Report - videzz.net/h7zka1zdif8f.html

Report Overview

Submitted URL
videzz.net/h7zka1zdif8f.html
IP
78.142.18.54
ASN
#208046 ColocationX Ltd.
Submitted
2024-05-10 06:15:00
Access
public
Website Title
Watch grcs sgnt 1x06 m720p mp4
Final URL
videzz.net/h7zka1zdif8f.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	1.3 kB	381 kB	142.250.74.168
www.google.no	25607	2001-02-26	2016-04-05	2024-05-09	581 B	578 B	172.217.21.163
foreignassertive.com	unknown	2024-05-06	2024-05-07	2024-05-07	7.9 kB	101 kB	192.243.61.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	1.6 kB	83 kB	142.250.74.106
myliveforyoudreder.com	unknown	2023-07-27	2023-07-27	2024-03-20	404 B	2.3 kB	188.114.96.1
cdn.o333o.com	158144	2015-02-16	2015-05-28	2024-05-03	393 B	90 kB	143.204.55.31
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-09	1.5 kB	862 B	216.239.32.36
aistekso.net	unknown	2023-10-16	2023-10-16	2024-05-08	395 B	92 kB	139.45.197.244
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-09	814 B	173 kB	104.21.35.227
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-05-09	393 B	20 kB	104.21.11.245
serosaharlem.com	unknown	2023-03-25	2023-03-25	2024-04-17	534 B	1.2 kB	23.109.170.33
yd.cottoidearldom.com	unknown	unknown	No data	No data	402 B	1.2 kB	23.109.170.114
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-05-09	4.5 kB	98 kB	104.22.71.197
bid.bidclickmedia.com	unknown	2022-09-19	2023-03-09	2024-03-22	8.6 kB	110 kB	172.67.205.77
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2024-05-03	2.8 kB	2.6 kB	174.137.133.17
zv.7vid.net	unknown	2018-07-27	2023-07-29	2024-02-22	574 B	541 B	135.181.208.216
videzz.net	unknown	2024-02-28	2024-03-04	2024-04-30	12 kB	1.4 MB	78.142.18.54
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	2.1 kB	132 kB	216.58.207.227
s.o333o.com	unknown	2015-02-16	2015-03-05	2024-05-09	389 B	1.2 kB	85.10.205.45
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-09	1.5 kB	879 B	18.185.9.67
services.addons.mozilla.org	6161	1998-01-24	2012-05-21	2024-05-09	677 B	1.8 kB	54.230.111.124
profitablegatecpm.com	unknown	2024-02-05	2024-02-06	2024-03-01	435 B	17 kB	192.243.59.13
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-09	1.0 kB	86 kB	104.18.11.207
str29.vidoza.net	unknown	2016-11-18	2022-12-26	2023-12-27	1.5 kB	27 kB	213.152.165.138
ossgogoaton.com	unknown	2022-04-18	2022-04-18	2024-04-17	395 B	27 kB	188.114.96.1
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-09	1.5 kB	846 B	192.243.59.13
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-09	453 B	739 B	139.45.195.8
xml-click-oax.adstork.com	unknown	2019-03-01	2023-06-22	2024-04-12	603 B	444 B	23.226.122.79
latest-557263.techlink.icu	unknown	unknown	No data	No data	598 B	638 B	206.54.181.250
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-05-09	471 B	8.5 kB	104.26.7.19
dog.seetron.net	unknown	unknown	No data	No data	3.0 kB	157 kB	135.181.208.216
suggestnotegotistical.com	unknown	2024-05-06	2024-05-07	2024-05-08	487 B	467 B	172.240.127.234
xml.cachegorilla.com	unknown	2021-07-23	2023-11-27	2024-05-04	559 B	199 B	173.239.53.20
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2024-04-30	1.1 kB	409 B	174.137.133.17
cdn.itskiddien.club	unknown	2022-10-06	2022-10-06	2024-04-26	423 B	37 kB	139.45.197.236
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-05-09	561 B	480 B	139.45.195.254
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	3.0 kB	99 kB	104.17.25.14
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	338 B	942 B	54.230.218.11
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-09	2.9 kB	536 kB	172.67.141.24
allvideometrika.com	unknown	2022-05-16	2022-05-16	2024-05-08	520 B	703 B	188.114.96.1
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-09	521 B	480 B	35.244.181.201
veepteero.com	unknown	2023-05-08	2023-05-09	2024-05-06	415 B	3.8 kB	139.45.197.242

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 06:14:32	medium	Client IP	206.54.181.250	ET INFO Suspicious Domain (*.icu) in TLS SNI
2024-05-10 06:14:32	medium	Client IP	206.54.181.250	ET INFO Suspicious Domain (*.icu) in TLS SNI
2024-05-10 06:14:32	medium	206.54.181.250	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu)
2024-05-10 06:14:32	medium	206.54.181.250	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.icu)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	cottoidearldom.com	Sinkholed
2024-05-10	medium	suggestnotegotistical.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	ossgogoaton.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	aistekso.net	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	veepteero.com	Sinkholed
2024-05-09	medium	foreignassertive.com	Sinkholed
2024-05-09	medium	serosaharlem.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (77)

	URL	Size	First Seen	Last Seen
	dog.seetron.net/lx4oag1.js	239 kB	2024-03-22	2024-05-20
Pretty URL dog.seetron.net/lx4oag1.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-20 15:04:32 Times Seen741 Hash a6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Loading...

	videzz.net/h7zka1zdif8f.html	162 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen162 Hash 035c117549bb95ad0992ae461d89e44e 2f45bc18613030f169e7c8ef25553df24e7003b6 0d89ce1d538634aeb6d56fa061bb107311c5daaa1c59aed01cb4e18c48081a96 Loading...

	videzz.net/h7zka1zdif8f.html	357 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen162 Hash 824c86e507e4c27bb34b991feedb5820 06bd36505ef9492db28ebb53c740d5c17d4516b4 0c45ee272e41a3a37bb7d5a0881665e4d54b762e20921cdb145bf5539fe4f551 Loading...

	videzz.net/h7zka1zdif8f.html	1.9 kB	2024-05-10	2024-05-10
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 08:15:08 Last Seen2024-05-10 08:15:08 Times Seen1 Hash eb5a38767f173c3ab03cb421d4fec2f9 df08b049be571633ecaf63b5acdc507bf8ef5886 8f6ef90941e2a6fc59cd16c65aa02e6ee418e6d1d6da13abc0ef0f9e751de2c5 Loading...

	dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428	674 B	2024-05-10	2024-05-10
Pretty URL dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:08 Last Seen2024-05-10 08:15:09 Times Seen1 Hash 89f2253b8a72ded06f4f2dfeb536591c de68e13fbd1bd4b563e96b33f2528bd401272521 fc2df3e0280c658e99b30c297ea911b14543cf054becc3351971361d867d4f49 Loading...

	serosaharlem.com/ij70IKIf4Ueonvwm/57128	8 B	2023-03-07	2024-05-20
Pretty URL serosaharlem.com/ij70IKIf4Ueonvwm/57128 IP 23.109.170.33 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10:08 Last Seen2024-05-20 11:19:37 Times Seen3059 Hash 74bcdb854ab16ca0977687a071ccface 3fc98dccf6a4c618323aacd44660d0c32d1e9016 f729e7b610069468cbe062a7821762c27a15271967ac88eae69a538d48c5a29b Loading...

	videzz.net/h7zka1zdif8f.html	475 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 06:03:41 Times Seen46 Hash 7019cbe0012d5199f2f496e930f3bf61 5d1696302b432ac66a71a81f8899876ddcd019b8 092b3dfb5e9bb66a05ea11eb25003bc70f3d1ebe6cd384f274e1b17eeb9b4ae7 Loading...

	s.o333o.com/adgpt.js	2.0 kB	2024-03-22	2024-05-20
Pretty URL s.o333o.com/adgpt.js IP 85.10.205.45 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:49 Last Seen2024-05-20 15:04:32 Times Seen412 Hash 55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Loading...

	videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	140 kB	2023-03-08	2024-05-20
Pretty URL videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:59 Last Seen2024-05-20 15:04:32 Times Seen163 Hash 8986804e792bac03d992cfa0d65281de 4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44 e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	645 B	2024-04-12	2024-05-20
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:45 Last Seen2024-05-20 15:04:32 Times Seen220 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	videzz.net/h7zka1zdif8f.html	88 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 06:03:41 Times Seen33 Hash 07b30612e7898526d72c8ce77c650c47 d6f554e4eb7ad6deb003a0541c0bbe264563059a 5d764749f6b3215245da9aa4db9e35df149910d9e5d69bbd108ddf7fbe5957df Loading...

	videzz.net/h7zka1zdif8f.html	42 B	2023-03-12	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 17:26:16 Last Seen2024-05-20 14:02:02 Times Seen85 Hash ef7ab1eb5fe88b692b3d8d65ff95a2c4 1339642288bd1758b6b3864292da22d085349752 c2ba1c539107eb3a3ceb346cf19e3ba42b4e7104ac2c96dd5495aafb48d0b021 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 15:15:46 Times Seen350699 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-20
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-20 14:02:04 Times Seen1859 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	videzz.net/h7zka1zdif8f.html	388 B	2024-04-25	2024-05-10
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 08:13:40 Last Seen2024-05-10 08:15:09 Times Seen2 Hash a268ee15f469abbc5ae405a8a224ee19 0b3d41601227ce68194528c7c1a6f4e942ef7efd bdc576611dbb175f46ca00a688bdf7676b8c2eb5f91747444e98e26a2eed451e Loading...

	videzz.net/js/ads.js?v=1.0	211 B	2023-03-07	2024-05-20
Pretty URL videzz.net/js/ads.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen290 Hash 09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523 Loading...

	unknown	733 B	2023-10-28	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 21:18:21 Last Seen2024-05-15 17:25:04 Times Seen6 Hash 74c7a40e6867c2eee9ab2da9a46cb7e5 f3b8179daf690551dfc0bae43817a0de1d62bc80 133b9a37d572fecb74500875dd620ed87585ba499b137d5bcda34234f6496eee Loading...

	yd.cottoidearldom.com/1clkn/14903	6 B	2023-03-07	2024-05-20
Pretty URL yd.cottoidearldom.com/1clkn/14903 IP 23.109.170.114 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-20 15:11:58 Times Seen15306 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	unknown	812 B	2024-02-04	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-04 03:21:37 Last Seen2024-05-15 17:25:04 Times Seen8 Hash c06518994f541746094ffa66e9dd59b9 f50c28e103e1244a3c3ab7b73bfc01956c94ad89 397489415d29273c4d0e5d3a152b8c6391436e21ebf73b0be47e9a99219ba989 Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-20
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 15:16:24 Times Seen37879217 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	videzz.net/h7zka1zdif8f.html	1.9 kB	2023-03-26	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-20 15:04:32 Times Seen142 Hash 82e1ab0f6fb26e1a626e1ad6812a2e50 ff89302fd6c7736cfe3c0ce1bea0da569a763ced c1133cdc2ae23220a521a156d0edc736cea501341435673899a05f4d54597373 Loading...

	dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428	637 B	2024-05-10	2024-05-10
Pretty URL dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:09 Times Seen1 Hash 6746ea9e6bdef6a832d091fd23284255 a422e0174dfdaf2725bbc5e1f576b1d8b2e31b58 48aef444356933233dd9113b8e1a4b6d31ef50454148a20c18d76c2bfa1f339e Loading...

	videzz.net/h7zka1zdif8f.html	1.9 kB	2023-05-14	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-20 15:04:32 Times Seen141 Hash a692b14c46b795baddef6cde7925aec0 83421ee7434ca7916a53f711c1a207c04e264e3c 0a136fef0aef4b2b4d90057c95c48e84618ecebe376ad324594150d0b8588f90 Loading...

	unknown	808 B	2024-04-19	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-05-15 17:25:04 Times Seen4 Hash 2ba0d55f4197030a7fa0dbf2db83fa42 96e7e39224cc474bbcfe66184600643c2cc7f622 84e0655dc5cd73831845f2c2e5ea503785fd0cd5aa8a706c63f781cd99c15f91 Loading...

	myliveforyoudreder.com/vidozza.js	1.6 kB	2023-03-08	2024-05-20
Pretty URL myliveforyoudreder.com/vidozza.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-20 15:04:32 Times Seen200 Hash b340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	429 B	2024-04-12	2024-05-20
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:44 Last Seen2024-05-20 15:04:32 Times Seen237 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	11 kB	2023-03-07	2024-05-20
Pretty URL videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 06:03:43 Times Seen88 Hash f2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb Loading...

	videzz.net/h7zka1zdif8f.html	82 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-20 15:04:32 Times Seen158 Hash 67b70174cc2854586ec824f84b79d825 c9bde16aa4e39ab912e1a20fe298b028a3432596 a979d312087118fa753a8ed59077b51936c9595eb2a37cd369a6b4f579eebafd Loading...

	videzz.net/h7zka1zdif8f.html	488 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen158 Hash c88a098ddb34ae8eb653079349e1eb71 c273d06595b90b3f3eadde95865d4fd88a2cdc4a f8be9aff934fb09a35261e76d411268402098e38f3c1468679a0ffddf96cb8cd Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2024-04-12	2024-05-20
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-20 15:04:32 Times Seen228 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	static.addtoany.com/menu/svg/icons/viber.js	1.0 kB	2024-04-12	2024-05-20
Pretty URL static.addtoany.com/menu/svg/icons/viber.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-20 15:04:33 Times Seen192 Hash aeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee Loading...

	videzz.net/js/jquery.min.js	96 kB	2023-03-07	2024-05-20
Pretty URL videzz.net/js/jquery.min.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-20 15:04:32 Times Seen48158 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	static.addtoany.com/menu/locale/ru.js	2.1 kB	2023-03-07	2024-05-20
Pretty URL static.addtoany.com/menu/locale/ru.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2024-05-20 15:04:32 Times Seen203 Hash c0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397 Loading...

	videzz.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL videzz.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 15:15:46 Times Seen351214 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	videzz.net/h7zka1zdif8f.html	221 B	2024-05-10	2024-05-10
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:09 Times Seen1 Hash 12beb9133ec742ee36d894cb07e95ea0 88d2db956a232fd9c3c5b7566bb9a09923550818 6b9f336bbbe5aad6a67407b225219a42427a512e8359f95c2a9feda0ee6e4838 Loading...

	videzz.net/h7zka1zdif8f.html	1.9 kB	2023-09-20	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-20 15:04:32 Times Seen130 Hash ea18635ebabe6012d41f9fe215f59b54 4bb7351c02f51a2d10b55eb8daecf0862aec3db7 4e69daf6970b0700406f701311ff61bf0623749d951327a09de054a9906c8056 Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-20
Pretty URL static.addtoany.com/menu/page.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-20 15:04:32 Times Seen1186 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	videzz.net/h7zka1zdif8f.html	1.9 kB	2023-09-20	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-20 15:04:32 Times Seen130 Hash af6177bd7ff00168d56dcbb2dfad8aad b0565c811d5bc5e2b4923cc1194a81126512010c 68848e296ab0993815dd2ae9efbb9b41e1bddf7d57aafd1ce37fcb6588b09901 Loading...

	videzz.net/sw.js	42 kB	2023-03-07	2024-05-20
Pretty URL videzz.net/sw.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:33 Times Seen264 Hash 764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa Loading...

	foreignassertive.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js	84 kB	2024-05-10	2024-05-10
Pretty URL foreignassertive.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:11 Times Seen2 Hash c5f34600c4b9e4c4ef89659d6a65dd61 b6565985eb1cfa9726033cc37755eeef2421a58e 1976162d16efc3a26cff9b95a1166e460e91e1bbba9272a98b1da4ee8ea1271f Loading...

	videzz.net/js/pop.js?v=1.0	35 B	2023-03-07	2024-05-20
Pretty URL videzz.net/js/pop.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-20 15:04:32 Times Seen305 Hash da4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d Loading...

	ossgogoaton.com/tag.min.js	82 kB	2024-05-10	2024-05-10
Pretty URL ossgogoaton.com/tag.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 00:02:39 Last Seen2024-05-10 19:03:29 Times Seen14 Hash e56d22d4b078f2116acde5468a10ed4b 1bd53f708a56defabe094073b88a3114e313ae98 a2efe5c73146fd67ce971a6c328f742f4a631f03c79d0827391a2db2a25cae19 Loading...

	www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c	278 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:10 Times Seen2 Hash 778da8b67b393e6606f96f8898147f65 10a3af716ba20164971b8773e01f6a6e4cbce648 a536a42a2e203dda62d671488c299c5134cc030cb105eb9fe00fe276ee0c8891 Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js	18 kB	2023-03-07	2024-05-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-20 14:02:04 Times Seen2994 Hash 12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Loading...

	cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419	94 kB	2024-05-10	2024-05-10
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:09 Times Seen1 Hash de620515ee289c2ee9a039392245c9ff 538a867135aead5c776f831ac878829077fb3a8c 52c4b27a5deb6deda3d093e110de979f2d3fab60077b4dbcb33ed751e967f8e3 Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-20
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-20 15:04:33 Times Seen1762 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

	videzz.net/h7zka1zdif8f.html	1.9 kB	2023-12-02	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-20 15:04:32 Times Seen121 Hash 861dcaf645aae37b6316256c150d9dfb 3a9f80b6a4bf4c7807b354238ee1092098ef0592 8580955f289133f8987846865a71337744c9e2f39defb5c7bad0df0752a47ae7 Loading...

	unknown	810 B	2024-02-04	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-04 03:21:38 Last Seen2024-05-15 17:25:04 Times Seen8 Hash 18ecbb41b612257efafd2e1b48cdcd84 b03d0fbbe2c33e03b2f4f11403fe7f7ca4625fc9 6cbb812a0ed750d54d3c21f2f4a404a82dcfa22cf2d8345e10ed8a1374001cef Loading...

	videzz.net/js/videojs.stm.5.min.js?0.0736648541069762	7.2 kB	2024-03-08	2024-05-20
Pretty URL videzz.net/js/videojs.stm.5.min.js?0.0736648541069762 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-20 15:04:32 Times Seen119 Hash 4630f52d883cdd6dc5b7e0aee209fe40 ae08102d07ab32e76d5dbd12fa7db315e6f51f4e b74ebfdefad877a934b2e7d38afb3a56ad4db4ebbd88a72b7ae4a44fad74c0d3 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	static.addtoany.com/menu/svg/icons/telegram.js	360 B	2023-03-08	2024-05-20
Pretty URL static.addtoany.com/menu/svg/icons/telegram.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2024-05-20 15:04:33 Times Seen941 Hash 48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Loading...

	unknown	54 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:34:44 Last Seen2024-05-20 13:27:04 Times Seen892 Hash 21ad6a5e027895d7fef5bee4de0a6c02 1997f8ca0f217c1001a42318dc5976a0d5a56469 6e97ed48cf9a0f9bf4e5199bc5546e24c1067a10e7a582b886143be40f479bb5 Loading...

	unknown	729 B	2023-07-09	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-05-20 06:03:42 Times Seen18 Hash 8b9caf322dc087ac4a7ead0a2ac35741 256a95350057596038880e672b77dc7feff104ca 900b56e1419fc696fc2a74f5f4983724e2667ec390e175c3f8411b04efecfa0e Loading...

	profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js	44 kB	2024-05-10	2024-05-10
Pretty URL profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:10 Times Seen2 Hash 86bc6c0b55c03b2b2c23c8a3a801daad 4a05eb69e455827dd7e4adabcf2383d53cec8210 8ef960ec55182c41a2c80648784b359e7b21ff22c7c22a4a1553c42f34cb2d81 Loading...

	www.googletagmanager.com/gtag/js?id=UA-158623850-1	209 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:10 Times Seen2 Hash 687742c3eabf1e37e7d6205e5d0e4527 4cb70341f2dee376f773d00fd65e6c0ba08b6e79 3c3bb11e4ea6ada02fac72e279c3dac4be14100a5800c7083f25b7eb31e2a3fb Loading...

	videzz.net/h7zka1zdif8f.html	416 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen162 Hash 7b2ab585a733a8e54eb7117dbe673331 38ba49b934ea93104d43c095a34cbebabee2416b 161196e2eb45160ec056dcf19476aaf0a8694cd099ce5ddb43f53f58fa86d0d8 Loading...

	unknown	802 B	2024-04-19	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-05-15 17:25:04 Times Seen4 Hash 3a40057ad5495afbe4ea0da68af650fb 10f3a5117b4f54ac6771878808e02666246605eb ed67b84d62bedf4476567b2217591ef57ff425e72286e443b361937d8511f1da Loading...

	unknown	806 B	2024-04-19	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-05-15 17:25:05 Times Seen4 Hash 447de3d3d0218931ecc1c4cac99c73d0 c5ecf248b88c6287365e63ea4665acf644f0f72b 7cdf67162423534f7ea2472b9dd636094f568410a3f231d25d55414df2e137b8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-56DK3TH	209 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:09 Last Seen2024-05-10 08:15:10 Times Seen2 Hash 17d477a424fc62cd5c7a615536e9e885 cd7c67470b05b2cd6e399096c014bdea3c1bb91b 994b3430bf0a8d15f0a373b8bd712860be4d7c5163b39acb2cc970c762bcee7b Loading...

	videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	111 kB	2023-03-07	2024-05-20
Pretty URL videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 06:03:43 Times Seen85 Hash 6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca Loading...

	unknown	9.7 kB	2024-05-04	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 17:23:27 Last Seen2024-05-20 14:02:02 Times Seen44 Hash 9b10afef621b188725357ddc3cb354e8 eafa5d3550def25ab84004fe5bb6c764bae8c7b4 5a40b246cfe96dd29952c1ecc925968fc02689639f96a763ac22dfbbd51dcef4 Loading...

	latest-557263.techlink.icu/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715321640000-4844	0 B	2023-03-07	2024-05-20
Pretty URL latest-557263.techlink.icu/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715321640000-4844 IP 206.54.181.250 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 15:16:24 Times Seen37879217 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	731 B	2023-07-09	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-05-20 06:03:41 Times Seen20 Hash 899ffd6924a090dfa639b2692e4f3cf7 bfbedb6f11d2cfcb2cfd342e6516c40e7b32783c 3084dab3a2dd5383ab8bf9ad8a6dbeffe715389883af4a2701c74fa31c893b49 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	893 B	2024-04-16	2024-05-20
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58:32 Last Seen2024-05-20 15:04:32 Times Seen176 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

	cdn.o333o.com/vast-im.js	310 kB	2024-03-22	2024-05-20
Pretty URL cdn.o333o.com/vast-im.js IP 143.204.55.31 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-20 15:04:32 Times Seen412 Hash 04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286 Loading...

	videzz.net/h7zka1zdif8f.html	604 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen161 Hash 3f51f1dc48435128b95bc2f1354a7a17 1baedda0ccf0cdaaa29bf441fcfe0c5fb2f8d4d4 9a3b5d51bd26f5549b2a1ca571835e3c1f0beede7826fd81566bdbc1dad656e9 Loading...

	videzz.net/h7zka1zdif8f.html	0 B	2023-03-07	2024-05-20
Pretty URL videzz.net/h7zka1zdif8f.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 15:16:24 Times Seen37879217 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	804 B	2024-04-19	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-05-15 17:25:04 Times Seen4 Hash 25683cda3111e6318b38f40af77f5594 b00f300e57175c537f1c5c5827481de9aaf41dc2 887a485d142234465c94805cd78e95581468124ef911f46d498a6fd997c5e1e3 Loading...

	videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	416 kB	2023-03-07	2024-05-20
Pretty URL videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-20 15:04:32 Times Seen165 Hash 9721700ae4b3d8e0e81f9c6c1c8d511b 1c987ebb7fac787eaa3b2190c9b53bb685d5b8ea d4098ce7457b5191970d2df49c8b8f6c2ffc0d8510673777a08910f0b68d5c2f Loading...

	aistekso.net/401/5708419	91 kB	2024-05-10	2024-05-10
Pretty URL aistekso.net/401/5708419 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:15:10 Last Seen2024-05-10 08:15:10 Times Seen2 Hash 81f951388a6f4b37f103c53070974dfe 8c32f331b1102164b024728b760462afc632c9de 7ae9d25ec233dbfb488a6a729922e636d20320f815ddb19d00fc2f4780028a45 Loading...

	videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	159 kB	2023-03-07	2024-05-20
Pretty URL videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-20 15:04:33 Times Seen275 Hash 7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-20 12:09:11 Times Seen2492 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - 7aea427efe0ebb35cac7f6c65074feaa	613 B	2023-03-26	2024-05-20
Pretty Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-20 15:04:32 Times Seen142 Hash 7aea427efe0ebb35cac7f6c65074feaa 7f7025ff75b6c305cf0f7258c68dcc5c3b787ea6 d72f60419e2549dc6934524845bed150c6aa5e1541b5eac18dd5c145f40d2857 Loading...

	#2 Write - 43449de866396eb0131d8111f4fa3895	613 B	2023-05-14	2024-05-20
Pretty Observations First Seen2023-05-14 23:54:06 Last Seen2024-05-20 15:04:32 Times Seen141 Hash 43449de866396eb0131d8111f4fa3895 d74126ea9f2c40f8395c79b3e7f69760f91702fc a67ffe15bbd54d8f4cc64a1e458fc3b742f73783efb009b827b9cf3e9b502add Loading...

	#3 Write - c661bb9a7cc33ed4849427e94a91858c	614 B	2023-09-20	2024-05-20
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-20 15:04:32 Times Seen129 Hash c661bb9a7cc33ed4849427e94a91858c 4be38292beb83aa1b58a668283dfe08ed97d7a42 e56ca9ad4497b40fd4b7c14e2c5e6c5b58563af9cb588188992d2189d22dc477 Loading...

	#4 Write - bf6e0ef92ae84c6ac72a2e33e3bd0ba5	614 B	2023-09-20	2024-05-20
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-20 15:04:32 Times Seen130 Hash bf6e0ef92ae84c6ac72a2e33e3bd0ba5 dd276e9188ea2de2da9b957adbb91c7e2b08d4ec 5f5f7af99db9aecf63f1ae5480d2b95a82e350abcdd3a765f5537235d12a4744 Loading...

	#5 Write - ab34ea7c979c46402352a8ce4c7b87cf	614 B	2023-12-02	2024-05-20
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-20 15:04:32 Times Seen121 Hash ab34ea7c979c46402352a8ce4c7b87cf 4ec90223aeea83fe3850db77b92c11eed50c99d3 fd21c10a5b8c554e00e76da6ce58475053e414d4280741ed032a857cf9876978 Loading...

HTTP Transactions (132)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

1.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
1.8 kB (1761 bytes)
Hash
dcb0ac787e2b120c8aeec195cd6decb9
7cdd385b4fbdfd0801af64d9209e7ede132dd954
f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82

HTTP Headers

GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:28 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 137083
expires: Wed, 30 Apr 2025 06:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=48h2%2FCY9p8ImpAxArEGrvq12mQ%2BrCqYCslyCtzzkupZAPnQescbl5A6TDZa3XgjrG7lR7hNSyGzROylQxp1p%2F3USgXWWnpTCac0CDPgLMn3%2BsJn8R5n%2B5Aa%2FLLGPytegwRoUvTZB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8817ca091bd25690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

867 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4034)
Size
867 B (867 bytes)
Hash
0680879d9be8b73e90cf1ed3de2724e1
e338268ddd73ef607dbbca2ff375867972f66353
5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857

HTTP Headers

GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:28 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 175998
expires: Wed, 30 Apr 2025 06:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCGWat7YXB6u81VDrU6AblAzLOX6fh3UIr%2BnMBUryyv%2BBHYqe3xVJEwi%2FPt4Cmpm1uruULorc5qH9dc9jSvq2D4Pqx39vRYJmz2fsuKzP8Sg2iEo84e%2BDw6LJ8zhtty%2F%2BgRYJNcz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8817ca092be15690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

2.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7172), with no line terminators
Size
2.1 kB (2141 bytes)
Hash
a99386c14c1250b20b42dd0db3df1741
cc8562d8ee2c39a2adea8d09eec3c4096571dd18
de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672

HTTP Headers

GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:28 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 725857
expires: Wed, 30 Apr 2025 06:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2z5ma1Sf6NjISirZ585ZGUybeF%2BlJmMvzycV57LwcRV4j4jp%2FoI5E%2BYKYZXPFUDEFUHMeGPsIC25PG1VUpyZQJAWlVEtasj%2BNZ%2FHJZCy%2F7Sa0UM0yICZEU4UAa%2FqL7f3sHtdRRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8817ca092bda5690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/pop.js?v=1.0

78.142.18.54

200 OK

35 B

URL GET HTTP/2
videzz.net/js/pop.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
ASCII text
Size
35 B (35 bytes)
Hash
da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d

HTTP Headers

GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-23"
expires: Sun, 09 Jun 2024 06:09:19 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/ads.js?v=1.0

78.142.18.54

200 OK

211 B

URL GET HTTP/2
videzz.net/js/ads.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
Unicode text, UTF-8 text
Size
211 B (211 bytes)
Hash
09f34de71e8853387dd398fbb263af69
4ccb7007fcebcffe64eaa80f2991509fdbac55d5
6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523

HTTP Headers

GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-d3"
expires: Sun, 09 Jun 2024 06:09:25 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/adb_logo.png

78.142.18.54

200 OK

8.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/adb_logo.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c

HTTP Headers

GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-2074"
expires: Sun, 09 Jun 2024 06:09:22 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/attention.png

78.142.18.54

200 OK

6.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/attention.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6377 bytes)
Hash
d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6

HTTP Headers

GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-18e9"
expires: Sun, 09 Jun 2024 06:09:40 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158623850-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74936 bytes)
Hash
687742c3eabf1e37e7d6205e5d0e4527
4cb70341f2dee376f773d00fd65e6c0ba08b6e79
3c3bb11e4ea6ada02fac72e279c3dac4be14100a5800c7083f25b7eb31e2a3fb

HTTP Headers

GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:14:28 GMT
expires: Fri, 10 May 2024 06:14:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dog.seetron.net/LrfK7A3.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
dog.seetron.net/LrfK7A3.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /LrfK7A3.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:28 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

dog.seetron.net/lx4oag1.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
dog.seetron.net/lx4oag1.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /lx4oag1.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:28 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/sw.js

78.142.18.54

200 OK

12 kB

URL GET HTTP/2
videzz.net/sw.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
12 kB (12220 bytes)
Hash
0b626e5081348ec2791a85477fe225e3
fdee0a3299f15d99acdcbcfe5d1de09ce5f44e6d
d33f51d7f1bd79669fa4f8b1ccbb864d8349be5fac7c9c0cf21daf6581142e94

HTTP Headers

GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-a554"
expires: Sun, 09 Jun 2024 06:09:00 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:28 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 91748
expires: Wed, 30 Apr 2025 06:14:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHgCXyKZtsah%2FUARBRBsH%2B8YN6jLoJTMQj6B8YIFPVkL5cgRMRSAthA4i1v%2BcNaDF0AlQbNFdrXVqVe74MwVq5vp2lpNWlgbSrygKvuVtfhQ7zGEWpM5IKJO0UB4rw3Lm0kNuyWY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8817ca0b2bf45685-OSL
alt-svc: h3=":443"; ma=86400

yd.cottoidearldom.com/1clkn/14903

23.109.170.114

200 OK

26 B

URL GET HTTP/1.1
yd.cottoidearldom.com/1clkn/14903
IP
23.109.170.114:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectyd.cottoidearldom.com
Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE
ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 06:14:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 11-May-2024 06:14:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 11-May-2024 06:14:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

cdn.o333o.com/vast-im.js

143.204.55.31

200 OK

89 kB

URL GET HTTP/2
cdn.o333o.com/vast-im.js
IP
143.204.55.31:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
89 kB (89218 bytes)
Hash
699f07dfdad799cf866b2d3d9b594864
2b75321bd902e50ad33e9dab2c2b8a66c41eafb2
5def4f36a0969cfff4b9a9c2a5f02c784ada6fdd28180882df7ab038fed165fe

HTTP Headers

GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: h-2ZsQUOB4VrfaV_c7H5Sjzae8fyl_reicBKp1HQjFapuy7uP0FURQ==
age: 2493767
X-Firefox-Spdy: h2

profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js

192.243.59.13

200 OK

16 kB

URL GET HTTP/1.1
profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectprofitablegatecpm.com
Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30
ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT

File type
JavaScript source, ASCII text, with very long lines (44111), with no line terminators
Size
16 kB (15859 bytes)
Hash
86bc6c0b55c03b2b2c23c8a3a801daad
4a05eb69e455827dd7e4adabcf2383d53cec8210
8ef960ec55182c41a2c80648784b359e7b21ff22c7c22a4a1553c42f34cb2d81

HTTP Headers

GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 06:14:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 945ac350b96a0a9596148da47ef8d23b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

114 kB

URL GET HTTP/2
videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
114 kB (113532 bytes)
Hash
9bdf507570be39b79d40a91bdd1d14f0
87c31d5bc26b2d03a17f693f39a2e89e26c8e616
7084c59435403ec4456fe8a52737e9add8b2c96264561c9d23c719962d245408

HTTP Headers

GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1b31b"
expires: Sun, 09 Jun 2024 06:13:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/images-newtheme/logo_60.png

78.142.18.54

200 OK

14 kB

URL GET HTTP/2
videzz.net/images-newtheme/logo_60.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced
Size
14 kB (14101 bytes)
Hash
650a7f14495bcd9ed2140ed51d8b9fef
47cb64b0bc23739e4e25e7c1bea6d63e438ebee0
aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71

HTTP Headers

GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:28 GMT
content-type: image/png
content-length: 14101
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-3715"
expires: Sun, 09 Jun 2024 06:08:14 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/ico_signup.png

78.142.18.54

200 OK

1.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/ico_signup.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1094 bytes)
Hash
eb2e533fce6d10e6f1231e3c07aa7e7a
194f55dab0899b59605972b6a0edd85bfd975488
6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a

HTTP Headers

GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:28 GMT
content-type: image/png
content-length: 1094
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-446"
expires: Sun, 09 Jun 2024 06:14:16 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:35:00 GMT
expires: Fri, 09 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 99568
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.o333o.com/adgpt.js

85.10.205.45

200 OK

820 B

URL GET HTTP/2
s.o333o.com/adgpt.js
IP
85.10.205.45:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subjects.o333o.com
FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46
ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2040), with no line terminators
Size
820 B (820 bytes)
Hash
55f8db8e0ec58b646f0b5425b405fdd0
0c79af1239cafc7ec4783f20b0b886a61daccc09
3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:28 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

104.22.71.197

200 OK

50 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3003), with no line terminators
Size
50 kB (49789 bytes)
Hash
5f984fdd1d3384220c67422c1f544a95
79c8a48b5fab47972dd69ce7dfd08cee895006b5
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol%2BYW8NdHkKFaK0nGdUHHsZ7sgiLcIAJ%2BQF%2BOrqKBGMHdYxMhVdCd9WV33eE6lbAO4Z%2Fb22RqSdkZV3kz%2Bg0O%2BkgpSAr%2FhTsHCoBs6Tb4PYIoUkUCPyGNFMjhqU%2BXfZzgcTNL17sbD%2F%2BmDporeMdZW1L"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23263
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca094ed48d80-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/facebook_button.png

78.142.18.54

200 OK

3.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/facebook_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
3.3 kB (3296 bytes)
Hash
7136dd30e8f2bac19a84c71f7051fbe4
9e0386c21a34c2034c5736d083f2aa9d74aa9698
0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf

HTTP Headers

GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 3296
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-ce0"
expires: Sun, 09 Jun 2024 06:12:51 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/reddit_button.png

78.142.18.54

200 OK

5.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/reddit_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
5.6 kB (5639 bytes)
Hash
e81d26d1620449624337a4d43f931daa
f03bec039b900b6668f56c295b6152f206614347
a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196

HTTP Headers

GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 5639
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-1607"
expires: Sun, 09 Jun 2024 06:10:09 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/telergram_button.png

78.142.18.54

200 OK

7.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/telergram_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.1 kB (7130 bytes)
Hash
30c0202bb8d66d562c2f6f74e04cecf5
330d3cb6d6e12800458fb4e711f5ad2669ed6418
5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60

HTTP Headers

GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 7130
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-1bda"
expires: Sun, 09 Jun 2024 06:10:56 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/twitter_button.png

78.142.18.54

200 OK

7.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/twitter_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.3 kB (7332 bytes)
Hash
d680a9ff6f8107a4582fc3da7b95b852
df709fd8b064642697ce5075aef16d7ec3df9475
d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24

HTTP Headers

GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 7332
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-1ca4"
expires: Sun, 09 Jun 2024 06:10:16 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.25.14

200 OK

77 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 134402
expires: Wed, 30 Apr 2025 06:14:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnoHOlYimuBu%2BJL%2F8TtZCLlrcdEUbuagJ2mXMWwaSDKMmqRvJsu5EBRoIvCU7cJC%2BN1T5AfdbXcfPDMW6geRNWIUxK36GiTiVlo7CUN1ob32aF73CWm3fsLhPT8KDfUiil14YNpP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8817ca0f984b5685-OSL
alt-svc: h3=":443"; ma=86400

videzz.net/images-newtheme/social/viber_button.png

78.142.18.54

200 OK

7.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/viber_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.6 kB (7583 bytes)
Hash
36454bc0a71ba0919c38f4b072ea1792
b90bd02d15eb470070f5767b12f8879cfa54033f
795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58

HTTP Headers

GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 7583
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-1d9f"
expires: Sun, 09 Jun 2024 06:12:10 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/whatsapp_button.png

78.142.18.54

200 OK

9.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/whatsapp_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
9.4 kB (9402 bytes)
Hash
093cb56d9d65dd0ccb57f24eb7444cba
3d862fe04fc38402dfb6e8afcfb9adc526907d54
9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266

HTTP Headers

GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 9402
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-24ba"
expires: Sun, 09 Jun 2024 06:13:17 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c1ae368dfcd18c3fe0a38f18783ecfe1
591b78d8c937af6063def58fa5d376d07e7d005e
58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 06:14:29 GMT
Last-Modified: Fri, 10 May 2024 05:41:49 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wqhBI0TBCJHaQ4WFP3dYB-ARGL4rkOq6F_X-AKMkk_UB4vrLAZWvYA==
Age: 1960

videzz.net/images-newtheme/locale/spritesheet_25.png

78.142.18.54

200 OK

3.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/locale/spritesheet_25.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3355 bytes)
Hash
f114e74e1fb82ce234e7a2503506e2ac
5adb3ddc13861aa417471710f1ceaca66ef71c74
e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d

HTTP Headers

GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1; file_id=38056930; aff=201428
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/png
content-length: 3355
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-d1b"
expires: Sun, 09 Jun 2024 06:09:47 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

48 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
48 kB (48382 bytes)
Hash
f43a9f52bdd16907856bcccdc018b8c9
260324361bf19dc2ea4982f6fd312f9c8d5039cc
0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncXdIvuQAe4mGjiDQgr0B%2BvuCUWB2sOp5O4cJXjgG9LGwpO0zTQR97%2FNXOoqGVakyXRJ80JrkgIzj6QD6WxraU%2FFaKruhMw%2FMDzDKWK2%2FYPa2DL9uZxA4%2F8T1AO0iAE9Pezf8PTUQtk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca0fc812b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

48 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
48 kB (48382 bytes)
Hash
f43a9f52bdd16907856bcccdc018b8c9
260324361bf19dc2ea4982f6fd312f9c8d5039cc
0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xILkhIBpGfFALVeWlZXfkCBjANQqdSqLInGho4Hp69%2F9XgJpKp6MxBOAmpKc6vLyWSGgwhFN41JtyuhTOfznZBk3y54MxBjI3qJvNHeY7xLmboT5vdZXGYSV2zFBgCSBKyHDVrjlIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca0fc826b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

251 kB

URL GET HTTP/2
videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
251 kB (251067 bytes)
Hash
2d04710d6e6e154fc52723015b02e8a3
647835b8fa0e0f699f6989c9637bca9846f11e30
4e4ee41697e8e7583e83e1f255ce21d4bfd5221f121fc6395c91bc5b0e1cb92a

HTTP Headers

GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-14c442"
expires: Sun, 09 Jun 2024 06:13:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

static.addtoany.com/menu/modules/core.BRQnzO8v.js

104.22.71.197

200 OK

26 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26455 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIX8Bnk3zEEBbJqXL31kr8FstyEKYMuC8qb9%2BB1Fikb7w%2FM7YVKtiX38EugmNceFBJ9J%2FzDNuXR0%2F9tJrs9oLVDN4cvRA1qsBeK9GocPHE5ChTPsA4iVxN9bXumi6LTOdnReUJValnqLeWxtwFEjXFtY"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17106
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca0fb8598d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 827763
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13de86568a-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
95 kB (95228 bytes)
Hash
778da8b67b393e6606f96f8898147f65
10a3af716ba20164971b8773e01f6a6e4cbce648
a536a42a2e203dda62d671488c299c5134cc030cb105eb9fe00fe276ee0c8891

HTTP Headers

GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:14:29 GMT
expires: Fri, 10 May 2024 06:14:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95228
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

83 kB

URL GET HTTP/2
videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
ASCII text, with very long lines (50421)
Size
83 kB (82553 bytes)
Hash
062bcc1257f3f1a242a5a8a112b6b279
6b1c08afa4f03891a14efbd9c4d3096021399c87
1c3c002dd20b0a586fc5b450e0a8f5ab3c1472c192c0d4b6cb13649c36f9d5fe

HTTP Headers

GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-29645"
expires: Sun, 09 Jun 2024 06:10:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

str29.vidoza.net/i/02/07611/h7zka1zdif8f.jpg?v=1715321667

213.152.165.138

200 OK

26 kB

URL GET HTTP/2
str29.vidoza.net/i/02/07611/h7zka1zdif8f.jpg?v=1715321667
IP
213.152.165.138:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintBB:ED:F5:F9:17:52:AA:FC:EE:8F:98:D4:64:46:12:76:92:0E:B5:CE
ValidityFri, 12 Apr 2024 01:22:23 GMT - Thu, 11 Jul 2024 01:22:22 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3
Size
26 kB (26124 bytes)
Hash
ccf0a8761cb92c339edd47350f9c691f
5fa2e0f76455d2db006faa14c0f74ee7ab297c34
b9dbf04832cfbed3c2d2a44d1545d78802c922983e6ec1e404955b4c0c245bbb

HTTP Headers

GET /i/02/07611/h7zka1zdif8f.jpg?v=1715321667 HTTP/1.1
Host: str29.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 10 May 2024 06:14:29 GMT
content-type: image/jpeg
content-length: 26124
last-modified: Thu, 09 May 2024 12:53:26 GMT
etag: "663cc746-660c"
expires: Fri, 24 May 2024 06:14:29 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/twitter.js

104.22.71.197

200 OK

7.3 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (645), with no line terminators
Size
7.3 kB (7308 bytes)
Hash
ca05cf90bd32d6134c0b92464c343f9a
187feb5cc71d225717838268487a0abc9b8d405c
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=of%2BOFJqNJkY7ReJGTc0wv1ryNFLTjGY3LX7PKsOOUn9g7Xr6aoKuSATAGyDIH7Zf4MpzXXQFoUEXUpJeXTxqxNtJKTeSDKhgdsPGw8IydUUONlbmPgKaijirBcpyf%2BxsH8tO3D%2FDXh49hz6HMXVeX2iN"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17061
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13dacc8d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d6391c261d87bdc9fd1454c707300f85
9c0ce7b9062684b742490a6d100d85d256567cb7
6fbdd8f33613fb403b7c4dfe2b35edd8b08ffba87ff52b0217bf94ad78826e37

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=8320c149-da6a-4b98-990c-25141459c846:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

videzz.net/favicon.ico?v=2

78.142.18.54

200 OK

768 B

URL GET HTTP/2
videzz.net/favicon.ico?v=2
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
768 B (768 bytes)
Hash
800ad997da1ddbc8a75e365f4dade11d
17c52473852c3e26fda9c49ed97af821d403084c
534096ae60596f239b2edf34292172db3c3059792c979f9ed387cf522da247a7

HTTP Headers

GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1; file_id=38056930; aff=201428; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; _ga_HEX1BG8H46=GS1.1.1715321669.1.0.1715321670.59.0.0; _ga=GA1.1.1551304694.1715321670; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:30 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:27 GMT
vary: Accept-Encoding
etag: W/"662ca993-47e"
expires: Sun, 09 Jun 2024 06:13:29 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

suggestnotegotistical.com/pixel/purst?dl=0&th=0&sc=0&rs=2540&rd=2540&fd=871&bv=24.5.6485&tmpl=136

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
suggestnotegotistical.com/pixel/purst?dl=0&th=0&sc=0&rs=2540&rd=2540&fd=871&bv=24.5.6485&tmpl=136
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectsuggestnotegotistical.com
FingerprintB9:F2:18:7D:EF:DF:11:24:D4:01:92:F9:F6:21:1F:D0:DB:21:CC:9C
ValidityMon, 06 May 2024 08:12:38 GMT - Sun, 04 Aug 2024 08:12:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2540&rd=2540&fd=871&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: suggestnotegotistical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1551304694.1715321670&gtm=45je4580v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=665463567

172.217.21.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1551304694.1715321670&gtm=45je4580v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=665463567
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1551304694.1715321670&gtm=45je4580v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=665463567 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 06:14:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4580v9104348843za200&_p=1715321668644&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1551304694.1715321670&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715321669&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&dt=Watch%20grcs%20sgnt%201x06%20m720p%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2675

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4580v9104348843za200&_p=1715321668644&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1551304694.1715321670&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715321669&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&dt=Watch%20grcs%20sgnt%201x06%20m720p%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2675
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4580v9104348843za200&_p=1715321668644&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1551304694.1715321670&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715321669&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&dt=Watch%20grcs%20sgnt%201x06%20m720p%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2675 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Fri, 10 May 2024 06:14:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d6391c261d87bdc9fd1454c707300f85
9c0ce7b9062684b742490a6d100d85d256567cb7
6fbdd8f33613fb403b7c4dfe2b35edd8b08ffba87ff52b0217bf94ad78826e37

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=8320c149-da6a-4b98-990c-25141459c846:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d6391c261d87bdc9fd1454c707300f85
9c0ce7b9062684b742490a6d100d85d256567cb7
6fbdd8f33613fb403b7c4dfe2b35edd8b08ffba87ff52b0217bf94ad78826e37

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=8320c149-da6a-4b98-990c-25141459c846:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
0afbc42662d610b514f5be89bfd0d53a
0e5f0faddf5910a3c68deb940bb23924d244f1ff
a850e0db4b9fad13d0cb77a0f6599bfaf2d068dea62db64a43c06dadb12bbc38

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxH%2BZaltvugVk64Jr5A6BRacWGBlwRfRKiLzr7eOLeQdXvaaD7kHuZNU09fgLyPdWO5pV94X7qmuzlHVXUTk%2BV42vgkh0rESBtbUWjPhAw%2Br8DLrB5mT8n%2Brd5SzKe0TlQysMW8rhaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca1608c056b4-OSL
alt-svc: h3=":443"; ma=86400

foreignassertive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl9%2BJ4VF3ZsIAyIoLJPunknPjIsE191IMG7WXUVBUau7qidlqruaqq7uyZyCAdnj4MWjnW%2BSDa6Lf0DwIGZlsuBCUMjsKQdz8yKIB2HPMmPY4IPu9159X8H3vlefbNsT4sPS48uvq4GQks4vNNz68%2B943sX6ikhtv97vBB8ErYt1XbzYDRruC%2FVXebSu5n3Xc13P9epLQvNY9eenIER2p%2Bs1um6j5Te8hRb6%2Br%2B9sQ4MdcCKE%2FIkBJvM3XPOQ0RjpMk3l7lZz1V24UpiJc2VRsH23krXU1WmSM7KWDuI071TNpQ5WtqHSndncqGKR8RQTIjz8z7CdO9UJMJiZ6YzlOApQvYYymIMLscQdIxIbUGwIwJEDFdXkSa3ripd0o1%2FUTpFJ2Tu4d8Q5YTM%2FXYeafLVJSn69RtK2lyo1KAfVxD9MURvjMweIB%2FUIMoDRPnHEOxXMv9wBWmys2qkgmDVbHYhxhDxGJIPQY0DO%2F2EAxs7sJmDhB3XI8%2Fz2i6LqNvpRlGTtXkYMNej7dijnht0YKOpvCHybIhIDhHpTWR6E%2BtiCG1%2FglmrYJgDk0%2BI88YmClah5ASlISgpQSkIypygLKpdJo1vqltMGht6p9k%2Fzc1qpPLeNt1VeY%2BnBFQPoVm1nZ2QJ6b%2BOM%2FWfKzz43rMWm4YdHzqLvAWpXGr02V%2BN3C95oJLaRDAiArC1GYjD8SEPBd%2Fj0xMyOP3CUJ6ACMPEImnQO0zoGUFulZhkH6dUJE2CsHUgDZSnoOpClk%2Bh3zD2ZYn5OnZkla3DHh0uPjXUXLulwfvI9IVMl3hI3GPoCdvjq6rkuxcV6Uh365muUjEgE4XeCOnOf%2F%2F7df4Rqk0W75shl%2B8HE2BaXnnTW7yFZoykfYM%2BfKSYIzrJaUjTn5cNm%2Fz8Jo1a5esTm22cu2VpeUk09wYodIxqDi68hkiMSHn7r43e5kX3v0dQo%2BhbYXEHpLTgFAHiLJNmOxw8c%2FFu2sfXrwNowi0POOEmYPSViPth2eHUhBIftbTsILhh4t%2FfL5f3P%2Bui5A%2FsmOk6fQ2FdW2uYmeroHmW0iTCoWuUMgKVA5h7P9GeaYPFx80Z4FQ1kah1LWdUGr56czk6c%2FCiON6u9l0adBd8Nptytthy%2B%2FEgcco9VuBHwS0idxM4pd%2BWPoHAAD%2F%2FwEAAP%2F%2Fu%2FOpVnMEAAA%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
foreignassertive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl9%2BJ4VF3ZsIAyIoLJPunknPjIsE191IMG7WXUVBUau7qidlqruaqq7uyZyCAdnj4MWjnW%2BSDa6Lf0DwIGZlsuBCUMjsKQdz8yKIB2HPMmPY4IPu9159X8H3vlefbNsT4sPS48uvq4GQks4vNNz68%2B943sX6ikhtv97vBB8ErYt1XbzYDRruC%2FVXebSu5n3Xc13P9epLQvNY9eenIER2p%2Bs1um6j5Te8hRb6%2Br%2B9sQ4MdcCKE%2FIkBJvM3XPOQ0RjpMk3l7lZz1V24UpiJc2VRsH23krXU1WmSM7KWDuI071TNpQ5WtqHSndncqGKR8RQTIjz8z7CdO9UJMJiZ6YzlOApQvYYymIMLscQdIxIbUGwIwJEDFdXkSa3ripd0o1%2FUTpFJ2Tu4d8Q5YTM%2FXYeafLVJSn69RtK2lyo1KAfVxD9MURvjMweIB%2FUIMoDRPnHEOxXMv9wBWmys2qkgmDVbHYhxhDxGJIPQY0DO%2F2EAxs7sJmDhB3XI8%2Fz2i6LqNvpRlGTtXkYMNej7dijnht0YKOpvCHybIhIDhHpTWR6E%2BtiCG1%2FglmrYJgDk0%2BI88YmClah5ASlISgpQSkIypygLKpdJo1vqltMGht6p9k%2Fzc1qpPLeNt1VeY%2BnBFQPoVm1nZ2QJ6b%2BOM%2FWfKzz43rMWm4YdHzqLvAWpXGr02V%2BN3C95oJLaRDAiArC1GYjD8SEPBd%2Fj0xMyOP3CUJ6ACMPEImnQO0zoGUFulZhkH6dUJE2CsHUgDZSnoOpClk%2Bh3zD2ZYn5OnZkla3DHh0uPjXUXLulwfvI9IVMl3hI3GPoCdvjq6rkuxcV6Uh365muUjEgE4XeCOnOf%2F%2F7df4Rqk0W75shl%2B8HE2BaXnnTW7yFZoykfYM%2BfKSYIzrJaUjTn5cNm%2Fz8Jo1a5esTm22cu2VpeUk09wYodIxqDi68hkiMSHn7r43e5kX3v0dQo%2BhbYXEHpLTgFAHiLJNmOxw8c%2FFu2sfXrwNowi0POOEmYPSViPth2eHUhBIftbTsILhh4t%2FfL5f3P%2Bui5A%2FsmOk6fQ2FdW2uYmeroHmW0iTCoWuUMgKVA5h7P9GeaYPFx80Z4FQ1kah1LWdUGr56czk6c%2FCiON6u9l0adBd8Nptytthy%2B%2FEgcco9VuBHwS0idxM4pd%2BWPoHAAD%2F%2FwEAAP%2F%2Fu%2FOpVnMEAAA%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl9%2BJ4VF3ZsIAyIoLJPunknPjIsE191IMG7WXUVBUau7qidlqruaqq7uyZyCAdnj4MWjnW%2BSDa6Lf0DwIGZlsuBCUMjsKQdz8yKIB2HPMmPY4IPu9159X8H3vlefbNsT4sPS48uvq4GQks4vNNz68%2B943sX6ikhtv97vBB8ErYt1XbzYDRruC%2FVXebSu5n3Xc13P9epLQvNY9eenIER2p%2Bs1um6j5Te8hRb6%2Br%2B9sQ4MdcCKE%2FIkBJvM3XPOQ0RjpMk3l7lZz1V24UpiJc2VRsH23krXU1WmSM7KWDuI071TNpQ5WtqHSndncqGKR8RQTIjz8z7CdO9UJMJiZ6YzlOApQvYYymIMLscQdIxIbUGwIwJEDFdXkSa3ripd0o1%2FUTpFJ2Tu4d8Q5YTM%2FXYeafLVJSn69RtK2lyo1KAfVxD9MURvjMweIB%2FUIMoDRPnHEOxXMv9wBWmys2qkgmDVbHYhxhDxGJIPQY0DO%2F2EAxs7sJmDhB3XI8%2Fz2i6LqNvpRlGTtXkYMNej7dijnht0YKOpvCHybIhIDhHpTWR6E%2BtiCG1%2FglmrYJgDk0%2BI88YmClah5ASlISgpQSkIypygLKpdJo1vqltMGht6p9k%2Fzc1qpPLeNt1VeY%2BnBFQPoVm1nZ2QJ6b%2BOM%2FWfKzz43rMWm4YdHzqLvAWpXGr02V%2BN3C95oJLaRDAiArC1GYjD8SEPBd%2Fj0xMyOP3CUJ6ACMPEImnQO0zoGUFulZhkH6dUJE2CsHUgDZSnoOpClk%2Bh3zD2ZYn5OnZkla3DHh0uPjXUXLulwfvI9IVMl3hI3GPoCdvjq6rkuxcV6Uh365muUjEgE4XeCOnOf%2F%2F7df4Rqk0W75shl%2B8HE2BaXnnTW7yFZoykfYM%2BfKSYIzrJaUjTn5cNm%2Fz8Jo1a5esTm22cu2VpeUk09wYodIxqDi68hkiMSHn7r43e5kX3v0dQo%2BhbYXEHpLTgFAHiLJNmOxw8c%2FFu2sfXrwNowi0POOEmYPSViPth2eHUhBIftbTsILhh4t%2FfL5f3P%2Bui5A%2FsmOk6fQ2FdW2uYmeroHmW0iTCoWuUMgKVA5h7P9GeaYPFx80Z4FQ1kah1LWdUGr56czk6c%2FCiON6u9l0adBd8Nptytthy%2B%2FEgcco9VuBHwS0idxM4pd%2BWPoHAAD%2F%2FwEAAP%2F%2Fu%2FOpVnMEAAA%3D HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40507340c1f38b684dd2edef27b06870
Strict-Transport-Security: max-age=0; includeSubdomains

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

104.17.25.14

200 OK

5.1 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17660)
Size
5.1 kB (5117 bytes)
Hash
12dd498bf90c536803c2aad708b66c2b
5f9363d39a405d1c94328cf2303ff4a05c0ad163
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

HTTP Headers

GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 15775
expires: Wed, 30 Apr 2025 06:14:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGCkAahc1lKZSoJ20wSwqkUtfk6yPR21BmA6fPkwl0LFbxrFuPVTKKxFSvItMTu75m9ZirkEoSGrCtg%2Fvzgz%2Bje%2BWLLpyYU6QepHf9Z6MSMqMfK4ymHIPe6Fa6QXepVazOXLGp0G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8817ca1c1e4c5685-OSL
alt-svc: h3=":443"; ma=86400

xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570

173.239.53.20

302 Found

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://serosaharlem.com/ij70IKIf4Ueonvwm/57128

foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=79

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=79
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=79 HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

bid.bidclickmedia.com/load

172.67.205.77

302 Found

722 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with very long lines (306)
Size
722 B (722 bytes)
Hash
1608b0c62d7fbb3680879d817819bf30
15b8c3677ec329cd582095641843ddf9f2c52989
c8cd58545ed30e741436f941951cf27325682f4ccbaed33f337f9b2ec15bcda1

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mqCQ74pOAIrGf9tDoqq%2BxnM0VNlO5xUpIrT8dNlz3zp50FfqNnoykFXC%2FSJkYGJ1%2FzhqZ%2Bz%2FA3qi%2FfPp02vTQt29IADNZYhQ8nizcyxmwL55t3SJx0ASIG6vg5saY1qnEojEtUIfgQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca150fbf56b4-OSL
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhHXCvRa2VfepZgqNm02Sxb5oiqvzayi9nj9nIO1QiGPjxs%2BqKWUU6v%2F7v68Dse6WwsyJOZyHQ3EIoos8u6%2BJdVn1Dhkb3USPVlLfMptD6CotoR6UVohC1AW2uwgOTjNvdoz4h6CUxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca15c88656b4-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css

172.67.141.24

200 OK

207 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
gzip compressed data, from Unix
Size
207 kB (207344 bytes)
Hash
b3cf7047729949d98380ec4913201c37
e8c72740beae6bd44559ba0079d222a6b70a75b4
8d20d661466dc63c5eec4aac933a72fd0bcb48d453c827b85bee17082847daed

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 803857
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcgZSbNlosz2d8dfXilFvJbFZaJpFuz9frGLjqHwGHghvb4aBxPsJlXMpNRS1DJWq%2Bsf6gGbkPkxyEtyus%2FQgn1KoNH8jbWkkSoklaQ8WYGFT2%2BkebK%2F5YDqZDWdIbe8AoogHwkElJh7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1c683cb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4

172.67.141.24

206 Partial Content

34 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
34 kB (34238 bytes)
Hash
69e52ff16a779d8ab66a1156cc50ab23
27f8897a2acc3bcfd319c267d137aaa4650fb3c5
2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 10 May 2024 06:14:31 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 819289
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sG53bt8CzmhIV1rbWxlaiSog5CtJdkErPu9taHqs%2BOnQiIUvB5NVRfnFui5m4IHG%2BIIxFeqNDGEzZPOfzIRome01ddn4R9M81C358rlqSZQ0jaqx2DnVlK%2Bilqu4zdPTyRlMpXIqoB9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1d295a5689-OSL
alt-svc: h3=":443"; ma=86400

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xml-click-oax.adstork.com/nrtb/click?bid=PcGF8RuFPOLLTtap5LNt1XQClb-aF3SdxvRtCb93rmWuYWoziF8QaUDK8LgVTrvq_0_42

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js

172.67.141.24

200 OK

3.7 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
Unicode text, UTF-8 text
Size
3.7 kB (3748 bytes)
Hash
d943b190d575fbacd2190a6c68ac5414
612abd865a7368e2af9f36be39ea79d3fac0bd15
78dfd0ad0dde93524dbca9e6e500bac9027b762e1d8d0b94574b75a654704ff8

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 122647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxGj5rx4Bu6yEL2BX2T4vI7B5IdQXuMVFHFmhzy%2FcCN6RCZBzb5TZO8CWkiogejVnEAvcLe4OdLhXi%2BTSKpVwd7SlC3n6Q3yJoEd%2BRVCTpU0LR9zaJpmho%2FxWUgihsae4ciqlowuI75z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1c6839b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ossgogoaton.com/tag.min.js

188.114.96.1

200 OK

26 kB

URL GET HTTP/2
ossgogoaton.com/tag.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectossgogoaton.com
FingerprintDE:B3:2A:B0:2A:4A:C3:F8:A3:3F:5B:C6:96:E6:F1:41:55:B4:87:1E
ValiditySat, 04 May 2024 10:37:16 GMT - Fri, 02 Aug 2024 10:37:15 GMT

File type
JavaScript source, ASCII text, with very long lines (65494)
Size
26 kB (25648 bytes)
Hash
e56d22d4b078f2116acde5468a10ed4b
1bd53f708a56defabe094073b88a3114e313ae98
a2efe5c73146fd67ce971a6c328f742f4a631f03c79d0827391a2db2a25cae19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 467ef39b7dedd00fb0ad039f6ca6909f
cache-control: max-age=86400
last-modified: Thu, 09 May 2024 10:30:11 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 10 May 2024 20:57:16 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 33435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1qrTHqwEGMtA7MytJDS6SaQSyCQ1oaT%2B%2BUE%2FO9gMoMJQH7UY5JeO2sL63o3p2l0JRaMfKOB3CYGwtOcyXDFW5LySMOPoHxx1sxusQkWxASl1zlsdN9pbOzglXCLZobCblg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1d89a25689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
4809a9602dd55d531906123e570b6d77
626fe0b9eeeda00a0ce401ee5a4e13f8256facb9
046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZwCTpEoYXXA%2F7uSuKk9WmMYITUdEqbjOz6%2FB0tTAKhwiq0vLTupAX%2F2rrNJFyJrZhAIfIL4BQmBoF6YVULZ%2F8Xaj2kCVW4u%2FsgS7UyIe6fi%2Fhr6K8rpPshdXZgIlhC6pokNWzS1dlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca14af7856b4-OSL
alt-svc: h3=":443"; ma=86400

foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=77

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=77
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=77 HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428

135.181.208.216

200 OK

483 B

URL GET HTTP/2
dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
HTML document, ASCII text, with very long lines (373)
Size
483 B (483 bytes)
Hash
c5ebad7c308f2af218bae00287968049
fcb09f402fbe77de0017e9f1b27081b61c71b586
9b6d33f535c1ea175545849d39fe14fddc99fc7138e11b96b87605079514b590

HTTP Headers

GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=Y8BSYWZbL1xrb6mUjG2P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDm%2BFvKwY4PqtC8XwtPI4RBsy24CH%2FcZuMJWM18FL6EPTBAqR%2B1CaI8BlwQyWc6bom5ZT%2FczjocEIw2zCI5RLkGViO21EE73AyHgRIZkAiZOH3jhWWHt8j1OJeVBONrzVEy2tQpJ%2BWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca15884456b4-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 506754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 101971
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=85

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=85
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=85 HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

foreignassertive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl9%2BJ4VF3ZsIAyIoLJPu%2BZcZFwmuu5Fg3Ky7ioKiVldVT8pUdzVVXd2TOQUDssfBi0c73yQbXBf%2FgOBBzMpkwYWgkNlTDubmRRAPwp5lxrDBB93vvfq%2Bgu99rz7ZdiekDkePL7%2BuB1IpOt%2Bq%2BdXn3wmCi9UVmbh%2Btd9pf9BuXqya%2FMVuu%2Ba%2FUH1VsHU9X%2FcD3w%2F8oLokjYh0f34KQqZ3ukGt69ea9VrQaqJv%2Fttb58FSDzw%2FIU9C8sncPe88JBsjib%2B5LOx6ptMLV2KnaKYNcr73VrKe6CJBfFZGxkOU7J2yoe3R0j50sjuTC50%2FIoZyQryf9xEme6ciEeY7M52hgkgQ8sdQ5GMINYakYzC9BcmPCMA4rq4iiW9d1aagG%2F%2BidIpOyNzDvyGLCZn77TyS%2BKtLSvarN7RymdSJRT8qIftjyN4YqTtANqhAFgdg2ceQ%2FFcy%2F3AFSbyzapWG5OVsdinHkNEYSgxBrQc3%2FaQHF3lwqYeYH1dZEAQLPmfU73QZa%2FAFEba5H9CFKKCB3%2B7Asam8IbJ0CKaGYGYTqdnEuhzCuJ9g10pY7sFmE%2BK9sYmclygEQWEJCkpQSIIiIyjycpcrW7flLa6sC4PTXD%2FNjXKks9423dVZTyQE1AxheLmdnpAnpv54z1bqWBfH1Yg3%2FbDdqVO%2FJZqURs1Ol9e7bT9otHxK221YWULaymzkgZyQ56LvkcoJefw%2BQUgPYNUBmHwK1D0DWpSgayUGydcxlUktl1wPaC0RGbgukWZzyDa8bXVCnp4taXXLQrDDxb%2BO4nO%2FPHgfzJRITYmP5D2Cnro5uq4LsnNdF5Z8u5pmMpYDOl3gjYxm4v%2B3XxMbhTZ8%2BbIdfvEymwLT8s6bwmYrNOEy6Vny5SXJuTBL2jBBfly2b4vwmrNrl5xJXLpy7ZWl5Tg1wlqpkzGoPLryGZickHN335u9zAvv%2Fg5pxjCuROwOyWlA6gOwdBM2PVz8c%2FHu2ocXb8NqAqPOOGHqoXDlyNTDs0MlCZQ462lYworDxT8%2B38%2Fvf9dFKB7ZMTJ0epvKctveRM9UQLMtJHGJ3JTIVQmqhrDuf6MsNYeLDxqzQKgqo1CZyk6ojPp0ZvL052DlcbXh84VQRGIhFM1WMxKMh61W6LOIhQ3e6TBkdhK99MPSPwAAAP%2F%2FAQAA%2F%2F87J3y%2BcwQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
foreignassertive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl9%2BJ4VF3ZsIAyIoLJPu%2BZcZFwmuu5Fg3Ky7ioKiVldVT8pUdzVVXd2TOQUDssfBi0c73yQbXBf%2FgOBBzMpkwYWgkNlTDubmRRAPwp5lxrDBB93vvfq%2Bgu99rz7ZdiekDkePL7%2BuB1IpOt%2Bq%2BdXn3wmCi9UVmbh%2Btd9pf9BuXqya%2FMVuu%2Ba%2FUH1VsHU9X%2FcD3w%2F8oLokjYh0f34KQqZ3ukGt69ea9VrQaqJv%2Fttb58FSDzw%2FIU9C8sncPe88JBsjib%2B5LOx6ptMLV2KnaKYNcr73VrKe6CJBfFZGxkOU7J2yoe3R0j50sjuTC50%2FIoZyQryf9xEme6ciEeY7M52hgkgQ8sdQ5GMINYakYzC9BcmPCMA4rq4iiW9d1aagG%2F%2BidIpOyNzDvyGLCZn77TyS%2BKtLSvarN7RymdSJRT8qIftjyN4YqTtANqhAFgdg2ceQ%2FFcy%2F3AFSbyzapWG5OVsdinHkNEYSgxBrQc3%2FaQHF3lwqYeYH1dZEAQLPmfU73QZa%2FAFEba5H9CFKKCB3%2B7Asam8IbJ0CKaGYGYTqdnEuhzCuJ9g10pY7sFmE%2BK9sYmclygEQWEJCkpQSIIiIyjycpcrW7flLa6sC4PTXD%2FNjXKks9423dVZTyQE1AxheLmdnpAnpv54z1bqWBfH1Yg3%2FbDdqVO%2FJZqURs1Ol9e7bT9otHxK221YWULaymzkgZyQ56LvkcoJefw%2BQUgPYNUBmHwK1D0DWpSgayUGydcxlUktl1wPaC0RGbgukWZzyDa8bXVCnp4taXXLQrDDxb%2BO4nO%2FPHgfzJRITYmP5D2Cnro5uq4LsnNdF5Z8u5pmMpYDOl3gjYxm4v%2B3XxMbhTZ8%2BbIdfvEymwLT8s6bwmYrNOEy6Vny5SXJuTBL2jBBfly2b4vwmrNrl5xJXLpy7ZWl5Tg1wlqpkzGoPLryGZickHN335u9zAvv%2Fg5pxjCuROwOyWlA6gOwdBM2PVz8c%2FHu2ocXb8NqAqPOOGHqoXDlyNTDs0MlCZQ462lYworDxT8%2B38%2Fvf9dFKB7ZMTJ0epvKctveRM9UQLMtJHGJ3JTIVQmqhrDuf6MsNYeLDxqzQKgqo1CZyk6ojPp0ZvL052DlcbXh84VQRGIhFM1WMxKMh61W6LOIhQ3e6TBkdhK99MPSPwAAAP%2F%2FAQAA%2F%2F87J3y%2BcwQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl9%2BJ4VF3ZsIAyIoLJPu%2BZcZFwmuu5Fg3Ky7ioKiVldVT8pUdzVVXd2TOQUDssfBi0c73yQbXBf%2FgOBBzMpkwYWgkNlTDubmRRAPwp5lxrDBB93vvfq%2Bgu99rz7ZdiekDkePL7%2BuB1IpOt%2Bq%2BdXn3wmCi9UVmbh%2Btd9pf9BuXqya%2FMVuu%2Ba%2FUH1VsHU9X%2FcD3w%2F8oLokjYh0f34KQqZ3ukGt69ea9VrQaqJv%2Fttb58FSDzw%2FIU9C8sncPe88JBsjib%2B5LOx6ptMLV2KnaKYNcr73VrKe6CJBfFZGxkOU7J2yoe3R0j50sjuTC50%2FIoZyQryf9xEme6ciEeY7M52hgkgQ8sdQ5GMINYakYzC9BcmPCMA4rq4iiW9d1aagG%2F%2BidIpOyNzDvyGLCZn77TyS%2BKtLSvarN7RymdSJRT8qIftjyN4YqTtANqhAFgdg2ceQ%2FFcy%2F3AFSbyzapWG5OVsdinHkNEYSgxBrQc3%2FaQHF3lwqYeYH1dZEAQLPmfU73QZa%2FAFEba5H9CFKKCB3%2B7Asam8IbJ0CKaGYGYTqdnEuhzCuJ9g10pY7sFmE%2BK9sYmclygEQWEJCkpQSIIiIyjycpcrW7flLa6sC4PTXD%2FNjXKks9423dVZTyQE1AxheLmdnpAnpv54z1bqWBfH1Yg3%2FbDdqVO%2FJZqURs1Ol9e7bT9otHxK221YWULaymzkgZyQ56LvkcoJefw%2BQUgPYNUBmHwK1D0DWpSgayUGydcxlUktl1wPaC0RGbgukWZzyDa8bXVCnp4taXXLQrDDxb%2BO4nO%2FPHgfzJRITYmP5D2Cnro5uq4LsnNdF5Z8u5pmMpYDOl3gjYxm4v%2B3XxMbhTZ8%2BbIdfvEymwLT8s6bwmYrNOEy6Vny5SXJuTBL2jBBfly2b4vwmrNrl5xJXLpy7ZWl5Tg1wlqpkzGoPLryGZickHN335u9zAvv%2Fg5pxjCuROwOyWlA6gOwdBM2PVz8c%2FHu2ocXb8NqAqPOOGHqoXDlyNTDs0MlCZQ462lYworDxT8%2B38%2Fvf9dFKB7ZMTJ0epvKctveRM9UQLMtJHGJ3JTIVQmqhrDuf6MsNYeLDxqzQKgqo1CZyk6ojPp0ZvL052DlcbXh84VQRGIhFM1WMxKMh61W6LOIhQ3e6TBkdhK99MPSPwAAAP%2F%2FAQAA%2F%2F87J3y%2BcwQAAA%3D%3D HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f2e926d7e0cdd97d28acac900e524fc4
Strict-Transport-Security: max-age=0; includeSubdomains

foreignassertive.com/pixel/sbs?c=1

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
foreignassertive.com/pixel/sbs?c=1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=8320c149-da6a-4b98-990c-25141459c846&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=8320c149-da6a-4b98-990c-25141459c846&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8320c149-da6a-4b98-990c-25141459c846&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc5e1811c39068ec70dcf813f95df9fb
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=8320c149-da6a-4b98-990c-25141459c846&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=8320c149-da6a-4b98-990c-25141459c846&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8320c149-da6a-4b98-990c-25141459c846&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7a097509d294a63cad421e9ff23486b
Strict-Transport-Security: max-age=0; includeSubdomains

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7

104.18.11.207

200 OK

7.5 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
7.5 kB (7480 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ba1343eb3e49a0961974f5c12bb3dd9d
cdn-cache: HIT
cf-cache-status: HIT
age: 819324
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca08ba4556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=008058fc10134ab0f5cce6a3812c0f38

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008058fc10134ab0f5cce6a3812c0f38
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
cf290b5d7c79c4b03e0d288cdb7f7148
4b8d93883baeb89aa65708830a811fe26100d56f
95e0d384c2c28a8b3bd123fa7b705c785208e8e8edd14a7c5b32b051524b00ff

HTTP Headers

GET /gid.js?userId=008058fc10134ab0f5cce6a3812c0f38 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008058fc10134ab0f5cce6a3812c0f38; expires=Sat, 10 May 2025 06:14:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

xml-click-oax.adstork.com/nrtb/click?bid=PcGF8RuFPOLLTtap5LNt1XQClb-aF3SdxvRtCb93rmWuYWoziF8QaUDK8LgVTrvq_0_42

23.226.122.79

302 Found

152 B

URL GET HTTP/2
xml-click-oax.adstork.com/nrtb/click?bid=PcGF8RuFPOLLTtap5LNt1XQClb-aF3SdxvRtCb93rmWuYWoziF8QaUDK8LgVTrvq_0_42
IP
23.226.122.79:443
ASN
#29802 HVC-AS

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.adstork.com
Fingerprint90:C7:C6:2C:5F:EF:4A:42:2C:2D:9A:35:14:D4:1B:8B:73:B6:E3:86
ValiditySun, 21 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
152 B (152 bytes)
Hash
8aafaf71e6ef85ff6b203db90fdfd491
18bcf920caf22f6bac66187e130b2f3974c1f9d9
8b2c69bbfcc2e2eeeddd24c574c9e899a208edf94cd6d1c2e13711405a38cf61

HTTP Headers

GET /nrtb/click?bid=PcGF8RuFPOLLTtap5LNt1XQClb-aF3SdxvRtCb93rmWuYWoziF8QaUDK8LgVTrvq_0_42 HTTP/1.1
Host: xml-click-oax.adstork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:31 GMT
content-type: text/html; charset=utf-8
content-length: 152
location: https://latest-557263.techlink.icu/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715321640000-4844
X-Firefox-Spdy: h2

latest-557263.techlink.icu/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715321640000-4844

206.54.181.250

200 OK

359 B

URL GET HTTP/1.1
latest-557263.techlink.icu/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715321640000-4844
IP
206.54.181.250:443
ASN
#35415 Webzilla B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subject*.techlink.icu
FingerprintAB:9E:26:A3:FB:44:C8:1A:7E:AD:83:6B:F1:E5:62:24:EF:61:73:68
ValidityThu, 09 May 2024 07:23:10 GMT - Wed, 07 Aug 2024 07:23:09 GMT

File type
HTML document, ASCII text
Size
359 B (359 bytes)
Hash
38fe502ed9908bfc7ba8e87fae387e2f
2fa4deef9cdc2e8e1b58fb092410d7d41d9993c7
5d2c8c2f0440163d37213e6b2782b610aff795c0edb2fc37265e6f45bdffa451

HTTP Headers

GET /click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715321640000-4844 HTTP/1.1
Host: latest-557263.techlink.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
set-cookie: clickId_557263=1715321640000-67; path=/; samesite=none; secure; httponly
date: Fri, 10 May 2024 06:14:32 GMT
connection: close
transfer-encoding: chunked

cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419

139.45.197.236

200 OK

36 kB

URL GET HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
gzip compressed data, max speed, from Unix
Size
36 kB (36135 bytes)
Hash
88ac6a5fb07788f0d2df25adfdabb70c
2a3ebdc71ecd3fe01e7a4861f58182e1dbc898af
4fc13b9fa183e526cd9962e2ab9e6a49d295100cc56ef0dfc1e612636afbf303

HTTP Headers

GET /apu.php?zoneid=5902452&var=5708419 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:32 GMT
content-type: application/javascript
x-trace-id: 645061da2c46eebf9d6d83111412bdb0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080586028da44dbffe88745e73e7922; expires=Sat, 10 May 2025 06:14:32 GMT; path=/; secure; SameSite=None
oaidts=1715321672; expires=Sat, 10 May 2025 06:14:32 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/viber.js

104.22.71.197

200 OK

520 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/viber.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1003), with no line terminators
Size
520 B (520 bytes)
Hash
aeffbbeba6dd343b89fdc22cdf23f8c8
7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7
c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee

HTTP Headers

GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iicQbwGEHHrK3RDo3shrscmwAMh9sdIE8ZECJ6rKYeNRuVJQ6eZiFAt6v7y6sfaQIrFcOVt%2BlZ4YQjSbBXJe4JDoeFqbroHk0uUpfuYk1etpI2uFy2KkA3mYgvYBX%2B09dsahda32%2F4m%2FYSvygj%2BX%2FW96"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5823
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13dace8d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTR%2FbRCKqiQkrUpt1mBSo1tK8Q1Afr%2B9Pa6kViRUF2C4J3%2BphFjZZgJRhu4WW4H%2B1iwPBz%2B7Z4OXONhouezKw8gatqpDTrcyGiilO0Upl7PGqj%2FaqIZQj5%2FcJO2O6ACpTEV7WNh4UBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca15581256b4-OSL
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/whatsapp.js

104.22.71.197

200 OK

965 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1108), with no line terminators
Size
965 B (965 bytes)
Hash
0e8b3ac6bda5451ff39c5ecd6d7b3873
fb477a11167000a30e45369e686ec43dd62d026b
c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDtnzInEvmSQ1lyzQ9SqLm%2BJwB7wI7EKsl2H53jNm2zZIris0WY2BcEyArwnJ79RbnhpElLqcnNKcPtXHvkJVzoGYJWrQp%2FwAbGRbC9tYi1uVDUfeM8ICNWQ5cvX4TlvLwUedO%2FE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11027
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13dacf8d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html

104.26.7.19

200 OK

7.7 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html
IP
104.26.7.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
7.7 kB (7738 bytes)
Hash
988cd00695890a395de736ef1f43180a
fc35045adb5a0bb89e9150574db517cffb44b0c9
100f83963832c14a85c4d7095f0279b0962b83ee6323481ece9b1b2b39515036

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 122647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P472OMwSSERDcUggiHOxyudKelcYoxEnitPyWafGW7eWdn5SAI2XDDpUozB3kpxUCdw3Id9mf%2FH7ousoy%2Fjg0C8%2FwpgMg4kr7zq31RyJlYkg2mizo7BtZmCtY2Fy7HLXlWUiIUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1b9e7e569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US

54.230.111.124

82 B

URL
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
JSON text data
Size
82 B (82 bytes)
Hash
4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3

HTTP Headers

GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Fri, 10 May 2024 05:58:02 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: 122e3a3c4d7743eab72ec4577a449b31
content-security-policy: style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; media-src https://videos.cdn.mozilla.net; connect-src 'self' https://*.google-analytics.com; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; default-src 'none'; form-action 'self'; child-src https://www.recaptcha.net/recaptcha/; font-src 'self' https://addons.mozilla.org/static-server/; frame-src https://www.recaptcha.net/recaptcha/; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; object-src 'none'; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uFm-M3jn2dp3sI9w7icb_FfVqp_dvIm1Mk0FK44r0dLk1WWFIglOFg==
age: 1013
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

42 B

URL
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text
Size
42 B (42 bytes)
Hash
f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f

HTTP Headers

GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:56 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4580v9104348843z8832020053za200&_p=1715321668644&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1551304694.1715321670&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1715321669&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&dt=Watch%20grcs%20sgnt%201x06%20m720p%20mp4&en=error_network&tfd=30241

216.239.32.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4580v9104348843z8832020053za200&_p=1715321668644&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1551304694.1715321670&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1715321669&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&dt=Watch%20grcs%20sgnt%201x06%20m720p%20mp4&en=error_network&tfd=30241
IP
216.239.32.36:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4580v9104348843z8832020053za200&_p=1715321668644&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1551304694.1715321670&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1715321669&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&dt=Watch%20grcs%20sgnt%201x06%20m720p%20mp4&en=error_network&tfd=30241 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Fri, 10 May 2024 06:14:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.addtoany.com/menu/sm.25.html

104.22.71.197

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdxjH5duhXWJKcvM14W2VzMTY33maSQa3fQdWatI%2BJOYta7s9p4rlovd0QrtIeWQh8BHsF2Fvk6YNYvdS7N2aN0C5fdMjj8rNdRxvXdjpA9hOkbHGGJVRDQpPwszaCkH6BUvATnb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 11642
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca0f88458d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

foreignassertive.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
foreignassertive.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type
JSON text data
Size
12 kB (11512 bytes)
Hash
31f44d90cefd706a631cb893fff27158
bf93a2191cb9e0be609465903e30b82198f6d384
7dd9832096120a1ba2b75f44439b2ddc57a74ae632e78fa7331bc977bb1e21d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Sat, 11 May 2024 06:14:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 06:14:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 06:14:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 06:14:30 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 06:14:30 GMT; secure; SameSite=None
slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]; expires=Fri, 10 May 2024 06:14:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51123dfc7011298f374ce2d0235500bb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css

172.67.141.24

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78693 bytes)
Hash
49a38187f94418e173e4bcc50c96dc4b
b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293
92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 803857
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdsvjApsOMLmnfUx11%2BcvbfuZFZ%2BNAT8T2yIaDTymnMo7R2%2FtrbOT8EYAWY7%2F36niLsxtD4%2BfmHQyXxEYNARM2fVUDJqpa5pLyE7oZgpcyET8xTGiB0QQvzzwYDTC4u1Dnt%2FMsMPpc%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1c682cb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/videojs.stm.5.min.js?0.0736648541069762

78.142.18.54

200 OK

7.2 kB

URL GET HTTP/2
videzz.net/js/videojs.stm.5.min.js?0.0736648541069762
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (7493), with no line terminators
Size
7.2 kB (7205 bytes)
Hash
559fdbbfb2f700ef277f69b35a097d54
df1d4bf430b37e066e4e3187d621c954d581c160
d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5

HTTP Headers

GET /js/videojs.stm.5.min.js?0.0736648541069762 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:28 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1c25"
expires: Sun, 09 Jun 2024 06:14:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Zj8D76R

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Zj8D76R
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
aa39ce14ee4ef59a81b3b1ccc7c20cfb
4037f87db53a18212b896cbe7dc03404833bd9f4
5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68

HTTP Headers

GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBZJII%2F02HIsWMwLhTg6TcJN9Bo%2Fkb%2B1cItYpvTmTHXYnO1yAm8Em9YcFES%2Bw76b0ssiC8GvnYXfYRkVDDsfeqbNUlYESauUaPW1oLSXXrOns6yLN02BnIl0YwvE7FIsLs%2FgeHCOwAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca0fc818b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aistekso.net/401/5708419

139.45.197.244

200 OK

91 kB

URL GET HTTP/2
aistekso.net/401/5708419
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (90809 bytes)
Hash
81f951388a6f4b37f103c53070974dfe
8c32f331b1102164b024728b760462afc632c9de
7ae9d25ec233dbfb488a6a729922e636d20320f815ddb19d00fc2f4780028a45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:31 GMT
content-type: application/javascript
x-trace-id: ce3a18342638ea724983eafa8b0d4e64
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0300584c617b483af27f044a460f5596; expires=Sat, 10 May 2025 06:14:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

140 kB

URL GET HTTP/2
videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type

Size
140 kB (140132 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-22364"
expires: Sun, 09 Jun 2024 06:10:46 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet

142.250.74.106

200 OK

48 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1572)
Size
48 kB (47712 bytes)
Hash
a3687ea6a1d3ef9ae1076155f59c2d4f
320d8bddae082654bfc6098b80f32289fc897531
c5995d3f22b13598156fa8427830065dd9b8883d0f15eff3ae2266f867642bc2

HTTP Headers

GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&amp;subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 06:14:28 GMT
date: Fri, 10 May 2024 06:14:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-56DK3TH

142.250.74.168

200 OK

209 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3287)
Size
209 kB (209294 bytes)
Hash
17d477a424fc62cd5c7a615536e9e885
cd7c67470b05b2cd6e399096c014bdea3c1bb91b
994b3430bf0a8d15f0a373b8bd712860be4d7c5163b39acb2cc970c762bcee7b

HTTP Headers

GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:14:28 GMT
expires: Fri, 10 May 2024 06:14:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=81

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
foreignassertive.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=81
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=81 HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

videzz.net/h7zka1zdif8f.html

78.142.18.54

200 OK

45 kB

URL User Request GET HTTP/2
videzz.net/h7zka1zdif8f.html
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
HTML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators
Size
45 kB (44677 bytes)
Hash
982a2b388cf0f489dff7de1ba28c8d67
4dcc4acf47201fac4fb3a72f23259388ece560f7
5e753cb15caab7e08d4d5dfeb61ba476807cdd9c1479268486da48622dc45561

HTTP Headers

GET /h7zka1zdif8f.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 09 May 2024 06:14:27 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Thu, 11-May-2023 06:14:27 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 06:14:31 GMT
date: Fri, 10 May 2024 06:14:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.106

200 OK

27 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (634)
Size
27 kB (26662 bytes)
Hash
b38e93359bf408137b205df1dc494995
c8a136dea93305a6be1a7341e5b1d34145415b37
24b63ecac66577632b7277c0105fedc08608171a8ca4335fa5f8e07104962320

HTTP Headers

GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 06:14:28 GMT
date: Fri, 10 May 2024 06:14:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48336, version 1.0
Size
48 kB (48336 bytes)
Hash
bfe7ad4aa54cff8909b2d7632073cc30
7c2e625bea4d449ca78cde09ab59dc6c9cb4726f
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

HTTP Headers

GET /s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 16:38:17 GMT
expires: Fri, 09 May 2025 16:38:17 GMT
cache-control: public, max-age=31536000
age: 48971
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31bV2Jy

172.67.205.77

200 OK

239 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31bV2Jy
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dg4vjHsiv%2BVmBYhYwt5oviLjGXcRoIGFJpREAcuskakMed1d4BG8syrZA59VS6y8c0MxTC0bqZI6RaxyMEvevPeoa%2BxcX1S%2BqwHz15Qht7%2FmlIOTi7yjHL%2BNO0oBYKKdLxgyvujMJxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca108932b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:30 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 62b6367329cdcc0014b693be6c355e0d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 06:14:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkOK9SKToEHfq0wrXsuy4SexifXXHn6Pm419r6MMJA2hAvuC%2Fyw0bumam%2BJplP08Uu2MCumSQvcbA6Cm%2FSQiErcZhQ0VjKpFKvJo11YWLwdckRB%2B%2Bv06UGTEiBR57pCfsAZwRWSgPj8gTz2i99CthA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca16dbee56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJ%2BIqPqmnmRODMR%2F%2FcnpHWL4%2BRbP2%2B%2F4%2FjhFjd2VEpD5tC09f8GOkIiAj%2Fzogn8Hao5eKL860%2B1xQyegITrdwwsO1TotMdBuup9nqqgtLJSx%2Bh5axz2LhAWKuH%2BFRAagHZtMdDEdSO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca0ff851b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://syndication.traffichaus.com/adserve/index.php?z=958354&ba=1424469&data=dGQ3cUp4WG5vdXRuUjR2ZTlndFdWYkt4cHBPVGd6anFXMUtUWGNGVWVwSXF2SFNKWktyK001RitiR2lWUnBUZTdNSlJZdlkwMm9aWVdIODJtZk9odjdZTVNkRmYrdmNvc2N3WlZNMEdDTSt1SWZXLzl5Nm9uTzUxOGVnUExFNXl0OHpqcm1icEhjY1Y0OGNMQzFyc3dhMEM3ZkthVFh1NzFSaXUrSmZZS29LSGpxUXZLdDJYRTZBRWRocGJ2OHFNYXROYmtZSnlpZ0ZXa0FtdzdmYWd1R1lGNHowNGk1SmNFWFEzVTZmamI3RnA5azI2TTN6SVhHenZpbmxNbEIvVWZGRks3MmI2WTVxblhIMnFLWXVzd3BUQkxCbHhVZWFCaXVDSEhHWlEyc2Y4WEFIczdHaVhKU2RqZFNUUGVuMmhPeWE5eW9lcSt2Y1ZGZ0tZTVpXYk15SFVpSmQ5a0EvWEVGSWlnbFpxKzlrWFdOc244RXg2bnUzbWhweVhlWTVGakdKNmRJUWhEY2hhRG9mYnB2UkVnL1FNS0l0L2VZQXJDYitnNlFnT2YvSUd3WDhvdk1tUElzY3MrVnRZbE80QWJMTHBSSll6aGFLVm9ZbXJWNThHUmUxaHlMMW9XaUhXS2FBakt5dU1IUUo2Wm5neHhZREprR3hxUndQTDhzNVlKbjRRU3BscDhmaUNnTmpuVjhZdE5QakhFZkpZRmtUWTRUNWhSaDNXTnkyUjJBQzRibnJCblpPVFJFQmZkVUoxQ2ZoUlpLc1ZQN1ZLN21hQnB3Q1RNMW0ySzBFbG1TOW54ZEFwQzVpL01tTT0=&rtb=1

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://syndication.traffichaus.com/adserve/index.php?z=958354&ba=1424469&data=dGQ3cUp4WG5vdXRuUjR2ZTlndFdWYkt4cHBPVGd6anFXMUtUWGNGVWVwSXF2SFNKWktyK001RitiR2lWUnBUZTdNSlJZdlkwMm9aWVdIODJtZk9odjdZTVNkRmYrdmNvc2N3WlZNMEdDTSt1SWZXLzl5Nm9uTzUxOGVnUExFNXl0OHpqcm1icEhjY1Y0OGNMQzFyc3dhMEM3ZkthVFh1NzFSaXUrSmZZS29LSGpxUXZLdDJYRTZBRWRocGJ2OHFNYXROYmtZSnlpZ0ZXa0FtdzdmYWd1R1lGNHowNGk1SmNFWFEzVTZmamI3RnA5azI2TTN6SVhHenZpbmxNbEIvVWZGRks3MmI2WTVxblhIMnFLWXVzd3BUQkxCbHhVZWFCaXVDSEhHWlEyc2Y4WEFIczdHaVhKU2RqZFNUUGVuMmhPeWE5eW9lcSt2Y1ZGZ0tZTVpXYk15SFVpSmQ5a0EvWEVGSWlnbFpxKzlrWFdOc244RXg2bnUzbWhweVhlWTVGakdKNmRJUWhEY2hhRG9mYnB2UkVnL1FNS0l0L2VZQXJDYitnNlFnT2YvSUd3WDhvdk1tUElzY3MrVnRZbE80QWJMTHBSSll6aGFLVm9ZbXJWNThHUmUxaHlMMW9XaUhXS2FBakt5dU1IUUo2Wm5neHhZREprR3hxUndQTDhzNVlPRkJla3ZsRGxJckRNcXlqc1dtT01nazJLOHoxYk8yMFcyS1RkbWpJb1ZTL25zaFRVNGR5Z3B0MEszdkZIa1liWU5LdVVUT3drZzF0T3hnZEU2RkN5cDNQLzVCeEdpYnllcmt5TlNPRDQ4Yz0=&rtb=1

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UncdC20sVj1UxJ0mPom%2BUYorMGN%2Boa3bzxj05ussvwe5FFctIpTXq%2BGGlLsUkMDsC5PCuZWMiW7gIzDgKHuUdYVdDesgB6yxjpcf1xsgN2l5DwxStPFlRAT1btD%2BdpLtElPmyw08jAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca1038c2b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dog.seetron.net/api/spots/190874?p=1&s1=201428

135.181.208.216

200 OK

94 B

URL GET HTTP/2
dog.seetron.net/api/spots/190874?p=1&s1=201428
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
HTML document, ASCII text, with no line terminators
Size
94 B (94 bytes)
Hash
c118b24869f85e4f08ea9cef3bde4492
7a7f0b87ac0967b24b246f54e649e640bd7d6c45
976c66117f2dcd0d138138f1cb8bb49aba832c76cf821cae5321e0217b92367d

HTTP Headers

GET /api/spots/190874?p=1&s1=201428 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:28 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=Y8BSYWZbL1xrb6mUjG2P; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

veepteero.com/88/104

139.45.197.242

200 OK

3.0 kB

URL GET HTTP/2
veepteero.com/88/104
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3221), with no line terminators
Size
3.0 kB (2963 bytes)
Hash
8fba7fbebcb600a7af1b67e1574c6406
91581ba288b7750e6e0588d64510a86daf455b1d
17cd33a6a22aa659cd65d9aea4037d2b2b99f06acad6d6a8d41c80f7a005a96c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:31 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 06:14:32 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

11 kB

URL GET HTTP/2
videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (11269), with no line terminators
Size
11 kB (11269 bytes)
Hash
f2b1e2d690c2c568d846e8da3ab66ccd
f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a
3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb

HTTP Headers

GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-2c05"
expires: Sun, 09 Jun 2024 06:13:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

str29.vidoza.net/nvl4eoiepmfeieno3uoanaxzoxauqxpcnqfrxvmf4u2445h3v2wwcbd53glq/v.mp4

0.0.0.0

0 B

URL GET
str29.vidoza.net/nvl4eoiepmfeieno3uoanaxzoxauqxpcnqfrxvmf4u2445h3v2wwcbd53glq/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/h7zka1zdif8f.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4eoiepmfeieno3uoanaxzoxauqxpcnqfrxvmf4u2445h3v2wwcbd53glq/v.mp4 HTTP/1.1
Host: str29.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

static.addtoany.com/menu/svg/icons/telegram.js

104.22.71.197

200 OK

360 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/telegram.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (370), with no line terminators
Size
360 B (360 bytes)
Hash
d455b7099e753a3680d5e481a7b56a9d
146fdec3f2e51dabdd15fc8acda6d73823b0d44d
4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a

HTTP Headers

GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYVDjK7xdSRfVIlOeunh90Zp9N5aOIbw9y%2FzG7hyxzpai2vyTlI0yBMKWdnJpVXy0bGcOyb3lr3KfsOGNaAbTStdMHbnnk7CGkc60vKY4yinygXe5Y2NkFkvfaNQX%2FOSF7x6%2BR3bwgiKLON7JtWl76v2"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16910
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13dacb8d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/js/jquery.min.js

78.142.18.54

200 OK

96 kB

URL GET HTTP/2
videzz.net/js/jquery.min.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-1762a"
expires: Sun, 09 Jun 2024 06:10:46 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

dog.seetron.net/api/settings/59846

135.181.208.216

200 OK

33 B

URL GET HTTP/2
dog.seetron.net/api/settings/59846
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

HTTP Headers

GET /api/settings/59846 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 06:14:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

foreignassertive.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js

192.243.61.227

200 OK

84 kB

URL GET HTTP/1.1
foreignassertive.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectforeignassertive.com
Fingerprint9A:B3:69:C5:67:69:19:46:E5:C5:C8:02:A4:05:AA:94:E8:B3:BC:21
ValidityMon, 06 May 2024 08:06:31 GMT - Sun, 04 Aug 2024 08:06:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84043 bytes)
Hash
c5f34600c4b9e4c4ef89659d6a65dd61
b6565985eb1cfa9726033cc37755eeef2421a58e
1976162d16efc3a26cff9b95a1166e460e91e1bbba9272a98b1da4ee8ea1271f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: foreignassertive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 06:14:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59f09e121be88c949ca1a298ce67e011
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

myliveforyoudreder.com/vidozza.js

188.114.96.1

200 OK

1.6 kB

URL GET HTTP/2
myliveforyoudreder.com/vidozza.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectmyliveforyoudreder.com
FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7
ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1742), with no line terminators
Size
1.6 kB (1615 bytes)
Hash
1b10623dcc365c3e40aa543ee9be6c3d
ee99261cffbbf896eba3c60d867480042fbaadc5
54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f

HTTP Headers

GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2003
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvFOhFE7tkjsxvoOr87n8tM6EXhZHpcPLj2O9MVC%2BE8ZwzMnuWRTUoAxUU88Sqy4uNbXlSPvzLtbRzGHKwKsm%2BTCFgFCjmoEGy2%2FAFyvQcZeHLw8J3%2BqLvIgPBBgaQ5C%2Fgd4yIodxhyU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca13c880b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428

135.181.208.216

200 OK

674 B

URL GET HTTP/2
dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
ASCII text, with very long lines (814), with no line terminators
Size
674 B (674 bytes)
Hash
d8514c69f7c52772523159432ea50f1e
a3667b348ac00590df767676e87adab6f0c305b7
2352810a4c8690d6308fc9f5069d1c0e595b3caf1891ed6bb46aea23d2d1507c

HTTP Headers

GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83&i=1&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&s1=201428 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=Y8BSYWZbL1xrb6mUjG2P
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

416 kB

URL GET HTTP/2
videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type

Size
416 kB (416358 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-65a66"
expires: Sun, 09 Jun 2024 06:10:46 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

static.addtoany.com/menu/locale/ru.js

104.22.71.197

200 OK

2.1 kB

URL GET HTTP/3
static.addtoany.com/menu/locale/ru.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (2170), with no line terminators
Size
2.1 kB (2130 bytes)
Hash
7581051e137324f383ce692c383a90ac
7c66ac218fd109304436e9588d602c7aaab63b82
428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c

HTTP Headers

GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhFVRSjWE7j%2Ftv2PCKEDYjwfJQa9gtiTq2CRtPYZ0IBP8y8%2B6VUxxKGbRKAKymQVz6K0AhnkLnCP%2Fcof%2FWZ%2FJkljxJadboD06R1Tbg2oF4r7zsW%2FqAheuvee6NMIREWZH3Lc9R4TMi%2B3V6zQ1k90LQvf"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7485
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13dac78d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/facebook.js

104.22.71.197

200 OK

429 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
429 B (429 bytes)
Hash
874e1638740e061f9fa55eda3180724c
108a7e30fa0f7d50b961845ec970a2745f3c821f
d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RVzhX5AB9Y40SYTDmElm2nodswXZ8uRMaHWvfiCdVaD2TQpqPrp%2FhnyJDliaslHqmV8g0UqlJgtcyzfNV%2FXnvlNmuQLooSeTITcDA%2FteX2efKLYEWrDiIq0HaHqQ7Gv4aqsX7nS2"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22491
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13dac88d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tzegilo.com/stattag.js

104.21.11.245

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:32 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnW%2FHfEOm%2BNifiatAfOmEVAaCKP1UngiQttJ7zDqj9bp%2BPOedWV6k1q7xn4B6xU17uKTRAq4K5GiXZYOGV6no2tiXQKBd%2BKuriBl4BOAVPx4%2F8EGcGa2zeAsaTJU3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca22d8fd5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

159 kB

URL GET HTTP/2
videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
159 kB (158902 bytes)
Hash
7c33538390b466ae717449d729bb32ea
49ea1eb1dc06467f516eae28e09863a23b244a31
a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02

HTTP Headers

GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/h7zka1zdif8f.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:14:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-26cb6"
expires: Sun, 09 Jun 2024 06:10:49 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=be554f3d-73cf-4d5b-b667-1720fae203cd

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=be554f3d-73cf-4d5b-b667-1720fae203cd
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=be554f3d-73cf-4d5b-b667-1720fae203cd HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1397
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 10 May 2024 06:14:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

zv.7vid.net/api/spots/70102?s1=201428&v2=1&fill=0&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83

135.181.208.216

200 OK

67 B

URL GET HTTP/2
zv.7vid.net/api/spots/70102?s1=201428&v2=1&fill=0&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subject1111.spinna.online
FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED
ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT

File type
XML document, ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25

HTTP Headers

GET /api/spots/70102?s1=201428&v2=1&fill=0&kw=grcs%2Csgnt%2C1x06%2Cm720p%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Fh7zka1zdif8f.html&sid=05af19d6-21bd-46a1-b7bc-8a4d6809ca83 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=HxRHuZSj3eZLbGawUG5I; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/0YDX8OE

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/0YDX8OE
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
af2b6f5e906532aa6d51ed7dcbb8fed7
5ddca712e64ecb7520e561656c87079ec18e3db1
eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3

HTTP Headers

GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjWMz0qlQFFvDcrjuW3f1ftzVkb38IhvtHGSGZ67aU0Str9WHI56cHdXfCFx5bP%2BHpivTZ9mEJcF60v03w%2BWgBUZijE9iInf1Jw89f4%2BQuqv%2FNyKHJh%2F%2FYdfzikOPsm1TzHJXraZwMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca0fe840b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7%2FXetOO9DITaO7oqQS6vwPKdrJqLv1dQvEf%2BSUEViarM31mSdI8%2FmcTpA4y2uH%2B4%2BEMHLoyKNjuFe7kVPO0fouKzeF6kzaJGr7H1gWpb2SYzqnWfCdvFR%2FoxfPWb01D8cEVBZW%2Fogk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca1028a5b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

serosaharlem.com/ij70IKIf4Ueonvwm/57128

23.109.170.33

200 OK

52 B

URL GET HTTP/1.1
serosaharlem.com/ij70IKIf4Ueonvwm/57128
IP
23.109.170.33:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectserosaharlem.com
FingerprintD7:7E:93:E5:2A:87:40:E0:79:E0:26:F2:7D:4F:3D:6E:18:83:68:09
ValidityMon, 04 Mar 2024 23:13:23 GMT - Sun, 02 Jun 2024 23:13:22 GMT

File type
HTML document, ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
86733bb66fb84b851592d733e51f0cbd
42eaf19a5ca195667a9212b0ea3557eee76954a8
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ij70IKIf4Ueonvwm/57128 HTTP/1.1
Host: serosaharlem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 06:14:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 11-May-2024 06:14:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 11-May-2024 06:14:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg

172.67.141.24

200 OK

1.3 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
24937fd159a21f2e91207d5788e86c70
1b07e0334cc16c5cd659de56314bd2188e3a82f9
b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 823655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RD7w8AgtASAKMmyXXa1Cocledey50dfmLoZP8OKEAOqr5xjU01uIOVqIK1J2iMBMZfTTK5SdPqa1Cq9D%2BtX%2BsigVtcZ%2BWpiea9z%2B6YfkY5itgYQo13%2FkwXVBV9V%2F9jzZA4KIXn%2B%2BXpvP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1d294b5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2doMtf5Y0AJ1NfEJWLmAEWTGHvDujIlYQcR44w1N2nXYKcZn9cfs69PeiImVtH6E3TQ7kUavi8R0ia%2FfFYMHuvG1AjtlKoG0BKN8To1tpe6cEKjFpkIqT7%2FbS9ChzQTf3ISKa5UR7QA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca1048d8b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif

172.67.141.24

200 OK

206 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
GIF image data, version 89a, 480 x 360
Size
206 kB (206291 bytes)
Hash
0b33face774f2203446507ce5f075538
1dd3522529bce7739df0687f47f5bc84356698a0
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:31 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 819298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6P5rrGQ2SmDCzVxygM62fGdElMH%2BBV3a94xRyBJeYQrVu04mNBPjriYcQ4aLNo8YiJlBSYnwsaKabvl0R4nzSeGUIbP%2FlRRjfiC9ZHQ%2BB3Gd6FlBUT7URtOHnhIzIBGAZz2vlnuYd53g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca1d29525689-OSL
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 09545343bafa756a15de476290ccdb98
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 06:14:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnQ%2FkIxxNSW7hSpknNudVEoKaygtG9RLPz9HEPli9fQc9jjsfXQku7AgIzBVV%2BtfXTKnsort3lnyY0pE4wboyyx7dfW%2BuAuYZeGqa2Au5rVk12VAgznIqVASvLZ9xOls2OqIHUqPo0XPbeBPvTuxmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817ca101b61b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

allvideometrika.com/f.php?sid=212515

188.114.96.1

200 OK

0 B

URL GET HTTP/2
allvideometrika.com/f.php?sid=212515
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectallvideometrika.com
Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13
ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 06:14:30 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvhgfpvPcpWDdFQ77LAuREnq0WXJXXErSi3jEjQjn%2FakWS5uaJghZA%2BfwWekpzQcf9sSvk1N2agtJQClhXO6Vwjl5j3iRjg21SPmfwoAm%2FzRrLMdciozNd6f%2FcYacnGn6qNnkod8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817ca15682456b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 06:14:32 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

str29.vidoza.net/nvl4eoiepmfeieno3uoanaxzoxauqxpcnqfrxvmf4u2445h3v2wwcbd53glq/v.mp4

0.0.0.0

0 B

URL GET
str29.vidoza.net/nvl4eoiepmfeieno3uoanaxzoxauqxpcnqfrxvmf4u2445h3v2wwcbd53glq/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintBB:ED:F5:F9:17:52:AA:FC:EE:8F:98:D4:64:46:12:76:92:0E:B5:CE
ValidityFri, 12 Apr 2024 01:22:23 GMT - Thu, 11 Jul 2024 01:22:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4eoiepmfeieno3uoanaxzoxauqxpcnqfrxvmf4u2445h3v2wwcbd53glq/v.mp4 HTTP/1.1
Host: str29.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Fri, 10 May 2024 06:14:29 GMT
content-type: video/mp4
content-length: 480842571
last-modified: Thu, 09 May 2024 12:53:25 GMT
etag: "663cc745-1ca9134b"
content-range: bytes 0-480842570/480842571
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/reddit.js

104.22.71.197

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/h7zka1zdif8f.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 06:14:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnrYFehaYtWs2o1G4Tgdwwwq6cVOQJT33gadLcZk%2BBuGXtofFOMgBAMzCcuOHzTteE1ndJdVgvZOW7CVQP9sqVLMOfBZrC5j2XfKEKcmEIFWADIJITY%2FqrYMDvyiJN3hiqurVWp0"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22491
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8817ca13daca8d54-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (77)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML