpm=3.0467998981476&crid=54175&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=548226&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=http%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fwin%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pop_winurl=&ip=91.90.42.154&testab=&px_id=548226&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.16069319166567783&placement_type_id=7&skin_test=&verify_hash=a139f12f1ad88061a414d8eb9f0197bd&score=1&durl=&ml=&tag_ab=&original_bid=0.004&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Ftrack-us.byte-builders.net%2Fpop%2Fimp%3Fauth%3Dn25uq8%26c%3Dt_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=89,4,83&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=175&scroll_percent=0&empty_clicks=0&aid=3780&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=89,4,83 HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://track-us.byte-builders.net/pop/imp?auth=n25uq8&c=t_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU
X-Firefox-Spdy: h2
|
|
| t4.lowtid.com/o.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=EUFu90gwicI_0&s=613633_612978 | 51.161.115.163 | 302 Found | 0 B |
URL GET HTTP/1.1t4.lowtid.com/o.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=EUFu90gwicI_0&s=613633_612978 IP51.161.115.163:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectburned-koala.landingtrack.com Fingerprint44:66:30:52:DF:94:4D:7B:75:C2:24:FF:D5:68:54:BC:45:12:80:B6 ValiditySat, 24 Feb 2024 19:21:31 GMT - Fri, 24 May 2024 19:21:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /o.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=EUFu90gwicI_0&s=613633_612978 HTTP/1.1
Host: t4.lowtid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 12sdrz1osp
Raund: 2ql
Location: https://go.savethereef.xyz/redirect?feed=491151&url=t4.lowtid.com&subid=custom_123j1djb25.no.linux.firefox&query=613633_612978&pub_clickid=6628c345b8546e0c5c0a281a&default_url=https%3A%2F%2Ft5.hightid.com%2Fl.php%3Fp%3Dc%3Ata9_53qhga_rsxmy1%26d%3D63c8043c495b371a0335667c%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D
|
|
| popdemission.com/in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.173.18 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.173.18:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 24 Apr 2024 08:31:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 849.0=1; expires=Thu, 25 Apr 2024 08:31:01 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://serosaharlem.com/ij70IKIf4Ueonvwm/57128
|
|
| rb.gy/cz5e2h | 52.54.114.184 | 301 Moved Permanently | 0 B |
IP52.54.114.184:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerAmazon Subjectrb.gy FingerprintDB:A6:0C:96:5D:05:26:D6:95:BF:CD:A8:79:39:3C:DA:CC:7E:93:A5 ValiditySat, 19 Aug 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cz5e2h HTTP/1.1
Host: rb.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 08:31:01 GMT
content-length: 0
location: https://ak.theepsie.com/4/6968056
cache-control: no-cache, no-store
expires: -1
engine: Rebrandly.redirect, version 2.1
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.173.18 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.173.18:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=1982928765&site_id=548226&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=548226&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 24 Apr 2024 08:31:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 849.0=1; expires=Thu, 25 Apr 2024 08:31:01 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| hoddlegamey.com/itLmTlMrHisAt/67652 | 23.109.170.77 | 200 OK | 61 B |
URL GET HTTP/1.1hoddlegamey.com/itLmTlMrHisAt/67652 IP23.109.170.77:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecthoddlegamey.com Fingerprint07:BD:B4:24:F4:70:EB:F5:60:F8:9F:61:E8:65:29:7E:9B:54:8C:D2 ValidityMon, 22 Apr 2024 23:02:12 GMT - Sun, 21 Jul 2024 23:02:11 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:31:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 08:31:01 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 08:31:01 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713947460000-105 | 206.54.181.250 | 200 OK | 359 B |
URL GET HTTP/1.1latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713947460000-105 IP206.54.181.250:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subject*.aqgykagexo.ru FingerprintDF:94:30:8E:BA:55:DE:41:4D:F9:A3:64:DE:7E:C8:C4:CA:64:32:61 ValidityWed, 06 Mar 2024 08:45:05 GMT - Tue, 04 Jun 2024 08:45:04 GMT
File typeHTML document, ASCII text Hash9a3805c6d236dd1f03d268b42aa0cfd6 25300c64fe0500441b584d6fea00f0d6e9dcb8e2 95bc230af50a166375abffe82f6855dd22f491ddb5113fd885fbc16ddd80299d
GET /click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713947460000-105 HTTP/1.1
Host: latest-557263.aqgykagexo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
set-cookie: clickId_557263=1713947460000-1; path=/; samesite=none; secure; httponly
date: Wed, 24 Apr 2024 08:31:02 GMT
connection: close
transfer-encoding: chunked
|
|
| serosaharlem.com/ij70IKIf4Ueonvwm/57128 | 23.109.170.171 | 200 OK | 61 B |
URL GET HTTP/1.1serosaharlem.com/ij70IKIf4Ueonvwm/57128 IP23.109.170.171:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectserosaharlem.com FingerprintD7:7E:93:E5:2A:87:40:E0:79:E0:26:F2:7D:4F:3D:6E:18:83:68:09 ValidityMon, 04 Mar 2024 23:13:23 GMT - Sun, 02 Jun 2024 23:13:22 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ij70IKIf4Ueonvwm/57128 HTTP/1.1
Host: serosaharlem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 08:31:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 08:31:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 08:31:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ak.theepsie.com/4/6968056 | 23.36.77.17 | 200 OK | 13 kB |
URL GET HTTP/2ak.theepsie.com/4/6968056 IP23.36.77.17:443 ASN#20940 Akamai International B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectak.hetaruwg.com Fingerprint25:F9:4E:BA:86:65:45:64:6B:96:B1:61:8C:D3:05:24:CD:CF:AD:8C ValidityMon, 15 Apr 2024 13:59:12 GMT - Sun, 14 Jul 2024 13:59:11 GMT
File typeHTML document, ASCII text, with very long lines (18491) Hash9df7127102fcf4edb1e77ea5be6a9c9d c52b919ac124eaf47b14a2007f2500fb95c3bb8b 7224b3599576c51a0d5da56e357ba838207e3c1b302c00d34bc094762388ceea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/6968056 HTTP/1.1
Host: ak.theepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 334ff9a44499fd1602d2df1655a739d3
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Wed, 24 Apr 2024 08:31:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 24 Apr 2024 08:31:02 GMT
content-length: 13358
vary: Accept-Encoding
set-cookie: OAID=008048e4bd8243aaecec4b909facf94a; expires=Thu, 24 Apr 2025 08:31:02 GMT; path=/; secure; SameSite=None
oaidts=1713947462; expires=Thu, 24 Apr 2025 08:31:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
|
|
| go.savethereef.xyz/redirect?feed=491151&url=t4.lowtid.com&subid=custom_123j1djb25.no.linux.firefox&query=613633_612978&pub_clickid=6628c345b8546e0c5c0a281a&default_url=https%3A%2F%2Ft5.hightid.com%2Fl.php%3Fp%3Dc%3Ata9_53qhga_rsxmy1%26d%3D63c8043c495b371a0335667c%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D | 198.134.116.30 | 302 Found | 0 B |
URL GET HTTP/1.1go.savethereef.xyz/redirect?feed=491151&url=t4.lowtid.com&subid=custom_123j1djb25.no.linux.firefox&query=613633_612978&pub_clickid=6628c345b8546e0c5c0a281a&default_url=https%3A%2F%2Ft5.hightid.com%2Fl.php%3Fp%3Dc%3Ata9_53qhga_rsxmy1%26d%3D63c8043c495b371a0335667c%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D IP198.134.116.30:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectsavethereef.xyz Fingerprint57:B5:35:BF:86:FB:E7:13:24:C1:26:D5:30:AE:7A:A5:7C:79:C1:D2 ValidityWed, 27 Mar 2024 06:41:45 GMT - Tue, 25 Jun 2024 06:41:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=491151&url=t4.lowtid.com&subid=custom_123j1djb25.no.linux.firefox&query=613633_612978&pub_clickid=6628c345b8546e0c5c0a281a&default_url=https%3A%2F%2Ft5.hightid.com%2Fl.php%3Fp%3Dc%3Ata9_53qhga_rsxmy1%26d%3D63c8043c495b371a0335667c%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP/1.1
Host: go.savethereef.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://t5.hightid.com/l.php?p=c:ta9_53qhga_rsxmy1&d=63c8043c495b371a0335667c&s=du.491151&d2=t4.lowtid.com
|
|
| track-us.byte-builders.net/pop/imp?auth=n25uq8&c=t_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU | 88.214.195.96 | 302 Found | 0 B |
URL GET HTTP/1.1track-us.byte-builders.net/pop/imp?auth=n25uq8&c=t_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU IP88.214.195.96:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGlobalSign nv-sa Subject*.byte-builders.net Fingerprint6F:B4:9C:42:54:FC:D7:2A:62:1E:E5:FB:CD:C9:09:F7:FA:EE:2B:90 ValidityFri, 17 Nov 2023 08:37:05 GMT - Tue, 17 Dec 2024 12:20:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=n25uq8&c=t_JsruU979I-cktrhkTRKJ-ty3ModQ6jDZxF5gzQ9OdPyrA6JdkRJjB7rsHJ6xdk4SmHm46QATfDqutTQtbro69XEx1At62iM6wqMNac_NqQicIaRZtW8RHr4XUYZExW03mybLrgUZQr6QKfgJ7W_sFpoPERvJbWjx1MKEKm3l5q9OM6X9x94yPaa2rVp4abvxNPaGMPoxpXGPzEaxtWJlnFpRzvO1JZtr39rwoAWq34Wh-Ii982_cNS6NQaYRWeuUPeaAkjYviTSIaay3CbqyhpgYl3GB0qWZzkSESUdItWnHbfkrrRIfJxlwa7Z9AB-lP1Z2Ft_E81aqZPsX6hnNxmYRHVyn6a-ax9fANiB_rPEcnHa3vu_7TVIBcGXygGmSldS-4_xmjhseO8dyuID_T8zU6UX1ImtvEX-BqxZv_HF_2hAPuKp39J89dF9c42e9QEl4k1pe_KkWodhxKnrvT1THwvhDlJCTzGeBZGinEyaRioF43jP4RSd089xbNv2mvZyqmSQk6sIQ4U21ETaysmiryklyfGknkOQhFqbx5y9pSqim4QSrYbyVeyZrx6MXiLVjQiOjZHGDqyXl9xQR_Wa2BA7KkK9aGlGgTaIbGqYB6hD_H86c_b0-we95_mW-gYXguPH71S7d3P72eihEePx55qX1L46auuK-qDojAVYy9osSo6RRBEVWU HTTP/1.1
Host: track-us.byte-builders.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 24 Apr 2024 08:31:02 GMT
Content-Length: 0
Connection: keep-alive
Location: https://fairspin-h.click/67828/1389?l=3863¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03&utm_medium=67828&utm_source=31&utm_term=548226&utm_content=54175¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w
|
|
| porn13.com/thumbs/AA/8B/zK.jpg | 188.114.97.1 | | 40 kB |
URL porn13.com/thumbs/AA/8B/zK.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x198, components 3 Hash42603449437ac1d1ddd744443472f8b9 e90bf084919d3e6c614f4d5a9d80262e25839e5b 717d47a52c0fc2988fcf3bfdee1925b9c1146acde33421f204f04cb6efe9ef17
GET /thumbs/AA/8B/zK.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:02 GMT
content-type: image/jpeg
content-length: 39752
last-modified: Fri, 19 Aug 2022 16:07:06 GMT
etag: "62ffb52a-9b48"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1640915
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no1zp2v6OWaEUw8zv6efG%2BbKCN33lPSR2k1VU10NLr%2Folmc1oDXVsjnU9Vd%2BY6Uk5oKuTv%2FsCrkSTYlAXfYCfmri6qaNyc7bturzBpOmDbkKa2D1QJMXENmiuBWS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc19285cb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/JJ/g_.jpg | 188.114.97.1 | | 21 kB |
URL porn13.com/thumbs/AA/JJ/g_.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 352x197, components 3 Hash95c67a790cb3b1f4730abfe613f0edf2 c8f0b51acadaded340dcffa935cc1454fbc5d2f4 2fba935dbd4ac2f18c89030dba5dae914bfd3dd4802a2b87576459ef6dbd7f3b
GET /thumbs/AA/JJ/g_.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:02 GMT
content-type: image/jpeg
content-length: 21285
last-modified: Sun, 21 Apr 2024 04:11:16 GMT
etag: "662491e4-5325"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 252195
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ak0JJrKV9plXU%2B71Rvm7y218qm6XYPu%2F5TQ3r3fCnxsWqy5u4tXtw12EYOhcRTfjNYvfw%2FKmRyZt3PtiXLyvtjm9ODOIzcZ995Ukjks3eQGQZjOpYQMQt7KqQ4EF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc192858b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Ug/ys.jpg | 188.114.97.1 | | 27 kB |
URL porn13.com/thumbs/AA/Ug/ys.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x171, components 3 Hashbbcaf5cb7e0d9a078f7d2d62fb3aaad8 95ce03abf9618f05f521c48fe487bbdb7d06e5af 12414585deb56a9d483d9b23eea3a32dc04c1646385fc385b3edd78bc52b34c8
GET /thumbs/AA/Ug/ys.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:02 GMT
content-type: image/jpeg
content-length: 27104
last-modified: Fri, 19 Aug 2022 16:16:31 GMT
etag: "62ffb75f-69e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1640822
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSXz5sXWXBHHPATY%2BlVEdZecwUdETtzCquyXOwKFAbkdM45sKMmV3S0xyGlkjeJhBqoMMkrc%2Bi06%2BEW%2FPje4TWqa2HykMVJ79ecd1kKq91ygzMS3b7tpOx1PesbW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc193861b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Do/g4.jpg | 188.114.97.1 | | 18 kB |
URL porn13.com/thumbs/AA/Do/g4.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x198, components 3 Hash2e3a76e552b73eb352650cf6fabc1eda 9b89d8ad2511127ba533e7bd95296980853fae10 a3790214e3350c87aa73e6052872be9ef3cd4102fa6baead8ced673557cca4b9
GET /thumbs/AA/Do/g4.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:02 GMT
content-type: image/jpeg
content-length: 17477
last-modified: Fri, 19 Aug 2022 16:09:25 GMT
etag: "62ffb5b5-4445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1640845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2%2BnSd0LLz6%2FgqIdcvJl8s4FWTeoyATBgNF0ShpFEIJ3p8RUYXSCSmEtkpiGUJ2qHFwDKV87YSANh9ERivQdykfGeH%2Bh1i%2FhrbEdNUkljNb%2FqIXhOKnNEvX9cboj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc19285bb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/ap/VK.jpg | 188.114.97.1 | | 0 B |
URL hadesex.com/thumbs/AA/ap/VK.jpg IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/AA/ap/VK.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 0
last-modified: Sun, 24 Mar 2024 10:03:33 GMT
etag: "65fffa75-0"
expires: Fri, 03 May 2024 10:06:29 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1808674
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARcxDfbE3NSl11S94qX3A4%2B9gZAzNGacqBGdB83XkMSFO%2FtJNaDbASk3MjnIal8Z7BpClDtdLm%2BcR%2BF9NDh6p9Jm%2FiQo6pSQ6y7i%2Bvs3vgHw%2FkBt6xm9Zwoad%2F6Byw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1ba8d4b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ak.theepsie.com/sftouch?userId=008048e4bd8243aaecec4b909facf94a&z=6968056&p_rid=06e98c1e-ef66-48c9-b77d-b1cbf7c9e0d8&p_src=sf&branchId=0&rb=tC3bhgRx5VuqAVTX5T6jcZ-gLgZ7NJxa4F1EzgWZsibGuiVGIO89ve15I99RL4zBHPDdKnnZqCBz6zOb35eAHtaaGnWoCDUYUhJcDXH1sDtpnYgoHTVQOl_-63nWWaNdsWLnBTqZcO48lGNHoUvrCQTV0YHnsdu9ofKeR4HSdGj5wdnv9bbyeCSkk43GvNtEQXUtHADSecmLAvB2IcKx6rrruLO9_AteFhGvL9nUsb6ohXI0H1EFlFR5Ilu3J-d20HTeNOuXd62yx3wBM1zcdC5kniQ= | 23.36.77.17 | | 2 B |
URL ak.theepsie.com/sftouch?userId=008048e4bd8243aaecec4b909facf94a&z=6968056&p_rid=06e98c1e-ef66-48c9-b77d-b1cbf7c9e0d8&p_src=sf&branchId=0&rb=tC3bhgRx5VuqAVTX5T6jcZ-gLgZ7NJxa4F1EzgWZsibGuiVGIO89ve15I99RL4zBHPDdKnnZqCBz6zOb35eAHtaaGnWoCDUYUhJcDXH1sDtpnYgoHTVQOl_-63nWWaNdsWLnBTqZcO48lGNHoUvrCQTV0YHnsdu9ofKeR4HSdGj5wdnv9bbyeCSkk43GvNtEQXUtHADSecmLAvB2IcKx6rrruLO9_AteFhGvL9nUsb6ohXI0H1EFlFR5Ilu3J-d20HTeNOuXd62yx3wBM1zcdC5kniQ= IP23.36.77.17:0 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectak.hetaruwg.com Fingerprint25:F9:4E:BA:86:65:45:64:6B:96:B1:61:8C:D3:05:24:CD:CF:AD:8C ValidityMon, 15 Apr 2024 13:59:12 GMT - Sun, 14 Jul 2024 13:59:11 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008048e4bd8243aaecec4b909facf94a&z=6968056&p_rid=06e98c1e-ef66-48c9-b77d-b1cbf7c9e0d8&p_src=sf&branchId=0&rb=tC3bhgRx5VuqAVTX5T6jcZ-gLgZ7NJxa4F1EzgWZsibGuiVGIO89ve15I99RL4zBHPDdKnnZqCBz6zOb35eAHtaaGnWoCDUYUhJcDXH1sDtpnYgoHTVQOl_-63nWWaNdsWLnBTqZcO48lGNHoUvrCQTV0YHnsdu9ofKeR4HSdGj5wdnv9bbyeCSkk43GvNtEQXUtHADSecmLAvB2IcKx6rrruLO9_AteFhGvL9nUsb6ohXI0H1EFlFR5Ilu3J-d20HTeNOuXd62yx3wBM1zcdC5kniQ= HTTP/1.1
Host: ak.theepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.theepsie.com
DNT: 1
Connection: keep-alive
Referer: https://ak.theepsie.com/4/6968056
Cookie: OAID=008048e4bd8243aaecec4b909facf94a; oaidts=1713947462
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2
x-trace-id: 99ec1ffd48b9e7f9dcc72354a7270c98
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ak.theepsie.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Wed, 24 Apr 2024 08:31:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 24 Apr 2024 08:31:03 GMT
X-Firefox-Spdy: h2
|
|
| t5.hightid.com/l.php?p=c:ta9_53qhga_rsxmy1&d=63c8043c495b371a0335667c&s=du.491151&d2=t4.lowtid.com | 51.161.115.163 | 302 Found | 0 B |
URL GET HTTP/1.1t5.hightid.com/l.php?p=c:ta9_53qhga_rsxmy1&d=63c8043c495b371a0335667c&s=du.491151&d2=t4.lowtid.com IP51.161.115.163:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectburned-koala.landingtrack.com Fingerprint44:66:30:52:DF:94:4D:7B:75:C2:24:FF:D5:68:54:BC:45:12:80:B6 ValiditySat, 24 Feb 2024 19:21:31 GMT - Fri, 24 May 2024 19:21:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l.php?p=c:ta9_53qhga_rsxmy1&d=63c8043c495b371a0335667c&s=du.491151&d2=t4.lowtid.com HTTP/1.1
Host: t5.hightid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 12mw6ufnb4
Raund: 2to
Location: https://go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=du.491151&pub_clickid=6628c34787a2781e48513178&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D
|
|
| hadesex.com/thumbs/AA/62/5w.jpg | 188.114.97.1 | | 40 kB |
URL hadesex.com/thumbs/AA/62/5w.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash1b417aaaccda6865698de32d8d9c2463 7db57373d18850a5f772a8387b01b162a9837081 4d7e546f8d9cc2e493b91d41d3f86fabd2fb4ab5c9de2b595193f1603c6c43e5
GET /thumbs/AA/62/5w.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 40360
last-modified: Fri, 22 Mar 2024 15:27:20 GMT
etag: "65fda358-9da8"
expires: Wed, 24 Apr 2024 10:43:29 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2584054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNbmtdvSl%2FJsOeq65BTcY1h8hZh4DiO%2FRkXrXW8nA2FOvDSxldZdgxb%2FMRcu6w4RCLWqJ0rPHD%2BqlDLU9YPxj8kQ6VtP1WP%2Fp3p1yZt8MGaGQZdFBHgNvkV5ULtoVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1bf91db524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hadesex.com/thumbs/AA/Ga/1y.jpg | 188.114.97.1 | | 41 kB |
URL hadesex.com/thumbs/AA/Ga/1y.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hashd9d6d6c8f8f44e82e4e7ec17c5a8ba98 fab613e6a5d46f855766df5b54de6a13c9a10e35 82569182c17152e3887c5137a0021d17ba6c6d23bf21c4381f08c9566edecf9f
GET /thumbs/AA/Ga/1y.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 40624
last-modified: Fri, 22 Mar 2024 15:53:11 GMT
etag: "65fda967-9eb0"
expires: Wed, 24 Apr 2024 09:40:09 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2587854
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opzuIpZuMQizBnKaqTaw1swMBOh5o0jWy8FAhftjgtRSQAWFVunma74cQUaC2074O49Lm264IsEyf49fI1ELbNB1L8t%2BdMgg%2Fvp8qMNi%2FSn4iNSMNO%2FwRFSBDmYE8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1c195bb524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fairspin-h.click/67828/1389?l=3863¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03&utm_medium=67828&utm_source=31&utm_term=548226&utm_content=54175¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w | 3.69.185.50 | 302 Found | 1.6 kB |
URL GET HTTP/1.1fairspin-h.click/67828/1389?l=3863¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03&utm_medium=67828&utm_source=31&utm_term=548226&utm_content=54175¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w IP3.69.185.50:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectfairspin-h.click Fingerprint04:DA:BE:F5:43:6C:0F:8E:25:E1:F8:C6:31:34:C3:8B:E6:77:06:15 ValidityMon, 15 Apr 2024 08:59:42 GMT - Sun, 14 Jul 2024 08:59:41 GMT
File typeHTML document, ASCII text, with very long lines (709) Hash8519b7436eb91a04ea5ea742895d54df d11bd25f21901318ca1c6b09b115a39bf8d5f7dc 9261d3e3d983075f75bcea248e8b6d876a4d683fd7760f3b64ebe3525c7d00d7
GET /67828/1389?l=3863¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03&utm_medium=67828&utm_source=31&utm_term=548226&utm_content=54175¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w HTTP/1.1
Host: fairspin-h.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Wed, 24 Apr 2024 08:31:03 GMT
Location: https://smarttds.cloud/r/EJgj?track_id=243820055&pid=67828&geo=3143244&utm_source=31&utm_medium=67828&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w&utm_term=548226&utm_content=54175¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3¶m6=
Set-Cookie: 2b30eb962003529aa1d435285d39b1c0=MTgwOTkyOTYx; path=/; secure; httponly; samesite=lax
|
|
| md-static.com/js/jquery.min.js | 188.114.97.1 | | 124 kB |
URL md-static.com/js/jquery.min.js IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (65451) Size124 kB (124094 bytes) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /js/jquery.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:02 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 23:02:39 GMT
vary: Accept-Encoding
etag: W/"5eb09f0f-15d84"
expires: Thu, 23 May 2024 03:30:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104453
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0f8JmZUyDh4oFOYGrzanQ8f0x7rQGiejU7W4cX7MarcbrYp8FS1QVW267kdYXDP%2BKs9jLo82rCEo40yOyz0FF%2BJV%2BG4qCgJBrHZkafy%2BSAHSF%2FpWT3LSdFu6tZ0BumvC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc19ef63b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/9X/4I.jpg | 188.114.96.1 | | 25 kB |
URL lovefootjob.com/thumbs/AA/9X/4I.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3 Hash73f71341cf4be9aa3dceddd02655661d 392820d89ed970a13af645612eb7404f27aa965f 1a865253447a81e92f47a7b26fcfab9162b9d7bfb50f5b4daf5ff16baa7f9840
GET /thumbs/AA/9X/4I.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 25296
last-modified: Wed, 28 Feb 2024 17:02:47 GMT
etag: "65df6737-62d0"
expires: Sun, 12 May 2024 00:25:18 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1065945
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1eat5daaYOx8RRJwUfdSq5mKmwGR5MCMtAxU6DImXVer%2FZu7Ik0Cpvzj4Fw1IOYNBpnjIab4EPtorTE6nYbzkcsBycepLAkW1a8QIGgoWm5k2KQp6h7qAHwfEMXlMb1wrhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1ccbcb56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/17/LH.jpg | 188.114.96.1 | | 178 kB |
URL lovefootjob.com/thumbs/AA/17/LH.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 852x480, components 3 Size178 kB (178203 bytes) Hashc1b5eeca4725f5c0ed8ca6a82097a0de 424b70e2c133449badacf11b32b3e4a145c69137 5ba32bf15cbe9cbb2bd8c99b35314073ca6ca5ba38f3882467f275c677ac7469
GET /thumbs/AA/17/LH.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 178203
last-modified: Mon, 09 May 2016 00:25:07 GMT
etag: "572fd8e3-2b81b"
expires: Thu, 09 May 2024 07:08:09 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1300974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EC30zfr1l1e%2BBtPp9RiHizPahQPg%2Fcccc0YjUGG2A%2BwfCo2Bwj33KTpdqyCs6h03qtsBhaPKPojbs%2BWT6SgZdHGSuFmfPho%2BxZu7qx7gzPfvwSDj9P8knKqNlAALUydx3gg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1ccbc656a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/Yn/UM.jpg | 188.114.96.1 | | 123 kB |
URL lovefootjob.com/thumbs/AA/Yn/UM.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size123 kB (123405 bytes) Hash4eb01c42fef2b5aebd30233d178400c3 9d2d51e35ae49ee7887310d29dee573bd9a9d969 2b8c44ee739a2ddc71a48e1c4877909a82520a7a63bf0ec767e9c2ee82861cfe
GET /thumbs/AA/Yn/UM.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 123405
last-modified: Thu, 29 Feb 2024 12:17:21 GMT
etag: "65e075d1-1e20d"
expires: Sat, 04 May 2024 12:25:25 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1713938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Xtf49f9tAYVnoWftGiNK%2FfIi%2B6pvzidztiXPqnQBPhTtclW031Dwl58MZngJAR5L8lcjRoeKbXJCHDsQKgyWsrzRVtGktGrvZ2JhAIVWZ5F%2F8PlpAAh4l6Mh3LlJu2IUsY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1ccbc756a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/5n/k1.jpg | 188.114.97.1 | | 33 kB |
URL hadesex.com/thumbs/AA/5n/k1.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash1cd11f9aa2bf866b40bd400ebd619d25 ff28b6c6de251812d9cfa4b5cc9a084613a23485 3953372a397118518dd31899c0f55b6bbba84ccd212e4bfe873ebde39d1ef956
GET /thumbs/AA/5n/k1.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 33355
last-modified: Fri, 29 Mar 2024 09:12:28 GMT
etag: "660685fc-824b"
expires: Mon, 29 Apr 2024 16:49:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2130103
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FX%2B62V97rcO5mIflX2JzsZbqvQFawWSchc8TIcfBU9yxK1jdtquqleaboSC%2FJ%2FMRjBR0kg1CAjdRXOw0Jr7XL4HREfXUHpB1su86oV4MWfdWyVxkruttt5yOEJIQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1cb9e3b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xcumwebcam.com/thumbs/AA/j1/7B.jpg | 188.114.96.1 | | 25 kB |
URL xcumwebcam.com/thumbs/AA/j1/7B.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 556x416, components 3 Hash7a9745443e92e2c8921f02851512e636 88e93fea923647bcb7093708cd881ff70ef5cb87 38df46a26a1e898f11893257790cfb573b0ba0cf872b1225df823b71bb0c19a2
GET /thumbs/AA/j1/7B.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 25245
last-modified: Wed, 28 Feb 2024 17:11:33 GMT
etag: "65df6945-629d"
expires: Sun, 19 May 2024 01:18:08 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 457975
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABvBXkSja67uS82FGcFj4MYgh26yHax9kcK4eZXbBvKxRGmvvc3MMBqoLk%2BQ99d7n6gZFHURMHPN6oHsP%2FUsoqdoe%2Bsuxem5i9Sw0LiwnKRasKPHRyKh2nzbL4byDSUC3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1d8aa50b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/ax/ge.jpg | 172.67.223.1 | | 170 kB |
URL voyeurix.com/thumbs/AA/ax/ge.jpg IP172.67.223.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3 Size170 kB (169814 bytes) Hash9e76c1a94e94b4c30a32c7781a159a7f 071b7c8123bc9f05653d750b7a2a69489a7b65ed b9a592ea6bd05a5b1bfaa8a6f034c34652081b147676c00c43dd7c1e311b017c
GET /thumbs/AA/ax/ge.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 169814
last-modified: Wed, 28 Feb 2024 16:00:58 GMT
etag: "65df58ba-29756"
expires: Fri, 03 May 2024 00:25:29 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1843534
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpQlQoipSHEMPf6SKQvMyr%2BEpZvh1K%2Bju3zjwBqSOn9vaTZN001YIMvaTGgWD%2Fw18N3bvo4iLFq8kgnAAaHs3n%2F5qI4gE41IV4WqKnBppWpHLnMXX%2B3EgWfmjBikjaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1d8bd6b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/oP/Fv.jpg | 172.67.223.1 | | 91 kB |
URL voyeurix.com/thumbs/AA/oP/Fv.jpg IP172.67.223.1:0
File typeJPEG image data, baseline, precision 8, 1136x640, components 3 Hash2a744953fa262e373cac677aa11772f3 41f702c33fac7f0cfa8c99c9f3509a00e50dd9a3 5a49244caab029409e65c07dd1146dad020c461fb164641c46e59cb99c7549ed
GET /thumbs/AA/oP/Fv.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 90769
last-modified: Tue, 01 Oct 2019 20:28:14 GMT
etag: "5d93b6de-16291"
expires: Wed, 01 May 2024 20:16:43 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1944860
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZxntGDXuuHQy5zPJaTY02D2aMYQO820DFdM3Z%2FZ6xGnXBVg%2FQTcPORoBbYR1NRMWgfq5TsBXpiQ936ekbyOqB6M%2FYAFwLffxQunX%2BMMzs2t6gaWmybBCCg9BAZ0Q9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1d8bd1b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xcumwebcam.com/thumbs/AA/j1/7B.jpg | 188.114.96.1 | | 25 kB |
URL xcumwebcam.com/thumbs/AA/j1/7B.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 556x416, components 3 Hash7a9745443e92e2c8921f02851512e636 88e93fea923647bcb7093708cd881ff70ef5cb87 38df46a26a1e898f11893257790cfb573b0ba0cf872b1225df823b71bb0c19a2
GET /thumbs/AA/j1/7B.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 25245
last-modified: Wed, 28 Feb 2024 17:11:33 GMT
etag: "65df6945-629d"
expires: Sun, 19 May 2024 01:18:08 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 457975
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8bD%2BcCKUlMUsCvLRaGJv0TNWyM60FEilRbKSNTuOI6rpZdtxQb9TQYsUGGgLcKljiWQTk5zAx2ycYYCFZ0sTMB2n7FEMHvf6zT%2Fl7Sjnp%2BFbWvJyi0%2FSG4Bme%2BqCWJrIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1d8aa40b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xcumwebcam.com/thumbs/AA/Gd/yn.jpg | 188.114.96.1 | | 114 kB |
URL xcumwebcam.com/thumbs/AA/Gd/yn.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size114 kB (114292 bytes) Hash027730f195eadc5d227817b2849235b5 f888e055000443b2c871a6eb6b8e74e568f917c4 37da40d176c985197c4ca52fdc9ab72567837dd50bd8fab1dcec7fbf3dc04773
GET /thumbs/AA/Gd/yn.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 114292
last-modified: Thu, 29 Feb 2024 12:11:40 GMT
etag: "65e0747c-1be74"
expires: Tue, 21 May 2024 12:25:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 245152
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cAO%2Ba0%2FYdz4kKuiTFwESXS8JGGMIy4%2BpfwYA34zv9SQ7H5UVxE%2B6uHj4qr%2FNmW98%2B8eVt7vLQTVnyIDuv8Q7xj%2Fqxdu7lXEGfwNMt2SH4BhkAZE5mhnj52KOvN%2FbxE0Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1d8aa70b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/eg/ZQ.jpg | 172.67.223.1 | | 111 kB |
URL voyeurix.com/thumbs/AA/eg/ZQ.jpg IP172.67.223.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3 Size111 kB (111049 bytes) Hashe2fd5e2818c64e8657cd9f8bcc57e291 b71449ff020d0885443d60a6eafb4caeab94ab86 8e6e83aef1b8a5f035580bb4b3a651c708559bd575d2f73cc3a088fce95b997d
GET /thumbs/AA/eg/ZQ.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 111049
last-modified: Wed, 28 Feb 2024 15:48:32 GMT
etag: "65df55d0-1b1c9"
expires: Sat, 04 May 2024 04:16:02 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1743301
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCS57zPK%2BWKMexwz5WD1bKDzf8fxjsj%2FnwP%2FGb1dNlBZwmhWihyPyysZrlwYMkQmsNUbfM4k7ZGEhVqecx85VvqvC6mB1oepK6U0JwoE8RpYI%2BuRgpaOcWQ%2B8GfDUhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1d8bd4b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/main.css?v=4.6 | 188.114.97.1 | | 127 kB |
URL topsites.hadesex.com/main.css?v=4.6 IP188.114.97.1:0
File typeassembler source, ASCII text, with very long lines (1663), with CRLF line terminators Size127 kB (127339 bytes) Hasha4ef7f0d6007f4cc5662fad2b7659b03 29632e93afb0c6c9e3ddbe09314db753f9005c27 d18e5826f21b3d4673dae7c9900bab0ced08c165ebfbcd1fd7d8f4d1955043e8
GET /main.css?v=4.6 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:31:02 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 12:37:24 GMT
vary: Accept-Encoding
etag: W/"66168804-cec6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: dfb18ac1139805e7559bcd238156cda8
cf-cache-status: HIT
age: 1194765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHbdpOkvefUmUASi6n5jWVdTe%2BMQBRmyouEKe7eareC7IAMfbXXqJGg4QFZzJZPIIQ80fTMb5Xaoo3NHVRIE%2Fr6sEklTH63Zvbz9ku0ceJee9eoJ8rdWZK5UKWdttpPiMBVhOEVUnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc18ce2bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=du.491151&pub_clickid=6628c34787a2781e48513178&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D | 198.134.116.30 | 302 Found | 0 B |
URL GET HTTP/1.1go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=du.491151&pub_clickid=6628c34787a2781e48513178&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D IP198.134.116.30:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectsavethereef.xyz Fingerprint57:B5:35:BF:86:FB:E7:13:24:C1:26:D5:30:AE:7A:A5:7C:79:C1:D2 ValidityWed, 27 Mar 2024 06:41:45 GMT - Tue, 25 Jun 2024 06:41:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=du.491151&pub_clickid=6628c34787a2781e48513178&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D HTTP/1.1
Host: go.savethereef.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:03 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://t10.lowtid.com/s.php?p=c:5mklge2tsml349y_c&d=655744eb46c1f060291a7ac7&s=du.465513&d2=www.twtch.co&d1=du.491151
|
|
| handjobxxx.com/thumbs/AA/os/gj.jpg | 172.67.207.38 | | 176 kB |
URL handjobxxx.com/thumbs/AA/os/gj.jpg IP172.67.207.38:0
File typeJPEG image data, baseline, precision 8, 1364x668, components 3 Size176 kB (176281 bytes) Hash0dcc693420ce623aa2752f0dc4e7b665 325e085ecdaa7e360dae3811de9d1f8592d6a740 b68001ef1b957c3f9ac6ed3ac9f4518feadc08b17e8c8c0f8ce5209b00ce6da9
GET /thumbs/AA/os/gj.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 176281
last-modified: Fri, 26 Jan 2024 14:10:55 GMT
etag: "65b3bd6f-2b099"
expires: Tue, 30 Apr 2024 11:22:37 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2063306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFJD5OvGfVXss8xrpd9GrkroPFvzwX2NLzCurLtCoUg%2Bq%2FKnGgO%2FeiuQ66y4ZNbphqk2h%2BHUmIuQ1swyYlqO02J%2FB4K7nIJ7ZWQtrxUudIwoybae2qdX9dZ0SCaidwR%2BOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaec956b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/Ck/Eq.jpg | 104.21.69.189 | | 100 kB |
URL 69lesbi.com/thumbs/AA/Ck/Eq.jpg IP104.21.69.189:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash69d0525e6dd318fe570789cfa472f47a c1cfac11abd2323b55572976595a72eb1f04404a e8f24b71194ffc78fbc6af434afaaef305f23648485b8a6e07454c00f56ff60a
GET /thumbs/AA/Ck/Eq.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 99920
last-modified: Wed, 01 Nov 2023 10:05:19 GMT
etag: "654222df-18650"
expires: Thu, 09 May 2024 03:09:26 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1315297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xN0nrL5EVnNhr%2FDYolKpsmud52Un8QXyg9v2ED9WAFfl0FkLPz0uLDxRS2RNTY%2BPPv3j%2FdT04SLcvoA2IWaO1a0zljuAKmwSzA2d5BAIXewZoj4qrEViZti%2B%2FFpdtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaebfb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/wZ/JV.jpg | 104.21.89.51 | | 16 kB |
URL groupsexxx.com/thumbs/AA/wZ/JV.jpg IP104.21.89.51:0
File typeJPEG image data, baseline, precision 8, 320x240, components 3 Hash283548b2320f7c775271c12665263c2c 470275e5a9f98dba7a6543b705c18e5b56638edb 62aa69abefab21ae29333cb3458a9ea29dbdc77e36de8cfa3ef70193f76105ea
GET /thumbs/AA/wZ/JV.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 15892
last-modified: Sun, 10 Mar 2024 17:08:17 GMT
etag: "65ede901-3e14"
expires: Fri, 26 Apr 2024 11:35:25 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2408138
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJLU7Hq4fBlgKHX2l4%2FlyHXiq7c9A3BXuWFJe8H4tNDEt1EEVUpOaKbv30t0JTVwmS9mquQMZS2%2F9rYyYoEf9ZPMkWnovM1mnHgB7D1xrc4OWLBqgGqwhFs29Uil8hBj2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaf7056c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/LS/l1.jpg | 188.114.97.1 | | 142 kB |
URL 69ebony.com/thumbs/AA/LS/l1.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size142 kB (142026 bytes) Hash8bd462f1b7d7f1c58a5b88ed9d937f4b c4b58e05c4354b077b9214630965950f880707b7 1423a31ba5234ca27d32e50f74fb92b8568b80a307d46a6b07253054108e5bbd
GET /thumbs/AA/LS/l1.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 142026
last-modified: Wed, 28 Feb 2024 16:33:46 GMT
etag: "65df606a-22aca"
expires: Wed, 01 May 2024 02:25:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2009163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdkroL%2FxouO2hoTe%2FjCoLPOIduEQAeh%2BBEcWrYp98aS01aI0U1GSY2uze05APlH9%2Bl9L9aAlcwjMgUyMOguCTyePJRm7%2FksjpZ2laPWy8oVhlUv%2BiEDgedaWpo340A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaad1b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/21/hv.jpg | 172.67.207.38 | | 102 kB |
URL handjobxxx.com/thumbs/AA/21/hv.jpg IP172.67.207.38:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size102 kB (102091 bytes) Hash4f7603b5e5733cde1fa17e4552dcf1e6 f78f4fbd8b0415aa0cfdf7902fa02a718541c4f4 66c2438becd789328c3003bc1ab7c5dc411f7b478ee704a9df6b1b24b90a1814
GET /thumbs/AA/21/hv.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 102091
last-modified: Tue, 19 Mar 2024 17:51:08 GMT
etag: "65f9d08c-18ecb"
expires: Wed, 01 May 2024 12:25:14 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1973149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJoXC0C0yOY778%2BUvAopOeaiPrQHWuX%2B%2F2jO8L8QPKf7aLsekwk9jnRfY8LuvujZ9sKsF2NvZwP48%2FBPQuTpk8QE28bOFKzCUd6wlLkQmpZ8OO4u%2Bgl7LxqmuDPLPE%2Bv8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaecb56b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/DV/tg.jpg | 172.67.207.38 | | 242 kB |
URL handjobxxx.com/thumbs/AA/DV/tg.jpg IP172.67.207.38:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size242 kB (241625 bytes) Hashd9ce36e6df92f87d9cd9b399585defaa 2593a1cc9a2007a41077a8f309c4d66c220d67cb 256280fca2683e52c974419fa4aa3e567d2ef6b9c8a39b34151daa5fb14511d6
GET /thumbs/AA/DV/tg.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 241625
last-modified: Mon, 13 Nov 2023 14:03:18 GMT
etag: "65522ca6-3afd9"
expires: Tue, 14 May 2024 03:13:33 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 883050
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1zFCeOmSwhcGRO77HzK2OD%2Bm7RWk%2BMSsZdzc636hbVTYGhqzGgbmT0wSAOuaatKSpFQGtoUeZcEXceLeVRH%2B49Y3blftjFvuvxyMzz9PN32wAyRQBpO3lwv4NFBBDiB3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaecc56b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/nq/Lh.jpg | 104.21.69.189 | | 95 kB |
URL 69lesbi.com/thumbs/AA/nq/Lh.jpg IP104.21.69.189:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash0bb16c4bdff639163999768dea705585 bb7bd73c6cf230a5dd708890d37d94784777043f 5df4248313ad05cf6a7d05d033d8778974c3be587fe8a54d8511473074881e1e
GET /thumbs/AA/nq/Lh.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 95445
last-modified: Sat, 13 Apr 2024 04:12:14 GMT
etag: "661a061e-174d5"
expires: Mon, 13 May 2024 21:26:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 903891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kT7ZEcxmOLV3PQ3Wmn2WDaNssx0ME3dNMFTn0jY3LQjfKVaiYiThVVnypYynZ78HiMKe%2FK%2Bg1p7TErGYStbRlIKZ6fWM%2B6sZvg89fTJ%2B9UWetiQDA%2FkwvPZiE0Pmog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaec3b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/nq/Lh.jpg | 104.21.69.189 | | 95 kB |
URL 69lesbi.com/thumbs/AA/nq/Lh.jpg IP104.21.69.189:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash0bb16c4bdff639163999768dea705585 bb7bd73c6cf230a5dd708890d37d94784777043f 5df4248313ad05cf6a7d05d033d8778974c3be587fe8a54d8511473074881e1e
GET /thumbs/AA/nq/Lh.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 95445
last-modified: Sat, 13 Apr 2024 04:12:14 GMT
etag: "661a061e-174d5"
expires: Mon, 13 May 2024 21:26:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 903891
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjzbZ0DYMGTTBOXh1BKvpyvhbN%2FPpkyh23zWXhurWsEP36torY8tcojKmhFamUQDUHJEi%2Bwpv15163TSLmmPWIeKunuHQI2uF9fI6Ottng8jJmYYjyncnPgIEBxGSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaec7b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/1z/_P.jpg | 188.114.97.1 | | 288 kB |
URL 69ebony.com/thumbs/AA/1z/_P.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size288 kB (288381 bytes) Hash03c7a52d867d1821dabbd607b472334c dfcb156529387624cdfaac36207cd00d055430a6 9e1982c4cf6c7163a07df61029f09b4f588b4722c58389a60919cb6eeb293e45
GET /thumbs/AA/1z/_P.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 288381
last-modified: Tue, 14 Nov 2023 08:17:10 GMT
etag: "65532d06-4667d"
expires: Mon, 20 May 2024 15:46:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 319473
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFhsuPldiI5Kq9NlgAzwhWLpp3Ao41EVm7MV646gRsYEqTXt%2Ftk%2FtEDExAp9vyg7CUCtuMdsn2uyfREjXTaRyUnXLWqSzTsxC8bPwXloKNfWsK2%2FBEt9FrLXvXbr4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1f5c4eb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/LS/l1.jpg | 188.114.97.1 | | 142 kB |
URL 69ebony.com/thumbs/AA/LS/l1.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size142 kB (142026 bytes) Hash8bd462f1b7d7f1c58a5b88ed9d937f4b c4b58e05c4354b077b9214630965950f880707b7 1423a31ba5234ca27d32e50f74fb92b8568b80a307d46a6b07253054108e5bbd
GET /thumbs/AA/LS/l1.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 142026
last-modified: Wed, 28 Feb 2024 16:33:46 GMT
etag: "65df606a-22aca"
expires: Wed, 01 May 2024 02:25:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2009163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Brd62yV8lk5Maapxu6zobCS9uhAY%2B8DWRo6azIUS8tCWTgOM%2BLOQ1I7YtTHTZ0mxHV8ZINsBwdS%2FiQFyIlFwsj%2FFrAo0YotiNaXiwXar5CYBeKeLgcSwKT4X1vCA%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1f5c49b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/Ck/Eq.jpg | 104.21.69.189 | | 100 kB |
URL 69lesbi.com/thumbs/AA/Ck/Eq.jpg IP104.21.69.189:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash69d0525e6dd318fe570789cfa472f47a c1cfac11abd2323b55572976595a72eb1f04404a e8f24b71194ffc78fbc6af434afaaef305f23648485b8a6e07454c00f56ff60a
GET /thumbs/AA/Ck/Eq.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 99920
last-modified: Wed, 01 Nov 2023 10:05:19 GMT
etag: "654222df-18650"
expires: Thu, 09 May 2024 03:09:26 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1315297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6A%2FuwjkZrO5wvlYQ1C62PdKg%2BBj7PZcvyvv0JaNxIsdAw3jyUKXG78rtUMV8spoFMVLoAZyLjxHtrJ%2FRC6Wq%2FDzLE5JqNjJr0ZomQznmau4seFIWeNq5x9%2FefrlfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaecbb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/2V/xX.jpg | 104.21.89.51 | | 95 kB |
URL groupsexxx.com/thumbs/AA/2V/xX.jpg IP104.21.89.51:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashf28f795ee64834b5368139ad20c876fd 8ff22163ef5183111fad8db10f3b2cd69db974bd 3c9a145919f1939235b3e22146449eacaf2e0016b12277c67926ccf5bd7fa8c0
GET /thumbs/AA/2V/xX.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 94740
last-modified: Fri, 26 Jan 2024 12:57:31 GMT
etag: "65b3ac3b-17214"
expires: Sun, 05 May 2024 13:47:09 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1622634
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObZx24GzJMpG8e%2B4P9lFCr2moUC5uIpSHGukZTzqVqRJUupbtElh4zehG%2B8nj0ypF9JjY10vGwWAazF6ztjHDRy1hfTpFhj%2FCFuyKZdebj7Qw%2FvxjmfAfAOegLnt4Uj74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaf7356c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/Fp/LQ.jpg | 104.21.89.51 | | 299 kB |
URL groupsexxx.com/thumbs/AA/Fp/LQ.jpg IP104.21.89.51:0
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size299 kB (299241 bytes) Hashbfef495de2a253234039f69a0b5d433a 38a4db2a3d7259b1b068ba8e978acfb29b37f7b0 20decf461c72462f775c094d5ac989a5af760278aa58d70ca76455b59fab5e23
GET /thumbs/AA/Fp/LQ.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 299241
last-modified: Sat, 16 Mar 2024 17:10:03 GMT
etag: "65f5d26b-490e9"
expires: Fri, 17 May 2024 18:08:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 570137
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXUTPuuElbsjygngMaP%2FvX0BaGhP6npYExWxrobWhsBuN%2FgfYVW1yCxgY05CIcbcL7KDLOEWDffFe84h8XQIbrqPJcjPTjGI7rQrvAc09bOQYuI57J1yxw0fC0dEwby52w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc1eaf7156c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/Gw/nF.jpg | 104.21.44.50 | | 15 kB |
URL 69indian.com/thumbs/AA/Gw/nF.jpg IP104.21.44.50:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashc450313afbab70ff5b5d0d512901624b 78032f8a54753de3fd02b3fd38779557042cbcd8 f107727eef3132900b7c01b8c940226c65014dbe3b6e6cb138d6a48fb384953f
GET /thumbs/AA/Gw/nF.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 15113
last-modified: Thu, 18 Apr 2024 11:15:10 GMT
etag: "662100be-3b09"
expires: Wed, 22 May 2024 12:40:25 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 157838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MpKeieNxCOBeUiN7LHtohFJnSjbq7ze%2B%2Bm1ElV%2Bja3PC8Yudtj8s5lEzXflgKpl4GSi9%2BbFhY%2BRYl30182w%2BV6MYoGMrvZ%2FTaAhS38M612XYHDpkLsZH5W6pFIIEMh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc21283356a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/Ar/tR.jpg | 188.114.97.1 | | 94 kB |
URL 69ebony.com/thumbs/AA/Ar/tR.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashcae8a97a867412a5d55f7f67b732bd80 28b84e2dcc964892e1bf3f591419ed9814b6b382 3305ebc505be119c037b4e3c7dd7d928d01ab5125068f66363d3de8683fe6125
GET /thumbs/AA/Ar/tR.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 94022
last-modified: Tue, 19 Mar 2024 17:11:25 GMT
etag: "65f9c73d-16f46"
expires: Tue, 14 May 2024 15:21:31 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 839372
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvGvhZT03qmRQ1yB93ErTDDpbVrI%2BhJJZ8A7%2BAozqfCOsIQUHP7ZCjHUW60A7DINTRFRG1T7Fg681fY1PH1uo2iF6VG4xJt14wwWD6sj8GWy64tEIiTbSvkRIcopSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc212f90b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/Hq/iM.jpg | 188.114.96.1 | | 13 kB |
URL gftranny.com/thumbs/AA/Hq/iM.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashd5adf2affc4c8aca38279781282332d9 4662d3dcf809209cf93df03f0259dd1251e8cc61 ac198adcfb57b7ef262e126a384d1273e3e94a77b95e15e46f8a976ab6eb49ed
GET /thumbs/AA/Hq/iM.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 12947
last-modified: Fri, 15 Mar 2024 14:20:10 GMT
etag: "65f4591a-3293"
expires: Tue, 07 May 2024 14:30:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1447232
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Il3vYx6fdxfaG9N%2BUtLXAK2963fHXLynUcigFicnA2b8gYcyjmCcz0RQbSKf6i6YNaS3sw32RVs5yQsHqNGAccoHyJwTfLCv6mzE2Em9K51iyJOSqJ%2B1O%2BGOukTIfLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc212b98568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/mh/_Z.jpg | 172.67.207.38 | | 130 kB |
URL handjobxxx.com/thumbs/AA/mh/_Z.jpg IP172.67.207.38:0
File typeJPEG image data, baseline, precision 8, 1784x1004, components 3 Size130 kB (130300 bytes) Hash2743f42b6ed440c0af0a15f99d5d4e31 90c5837813f96e72fa152ffbf8d56a658b3e677a b93928ef616dad402658732b961671bfc0a3f333291bfee7be569024e73395a8
GET /thumbs/AA/mh/_Z.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 130300
last-modified: Fri, 08 Mar 2024 17:02:31 GMT
etag: "65eb44a7-1fcfc"
expires: Thu, 09 May 2024 09:15:19 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1293344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49d5JKzJrxnLesLfVWNSSlGGNnTO%2F9obChNHTJ%2BvlF0QN%2FHBpn60r%2FJDy%2BALFHLbm2jtrGP%2BeGAxEqQlnuXh4fGxuJza2Nxo0YQ7dXPWKmhIQJYIK6OOsljsvM6rHWTv%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc219a6b56b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/j3/6c.jpg | 104.21.44.50 | | 16 kB |
URL 69indian.com/thumbs/AA/j3/6c.jpg IP104.21.44.50:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 320x180, components 3 Hash546eb6e0ce1fbfb97d7005df04b58649 7f4ee31bb87194b1b99c7b72416ccede79c88545 781b1b10affe3ca293739f43963a0cccfeac467b8d578abadfdf9749355be839
GET /thumbs/AA/j3/6c.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 16481
last-modified: Thu, 18 Apr 2024 10:46:19 GMT
etag: "6620f9fb-4061"
expires: Wed, 22 May 2024 12:40:25 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 157838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNczLgdEVzjBMCy28Ms8q5ltBxAHeQT6IhD5FH2R%2Faq7HTL6dhy7%2BiCzJfqwUMDiEPZTXPPbjSKd6ixn%2FjYV1yV07Mh6hYPk8QVZRlaBGXFfhU05sMLoEywYTEeE2Ww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc21283656a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/fw/P0.jpg | 188.114.96.1 | | 20 kB |
URL gftranny.com/thumbs/AA/fw/P0.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash98622c7f0c1ceb391999dfd4de2a4a00 6ba980bf9b47980249b59f769859675484a51fc1 e4008e753cd0c50eb38c97c57457d45d5dc9060d951baf341491b872099fbc8e
GET /thumbs/AA/fw/P0.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 19745
last-modified: Thu, 14 Mar 2024 14:13:08 GMT
etag: "65f305f4-4d21"
expires: Sun, 12 May 2024 07:34:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1040169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EIg4Py0yJRSs4NBuGRxEc4M0cuYYhJqhrOyrrzejTTL6gx2o1vS71Qz1ayPtl4AV0S1E4ZrCex3BAaG1gaMJ6YhU0Cyt5JpJWv07fXY6CNrn15SZ7cMuV9GfgC2mgU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc212b96568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/mC/Rr.jpg | 188.114.96.1 | | 16 kB |
URL gftranny.com/thumbs/AA/mC/Rr.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash76e3d166c22c93854ec2c68c2024eb5d 039d741e757e4a3e0d6393afb669eab414e5a0a3 f0eb0f5dff081c3d74b9f859a71a7d0c71a3db4df39cbb8ed684f34fe5e87a82
GET /thumbs/AA/mC/Rr.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 16396
last-modified: Sat, 16 Mar 2024 14:27:49 GMT
etag: "65f5ac65-400c"
expires: Thu, 16 May 2024 08:43:08 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 690475
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iptLfMANFOpGEUWqKttNLO465vaotWy2mJDhgDrxcwb8WYxxlean40oA61rPGj52leL1%2FBYwTt%2Bs7ZZjh6VbTgI1ywURjoNFZbvOcx9e8WESfkLFepxDsAs2jhdAu3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc212b97568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/Gw/nF.jpg | 104.21.44.50 | | 15 kB |
URL 69indian.com/thumbs/AA/Gw/nF.jpg IP104.21.44.50:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashc450313afbab70ff5b5d0d512901624b 78032f8a54753de3fd02b3fd38779557042cbcd8 f107727eef3132900b7c01b8c940226c65014dbe3b6e6cb138d6a48fb384953f
GET /thumbs/AA/Gw/nF.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:03 GMT
content-type: image/jpeg
content-length: 15113
last-modified: Thu, 18 Apr 2024 11:15:10 GMT
etag: "662100be-3b09"
expires: Wed, 22 May 2024 12:40:25 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 157838
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fEd7U%2BHqWC8HezJvGrCXiyqaGRbonKcMwOefzb1WLXZa2ti%2FPMXYygIwpqkSrSBSUOxVcLPjI2fiDz2wF1d013XcTGDno3dz28krRPc6x8EHgQK0AR8TqXJ%2BbwVxGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc21283756a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008048e4bd8243aaecec4b909facf94a&z=6968056&p_rid=06e98c1e-ef66-48c9-b77d-b1cbf7c9e0d8&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008048e4bd8243aaecec4b909facf94a&z=6968056&p_rid=06e98c1e-ef66-48c9-b77d-b1cbf7c9e0d8&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=008048e4bd8243aaecec4b909facf94a&z=6968056&p_rid=06e98c1e-ef66-48c9-b77d-b1cbf7c9e0d8&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ak.theepsie.com
DNT: 1
Connection: keep-alive
Referer: https://ak.theepsie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:31:04 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://ak.theepsie.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008048e4bd8243aaecec4b909facf94a; expires=Thu, 24 Apr 2025 08:31:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843z8832020053za200&_p=1713947458474&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=767867585.1713947460&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713947459&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&dt=Vidoza&_s=2&tfd=7331 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843z8832020053za200&_p=1713947458474&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=767867585.1713947460&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713947459&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&dt=Vidoza&_s=2&tfd=7331 IP216.239.34.36:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843z8832020053za200&_p=1713947458474&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=767867585.1713947460&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&sid=1713947459&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&dt=Vidoza&_s=2&tfd=7331 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 34
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 24 Apr 2024 08:31:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYqcwGYyNaqb6EflK06MRCxKf%2FogfWomk%2Fr05kMsTVWS5XnBUEQIcBlMM%2BK2vp0HsNScYW89wLwfI9TecGBkDhPbgfga2RVIA9NT3hWItTLrgI6ckKtnjGAIRZLoHKHzEN8MBsbEUuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc032ca35684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml-click-oax.adstork.com/nrtb/click?bid=-wf4kpw0i2Z5B07APnMFMKBVDqpk_es9RvwYGp40LwhVkg5st6ARj2hhE5JOnYKx_0_42 | 23.226.122.79 | 302 Found | 359 B |
URL GET HTTP/2xml-click-oax.adstork.com/nrtb/click?bid=-wf4kpw0i2Z5B07APnMFMKBVDqpk_es9RvwYGp40LwhVkg5st6ARj2hhE5JOnYKx_0_42 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.adstork.com Fingerprint90:C7:C6:2C:5F:EF:4A:42:2C:2D:9A:35:14:D4:1B:8B:73:B6:E3:86 ValiditySun, 21 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nrtb/click?bid=-wf4kpw0i2Z5B07APnMFMKBVDqpk_es9RvwYGp40LwhVkg5st6ARj2hhE5JOnYKx_0_42 HTTP/1.1
Host: xml-click-oax.adstork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:31:01 GMT
content-type: text/html; charset=utf-8
content-length: 152
location: https://latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713947460000-105
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 2598902
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bbfccc2a0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 104.21.37.74 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zL1w71Xicc3GyVZjgxJFzKKv2LXMEnUdF2oC4aMBzIUHzh5rEuDYml5aTzU7gPOL2a0VU6xWY2rxZDVqKGVqD7GmZrmD3t%2F4f7Il76HF%2B3fJz8xeIBb%2FOiDK8zaWoy33iWuVlSJLEsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc03acff5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 104.22.70.197 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CohOZeOb1xMSZ%2BHTUsfImZLbvEqa4vkKVJ1bSdKkcq99if2hWa%2FX%2B2IKUGa0Khmu1oNHn55RePDGaGgk7mtdV7niwHMHX40wQicF7lQ%2FDVFidd4m1GM%2F8gZ2ykiP33rwQNp%2BvyvW"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25960
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc048f7292d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| smarttds.cloud/r/EJgj?track_id=243820055&pid=67828&geo=3143244&utm_source=31&utm_medium=67828&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w&utm_term=548226&utm_content=54175¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3¶m6= | 0.0.0.0 | | 0 B |
URL GET smarttds.cloud/r/EJgj?track_id=243820055&pid=67828&geo=3143244&utm_source=31&utm_medium=67828&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w&utm_term=548226&utm_content=54175¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3¶m6= IP0.0.0.0:0
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/EJgj?track_id=243820055&pid=67828&geo=3143244&utm_source=31&utm_medium=67828&utm_campaign=fs_en_pop_visit_gambl_cpm_3_w&utm_term=548226&utm_content=54175¶m1=ubidex¶m2=video¶m3=cpm¶m4=2024-03¶m5=d9ebddcd-cc6f-4711-bc4f-15628e5a66b3¶m6= HTTP/1.1
Host: smarttds.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-1762a"
expires: Fri, 24 May 2024 08:21:05 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 | 135.181.208.216 | 200 OK | 915 B |
URL GET HTTP/2tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (1022), with no line terminators Hash846c5dca61d63a6568cfca34bdb98afd eb14080595025d8559b80962ab1fe8bfeb775d0b 454d73298c4cf3cc61c54e810f23825db51e8ca6032d917cb7e9cfa93dc31fcb
GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=PFTd52DTsm3lXGQYeJCc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.70.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zug0GuV8TT18l%2FvMZH%2FJnDeJHp7wf%2B1Y662Hj9%2BLzz2bUcCdNCoPp%2Fh0DEFIQdCRWhP4K%2BoKw%2FRmNo3FmNPd%2Fwhjcq0lNYxvJsnDWqwQO4JO8fVs77yEaENmOQytJ1Ua8d%2FapSMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 1970
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc0049f692d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i.wmgtr.com/cic/JYDtK1iSisOTCvcWpUMhbZjk7I5CzxDB.png | 45.133.44.32 | 200 OK | 10 kB |
URL GET HTTP/2i.wmgtr.com/cic/JYDtK1iSisOTCvcWpUMhbZjk7I5CzxDB.png IP45.133.44.32:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecti.wmgtr.com FingerprintC3:69:C8:AD:52:95:77:79:3A:41:14:93:DE:ED:EA:B0:DA:18:DE:0E ValiditySat, 20 Apr 2024 03:01:12 GMT - Fri, 19 Jul 2024 03:01:11 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hashd0dd0736dc2bbf32db53f45b6b86dd4d 5f1b4e4c3071a6d1edf256d1310ae7bd6e7c3c81 18c3a87f56824d7a9f1c97b38039e2a8a5069eeb529f96895e33ddee5a479f9d
GET /cic/JYDtK1iSisOTCvcWpUMhbZjk7I5CzxDB.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Thu, 25 Apr 2024 07:31:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-29645"
expires: Fri, 24 May 2024 08:23:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.168 | 200 OK | 203 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size203 kB (203346 bytes) Hashb7d1c6d6e64558d594720c9ffe15f172 78b8240a59294c92d7edc5d12c0b62330ae024ab 2416acede7a5fbb5145e1da1b9055cc29ecbebc0ad39e0bcee1aa26b5748dcf7
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 08:30:58 GMT
expires: Wed, 24 Apr 2024 08:30:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHKiXBy0l7LacH%2BN65nwfCjKwbbLjkRC%2BTr7M7duLRTDtzzVZVvAHvl7SpHFItUjO7Eju2hfq%2BTI5AdfQOjPMnKeZU2ELHGX3VwTaYjIauGvehC%2FtFNDy1GdGnqqOR0jH8vtdI85gT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc028a2e5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 034666f1f44eb1a1aa01f2a88a0b5a9e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 08:30:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezJKw%2Fa9svutWq1Hz6ZKaOs6d4llRFpIRyHpelmaRl%2F4wIC7zB0jNj%2BL%2BFPsTm7sWpy7YyeOD1ifkHHCRFSpClrhyioPy4r0C4EyyS2sQrh%2BAbZjgQnaBbPYhiYL6sv73ghsllD1JZPVTtP4evrrqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc02ccfd5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 359 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xml-click-oax.adstork.com/nrtb/click?bid=-wf4kpw0i2Z5B07APnMFMKBVDqpk_es9RvwYGp40LwhVkg5st6ARj2hhE5JOnYKx_0_42
|
|
| videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1183"
expires: Fri, 24 May 2024 08:21:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 42 kB |
URL GET HTTP/2videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:39 GMT
vary: Accept-Encoding
etag: W/"66163917-a554"
expires: Fri, 24 May 2024 08:21:10 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 5.4 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU5KSOCY2Jr8weIUjfhFuqA2i3sHrTJnYDo3DFY0d_rqw_0_4
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1; file_id=36610964; aff=17561; _ga_HEX1BG8H46=GS1.1.1713947459.1.0.1713947460.59.0.0; _ga=GA1.1.767867585.1713947460; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1; pp_main_57e9128f004dc8dd272477c7cdb9cf15=1; pp_idelay_57e9128f004dc8dd272477c7cdb9cf15=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:39 GMT
vary: Accept-Encoding
etag: W/"66163917-47e"
expires: Fri, 24 May 2024 08:21:56 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.93 | 200 OK | 310 kB |
IP143.204.55.93:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
Size310 kB (310487 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DVmNFqfSN0Yf8KgRB635bm009Uo-LoTRsLOi8m1lJBrTPaTKIMwWLQ==
age: 1119557
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HotFVmnOqpYh3MePvZIPGoTWTCpdlRCXidHdwtnHCMkDp%2FzI4LQ49EVJd7xePbkvkcJikYcTG20LLedEEnQTJLTUzzqX31srcqWV2JOyEei2Lhf2rj5%2B30wxOsJFNZi3TJIg8OAKfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc0259fd5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xdiwbc.com/template/classic.html | 104.21.35.183 | 200 OK | 3.7 kB |
URL GET HTTP/2xdiwbc.com/template/classic.html IP104.21.35.183:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectxdiwbc.com Fingerprint4C:9E:CD:66:04:60:40:2D:73:AC:21:55:F5:30:8D:45:40:A9:62:BF ValidityWed, 27 Mar 2024 10:25:19 GMT - Tue, 25 Jun 2024 10:25:18 GMT
File typeHTML document, ASCII text, with very long lines (3730), with no line terminators Hashdbad673d439763a13aeb899d740d787e 4728611ebe59169ee591a1f492fd125877f603e4 2b40671151f50a7455d3ef12c3710da9109be4f70b4f87fdf793914a57ff223d
GET /template/classic.html HTTP/1.1
Host: xdiwbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://videzz.net
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 05:53:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smzGh6hP8tjUqVm18rCLKzhwG5izwl1fV1S5HXmUZ5X%2BICd8TAUV4%2FranZXE46%2Fcj%2Bi7SfeDMqYnBJ2%2Ft6TmnRms%2BF5qxNTxCXYaEkqrMobV1VhAHZFXD%2FHMJl4p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc0c3d71b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/locale/ru.js | 104.22.70.197 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omOH0D%2F%2FbKHbCJPkdNmLfR8%2BzGCPnitB9qv%2F66TMRKWDY7WyIUiVT7HFQW6m1QLfULBGPLFPNRFippED1ZfGEJ8HPMogoHiqn6R2bStWoCkRRt1L3MFsSrtt9TCP4czTv5ufndQp5aJnB7rzqZAxu%2Bme"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24370
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc047f6b92d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226 | 188.114.97.1 | 200 OK | 35 kB |
URL GET HTTP/2topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226 IP188.114.97.1:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashf49bf77fad85e3259cdbc54698bb471e 26ed5ee8b5133058d9963189e8cb842a752d2a39 0524aaea076d5ea46d7825ad47e34040274d2326a81ee01c94836366e6e986f0
GET /?source=1982928765&site_id=548226&spot_id=548226 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 25a4d2cfda34e136dc9a672b81a5d968
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrEgVy%2FVC9ddWcvSVv71AzchkpUQzEynhYAA8KspddZ1tXmWjKOWRyrdhl1tPBiia58LD57G%2Fvbp53s4Aff1pTuwAwJNBnYqdnLfJPLi9v9XssqUY7zjyb76lmwX4bwJC%2BdS0yh9nA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc150e4b56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9fc14460edfc01495959768ddefbf058
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 08:30:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suJo7F14Cebhucxgxkj%2B9dkqGy8rTLb%2B34y7rLiFcB7%2FrMr6AGhb6RgjEKMA%2FxbxN1cYN4TRrRUUCULKthw54JEhQJqQvRNgrkSZWzTELg4t37utbK5s5LzgP73q19tDkxgceQ%2FkaKgT6tlKrqm5Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc072b96b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-65a66"
expires: Fri, 24 May 2024 08:21:08 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 104.22.70.197 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9SlRo17%2FEYYEY7TY5VUBa2G0luclF%2Fi9mKP9JIoxaGyg9HDTkx2QKGyXUgtsqVrmCpVypdr9QFZX1ju19YZtHnDUhdiuj6G3zHqk6iKvpR1qlQKK8BqoVYJrA9%2B5qfHIQrYZfty"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4610
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bbfd9dd8be4e-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t10.lowtid.com/s.php?p=c:5mklge2tsml349y_c&d=655744eb46c1f060291a7ac7&s=du.465513&d2=www.twtch.co&d1=du.491151 | 0.0.0.0 | | 0 B |
URL GET t10.lowtid.com/s.php?p=c:5mklge2tsml349y_c&d=655744eb46c1f060291a7ac7&s=du.465513&d2=www.twtch.co&d1=du.491151 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.php?p=c:5mklge2tsml349y_c&d=655744eb46c1f060291a7ac7&s=du.465513&d2=www.twtch.co&d1=du.491151 HTTP/1.1
Host: t10.lowtid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 618 kB |
URL GET HTTP/2videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (63495) Size618 kB (618399 bytes) Hashffba0e4b3edaa1a4c6bc7ef04bcf0ba9 3507ae56cc30b273cf17d0cf4de234dafa4db0eb 57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-96f9f"
expires: Fri, 24 May 2024 08:21:11 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mn%2Fb1G3QzX9CPVNqGVLqfPD6zCFqXyhj839OcxUWL0pODq0rwRXsbU3qFoMa7hiWRt9fnb93HHUXiNaVFWTkf2zec915OACbYIH8nWp%2BKr6fqVYLKEh3AUwylLpU2LxkHJO6uQaAR7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc0259ff5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2tr.7vid.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=PFTd52DTsm3lXGQYeJCc; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226 | 188.114.97.1 | 200 OK | 35 kB |
URL GET HTTP/2topsites.hadesex.com/?source=1982928765&site_id=548226&spot_id=548226 IP188.114.97.1:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hasha1d564bc06522d80f7d07d94b2fd5ac1 ec70a031dde2f1522c90adf4dd195c8eb7f0b86f ea1054a9ddeed67760fe1d6a650f89de73d0b4fc15e9028741716bf304a34f74
GET /?source=1982928765&site_id=548226&spot_id=548226 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 00bafa73d9aa5ae2bf728ccf213711c9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8Sjb1GNwyYFwyL5Vgw9HHLn1mhi6QRoOkujRV92JqWSjA1t3YRtN%2FC154WfVpyjToyYWXBUTdVdsgnKPe8Zjg6VAl1O05B23Uhh%2BHoFFsIVqwWQo8uieZzZXXi3pdk2pMmBQGcW8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc150e4e56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 104.22.70.197 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeC0kBV8KrFm3Zkv8J%2Bge%2FSmdij%2FcSJYFqs%2FClTVJvkDxtE2k4Lm3nrK2rBTmLtPWAmSuAfBAXieePa6WMNRv1VRamIPriaRn61zPtoPKykLcjj95XYi5NXBqGD5AN7dpzhIuExa"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25960
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc048f6e92d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i.wmgtr.com/cim/i7qznfxXKip7rB6_lTcdpGGS6Q0EFUwq.png | 45.133.44.32 | 200 OK | 31 kB |
URL GET HTTP/2i.wmgtr.com/cim/i7qznfxXKip7rB6_lTcdpGGS6Q0EFUwq.png IP45.133.44.32:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecti.wmgtr.com FingerprintC3:69:C8:AD:52:95:77:79:3A:41:14:93:DE:ED:EA:B0:DA:18:DE:0E ValiditySat, 20 Apr 2024 03:01:12 GMT - Fri, 19 Jul 2024 03:01:11 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 492x328, components 3 Hash74442e7727bd29ff7e359cf8c9798c66 5287184799a8c2d6445e58f380f4e58473a005e6 1b008e95bc8b3cdce373254d4cf40b0041503c7b935872bb9f2aa97592ad9f37
GET /cim/i7qznfxXKip7rB6_lTcdpGGS6Q0EFUwq.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Thu, 25 Apr 2024 07:31:00 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 104.21.37.74 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMB9Ae8hkKj0G%2F5L2UUlO1lFyq%2Fiq2aHN9P29zbj3TTNb51rpUEpHe5j58FShTOi9O%2Bv9WsR%2BzfntdoI6lcg3TeWieFihUxf9NsWNpqYU1F8cRtXUtgb%2FW1p2FRPSvQMgy%2BJPBDZQMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc037cda5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilAE9ZvIT9Bipfvv3%2F3pyq1NBkfa6WOM1sChvdrCNcdVXfLcVw1H%2BHdiuUS3pR%2FtpVulzEaFoQy073dPVMOeLZdEp1Pi0wzhdZY6Hz8YkyS6ugVI7c5yTRBEJHGoIqAe1%2FMSzY2iMFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc025a005694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 104.22.70.197 | 200 OK | 360 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (370), with no line terminators Hashd455b7099e753a3680d5e481a7b56a9d 146fdec3f2e51dabdd15fc8acda6d73823b0d44d 4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jty8znFib0KWLtGhjMAg%2BxsjKXe7JzL7YJbtSlJe7kph2rpky7WRd1yEbqG%2B%2BjIQdAdIEgC6yml2kYICcTp3ijclEgiX9QtrVqm04z7h3YAKWGtr1zqXmPl17EI4scLjMpIy7oH0C8DC5dMe2Nt5EA4B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25960
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc048f6f92d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-26cb6"
expires: Fri, 24 May 2024 08:21:05 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xngqoc.com/er?a=1 | 185.162.85.14 | 200 OK | 0 B |
IP185.162.85.14:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectxngqoc.com Fingerprint74:49:02:07:2C:4D:A7:02:77:1D:8C:AA:44:24:E1:12:35:DE:56:11 ValiditySat, 24 Feb 2024 00:26:56 GMT - Fri, 24 May 2024 00:26:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 Apr 2024 08:30:58 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.673022170834095 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.673022170834095 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.673022170834095 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-g0yo2s7mf83f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-1c25"
expires: Fri, 24 May 2024 08:30:58 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/settings/59845 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2tr.7vid.net/api/settings/59845 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59845 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP104.21.37.74:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Am2BEJ1EWqwu6UjWJo%2B0Mcm7M2t3rIDTSXLKQGYgH4ETTxuTsS0PD5N6X2XCdLgy%2BxbD62FnuBs43oSdO8LQ7crM5G%2Bq%2BtIzrR2MwECJZbNNg1CPOiM32K%2FuoWvSuKV3Ze%2BHwZ7Z5qc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc032c9d5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| allvideometrika.com/f.php?sid=212515 | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP188.114.96.1:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xiaSwLBx9oS8oq2CvOgKbZtR%2Fzq27TDgZebc3rXLSv1J4TcJ2lGGcntnJLnNYbwkfbsaOXlToa8STmvqSP237zzJJsTmyR6RUBcX4RZMrC82YMiXntNuMdVnTyeMQpqPcDle208"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794bc072cb356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 104.22.70.197 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYrsgubd1QERqKDZJSE7ywoyVEYDX%2FUfqwie1zhk5KCK0AsBFZbUIonNn3S9IyOwGLwQWgaN%2Fd9OWmOzJ%2FaVsfev%2BWgkpeYn4BgDHXkT06Lv0gWn%2BR631l%2Bb6sp5koPXRKLYRTPm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25960
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc048f7392d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843za200&_p=1713947458474&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=767867585.1713947460&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713947459&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2170 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843za200&_p=1713947458474&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=767867585.1713947460&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713947459&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2170 IP216.239.34.36:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843za200&_p=1713947458474&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=767867585.1713947460&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713947459&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2170 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 24 Apr 2024 08:31:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 5.4 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://ownxmlclick.admidainsight.com/nrtb/click?bid=8oOCR6pdv1Rn1la0EikCU2UeJYh0y8OCjGh0cC1UEckSSWoesa-uSJAT0kZMGM6d_0_4
|
|
| septemberautomobile.com/pixel/purst?dl=0&th=0&sc=0&rs=2012&rd=2012&fd=627&bv=24.4.4887&tmpl=136 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1septemberautomobile.com/pixel/purst?dl=0&th=0&sc=0&rs=2012&rd=2012&fd=627&bv=24.4.4887&tmpl=136 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectseptemberautomobile.com FingerprintBB:DF:D9:75:80:49:19:F3:9F:67:73:72:47:67:E6:1B:0C:FB:C1:C0 ValidityTue, 23 Apr 2024 10:50:08 GMT - Mon, 22 Jul 2024 10:50:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2012&rd=2012&fd=627&bv=24.4.4887&tmpl=136 HTTP/1.1
Host: septemberautomobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 08:31:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| animewatch.onionlive.workers.dev/ | 104.21.9.35 | 200 OK | 1.8 kB |
URL GET HTTP/2animewatch.onionlive.workers.dev/ IP104.21.9.35:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT
File typeHTML document, ASCII text, with very long lines (1795), with no line terminators Hash9dc1e04cc7affd8cf80ad5feefa89210 4c11c71a6f83138bd24602a1c996ad82364573b1 654082713403f7d1acc1d1fdfb9fca90222fd0a411be1fb02f64e973cdf054b5
GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:31:01 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJbw7iWAkrb25KUdb715WNWtaKpgJuaGDwd6G%2FyNUtWxNLC86fWu0KfD1zgvM9b1uAE4QS5jXuMQRq6Ds1KQLNRNihhIGp0iiRiT6zUelVwbgjkFQjSGVRGQdCMj47iUYUOSY1ByXXDlBJE7kUzTXCg%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8794bc114cda56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 | 135.181.208.216 | 200 OK | 655 B |
URL GET HTTP/2tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (789), with no line terminators Hash91cd6d365ecc40fee18fb5dfc829814f 0a2045ecb9a4b992c9206082c8f04858fb47c1e5 0e8fee4d8ac8b87f389c8bb39dc96734f7b9761dbfe4d26dea3e01c878d24e8a
GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-g0yo2s7mf83f.html&sid=f74fe8e0-3190-493d-b145-4d2be2b46c0a&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=PFTd52DTsm3lXGQYeJCc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:31:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLWcweW8yczdtZjgzZi5odG1s&inc=1 | 185.162.85.2 | 200 OK | 395 B |
URL GET HTTP/2prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLWcweW8yczdtZjgzZi5odG1s&inc=1 IP185.162.85.2:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectprhzxq.com Fingerprint87:C3:48:A2:19:6F:6E:8D:38:0C:0F:36:C4:B2:6A:3B:DA:2F:18:5F ValidityWed, 13 Mar 2024 04:32:08 GMT - Tue, 11 Jun 2024 04:32:07 GMT
File typeUnicode text, UTF-8 text, with very long lines (431), with no line terminators Hash7c1d51c7ff0f70952d9cb93811daac70 72cafa3b9571eb8fffcfa1f3bff143b3f2b9b71a a0984b0bb65b1b80705675932d0f64cfd417bcce219d982a7735b90237a04019
GET /wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLWcweW8yczdtZjgzZi5odG1s&inc=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 Apr 2024 08:30:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 104.22.70.197 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP104.22.70.197:443
Requested byhttps://videzz.net/embed-g0yo2s7mf83f.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 08:30:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxxP6fA7SCmH2G8WV1QlWSjYQqrhXMuU4mnVJ%2BC0TDBdD0m8wauRAkLOYl50RXawR1%2FOrt1xlzKQtqQJ8MuStl%2FhFDuRrC%2FB3dR8cstocthEq4VNWZUXk%2BKWd5%2FD0y55l3S4oUfS"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25960
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8794bc048f7192d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|