| vidoza.net/xx1x1z02lb5b.html |  78.142.18.220 | 301 Moved Permanently | 178 B |
URL User Request GET HTTP/2vidoza.net/xx1x1z02lb5b.html IP78.142.18.220:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintBB:ED:F5:F9:17:52:AA:FC:EE:8F:98:D4:64:46:12:76:92:0E:B5:CE ValidityFri, 12 Apr 2024 01:22:23 GMT - Thu, 11 Jul 2024 01:22:22 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashbd2695f4b079c71dbddde3436286fb9c 733c05da132193d6cf1d8e242d12e2525c03bab4 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /xx1x1z02lb5b.html HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: text/html
content-length: 178
location: https://videzz.net/xx1x1z02lb5b.html
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 |  104.17.24.14 | 200 OK | 1.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.24.14:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hashdcb0ac787e2b120c8aeec195cd6decb9 7cdd385b4fbdfd0801af64d9209e7ede132dd954 f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82
GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:08 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 318794
expires: Fri, 25 Apr 2025 13:28:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pO7WObEHynZTq9QhoJUEQEuorME8NeaKFZMsHLS8LbGmjHyEZ2gwrQuJ30XZPtaC5emS1pG8l4vh6WkjSkMWLa7uSCa49il5htQMvHSDwclhXbDb6K3%2F5wApTFD4f0YzXLyyEjYn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f1126a0db3568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.24.14 | 200 OK | 867 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.24.14:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (4034) Hash0680879d9be8b73e90cf1ed3de2724e1 e338268ddd73ef607dbbca2ff375867972f66353 5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857
GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:08 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 413320
expires: Fri, 25 Apr 2025 13:28:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBiynIkauRKRrrsgNZ1DFSxbpb1DL8cEKzbey1WP4Jmr0RKNseRk1mXBURxCGEGeAdTfR7wA42Ze8tAfVtheuCFBpyYEHypJQuRVt4IrojIoCh4XT5KYKnu00dT73AE2T8GnK90y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f1126a1dbc568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.24.14 | 200 OK | 2.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.24.14:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7172), with no line terminators Hasha99386c14c1250b20b42dd0db3df1741 cc8562d8ee2c39a2adea8d09eec3c4096571dd18 de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672
GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:08 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 319877
expires: Fri, 25 Apr 2025 13:28:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJuKJ4n2mw6TunfJhCaYphT7DJgRj2iKSTcOBKdRGLnra0BLsVD8qO5uU%2BNXpRTqPfK1XiyGUjfiaGutzY%2B4CvcP5sUb7q6AFuevmdTHR87m4hINTDLTQMrfUpSG2bGtdQv6oybg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f1126a3de8568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/Sb7AkA7.js |  135.181.208.216 | 200 OK | 77 kB |
URL GET HTTP/2dog.seetron.net/Sb7AkA7.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/henYKwb.js | 135.181.208.216 | 200 OK | 88 kB |
URL GET HTTP/2dog.seetron.net/henYKwb.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /henYKwb.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| vz.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.cpbj8ddae04d.shop Fingerprint05:51:C2:15:91:D1:D4:BC:15:B2:36:C5:1A:40:61:CC:74:87:18:53 ValidityTue, 23 Apr 2024 10:27:07 GMT - Mon, 22 Jul 2024 10:27:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 |  142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashcc1e778e05d4448fb2cf65994afd8e56 609dba783e0783b4d52f7c3d902bb39e1522080e c4278e2ac910bbc1a65736d1e28fb6e075818c43f1248a3222482a95faf55311
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 13:28:08 GMT
expires: Sun, 05 May 2024 13:28:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vidoza.net/img/default.jpg | 78.142.18.220 | 200 OK | 694 B |
URL GET HTTP/2vidoza.net/img/default.jpg IP78.142.18.220:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintBB:ED:F5:F9:17:52:AA:FC:EE:8F:98:D4:64:46:12:76:92:0E:B5:CE ValidityFri, 12 Apr 2024 01:22:23 GMT - Thu, 11 Jul 2024 01:22:22 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 320x240, components 3 Hash3f3d9ce26cd1061a73afe546a264b067 ec5032f227c580e48d6f35737b3047c30b8a1afc 32fe662927c1c21f95229b73f9098c3666890c898bda92b9d4db0ac98cb6a8e1
GET /img/default.jpg HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/jpeg
content-length: 694
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-2b6"
expires: Tue, 04 Jun 2024 13:24:38 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| yd.cottoidearldom.com/1clkn/14903 |  23.109.170.198 | 200 OK | 26 B |
URL GET HTTP/1.1yd.cottoidearldom.com/1clkn/14903 IP23.109.170.198:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectyd.cottoidearldom.com Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 13:28:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 06-May-2024 13:28:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Mon, 06-May-2024 13:28:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:08 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 313153
expires: Fri, 25 Apr 2025 13:28:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJJgg2%2FwcYfnkkDNq7YDhuXgrehjgz%2BTeNmiMdx4yv%2FGpainnHDRLs0sNKCG0JrPy%2B6vGAoR8ySk4Z8x2%2FFoMtu%2FRrhuVLeXZtYFdnDotQA57tANJ5SOqyldytKyDHOFWXfabT%2FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f1126d6bfbb50b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js | 172.240.253.132 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js IP172.240.253.132:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (45415), with no line terminators Hashc691b8bbe39e937264ef897c4c053781 32dbf2689e1d1002541e92e2b2184afd5d9a43c2 c306bfa5c31ee6c483d9aa5c1f0b05e1b46fe3cc4da37f093b02a55f2ef33974
GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 13:28:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Wed, 08 May 2024 16:28:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9d88fddbdde4eda5c4c6da89d22e7a0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet | 142.250.74.106 | 200 OK | 76 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet IP142.250.74.106:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash981e30429d8e1a863c8bffe82c68eeb0 18015f39cf9c39f2f73dfa85a8929298cc3929a2 d68592578ecd70a2bc0dc33a3384e3a51e7a464f47c5eb072f663db3d49c0839
GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 13:28:08 GMT
date: Sun, 05 May 2024 13:28:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/logo_60.png | 78.142.18.54 | 200 OK | 14 kB |
URL GET HTTP/2videzz.net/images-newtheme/logo_60.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced Hash650a7f14495bcd9ed2140ed51d8b9fef 47cb64b0bc23739e4e25e7c1bea6d63e438ebee0 aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71
GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 14101
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-3715"
expires: Tue, 04 Jun 2024 13:26:05 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate | 142.250.74.106 | 200 OK | 2.9 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate IP142.250.74.106:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash13464452a5c9a6ba0ed061370b563e94 771c119a1a4337c7736b486ea878a267cbc34b09 11869b7e6013501b32695fd4278542bbdd20d2fd2e16ee5065ccbd603bb836c3
GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 13:28:08 GMT
date: Sun, 05 May 2024 13:28:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s.o333o.com/adgpt.js |  85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.120 | 200 OK | 92 kB |
IP143.204.55.120:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash51eafc953b65963f8c2d71b1b7bf6e2c 853d5c2d81cfce2d6716e68f34ab2dd798cfb891 e63e3db3bf411157a56488616558022991ad2b286de8542efff6459ca818b8b8
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oPwXqfE_urUp8BAS44mzwxjznt54r7vvt13Z7qT-MAclpqkHDwmSiQ==
age: 2087787
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/reddit_button.png | 78.142.18.54 | 200 OK | 5.6 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/reddit_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hashe81d26d1620449624337a4d43f931daa f03bec039b900b6668f56c295b6152f206614347 a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196
GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 5639
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-1607"
expires: Tue, 04 Jun 2024 13:18:17 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 116906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7 | 104.18.10.207 | 200 OK | 14 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7 IP104.18.10.207:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ba1343eb3e49a0961974f5c12bb3dd9d
cdn-cache: HIT
cf-cache-status: HIT
age: 413344
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f11269eab256b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js | 78.142.18.54 | 200 OK | 60 kB |
IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Hash15d007fa8205e8c4de04f00a5c8d47d4 62f41bcba72334352f58d276ebaf1f12fb140f0a 622397ae7202df62381ab2263e9db37a918aaf41b4147349b511ae15e692df61
GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:27 GMT
vary: Accept-Encoding
etag: W/"662ca993-a554"
expires: Tue, 04 Jun 2024 13:27:02 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/twitter_button.png | 78.142.18.54 | 200 OK | 7.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/twitter_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hashd680a9ff6f8107a4582fc3da7b95b852 df709fd8b064642697ce5075aef16d7ec3df9475 d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24
GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 7332
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-1ca4"
expires: Tue, 04 Jun 2024 13:18:15 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/viber_button.png | 78.142.18.54 | 200 OK | 7.6 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/viber_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash36454bc0a71ba0919c38f4b072ea1792 b90bd02d15eb470070f5767b12f8879cfa54033f 795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58
GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 7583
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-1d9f"
expires: Tue, 04 Jun 2024 13:20:06 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/whatsapp_button.png | 78.142.18.54 | 200 OK | 9.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/whatsapp_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash093cb56d9d65dd0ccb57f24eb7444cba 3d862fe04fc38402dfb6e8afcfb9adc526907d54 9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266
GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 9402
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-24ba"
expires: Tue, 04 Jun 2024 13:21:04 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.24.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.24.14:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 317524
expires: Fri, 25 Apr 2025 13:28:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xqpqFa6pUyDG2Nqf%2BHE3bziRad6O1cafGOH%2FJ6YRY1jIoSKm5fE23zLDeCGe1cQTVp5YyMX5bBgtFBs4ZzeGgmSxhYq%2Ftfy6OJ3u%2Ba2Rp%2BKGc6dYCoZycUVjhNzvomFxf%2BzW6dA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f112704f9eb50b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 116907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 05 May 2024 13:28:09 GMT
Last-Modified: Sun, 05 May 2024 12:53:35 GMT
Server: ECAcc (ska/F6A0)
X-Cache: Miss from cloudfront
Via: 1.1 ce6aa43c72ee1bea26f47b9ee0b4eafc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: APKdaqAsL9a7tBTTBibZhxm09bm6f1pUVZMM9wtVa7kaw6krgcjDkg==
Age: 2074
|
|
| videzz.net/images-newtheme/locale/spritesheet_25.png | 78.142.18.54 | 200 OK | 3.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/locale/spritesheet_25.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced Hashf114e74e1fb82ce234e7a2503506e2ac 5adb3ddc13861aa417471710f1ceaca66ef71c74 e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d
GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1; file_id=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:09 GMT
content-type: image/png
content-length: 3355
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-d1b"
expires: Tue, 04 Jun 2024 13:27:43 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.70.197 | | 78 kB |
URL static.addtoany.com/menu/sm.25.html IP104.22.70.197:0
File typeHTML document, ASCII text, with very long lines (624) Hash41b7ed0cbe240173eea85148fcba633e 39acd5fe099974486a1c9ba11ba0fe7be6bc97ca 274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 8869
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f11270dccdabe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 48 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashf43a9f52bdd16907856bcccdc018b8c9 260324361bf19dc2ea4982f6fd312f9c8d5039cc 0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2B%2FCpdUzztd3vZTEdm2H5gLQtDO4iNMazBwBWvbmrgibl7qWg6vvQa5HtMuIiDSNtMvdTlPchpdSKY9Utyi6rV9DPOOKRuBuuztsqNVK8XB2tDfGEClICM3SSBj8reTtTQYDAYPekW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112704a0556c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1e032a5616121b33872779fc89c20262 5ce9a26ad1132ae6667db9a4f56cca57e08e133f 9a4ad7b9ff7a82e7384de5526f91ebc045ab8251346d81f558b19fe19642f44f
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=40220c6f-1096-4d57-8ea7-d650fefea74f:1:1; expires=Wed, 03 May 2034 13:28:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| videzz.net/dl?op=enc_status&id=&_=1714915688621 | 78.142.18.54 | 443 No Reason Phrase | 0 B |
URL GET HTTP/2videzz.net/dl?op=enc_status&id=&_=1714915688621 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dl?op=enc_status&id=&_=1714915688621 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1; file_id=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 443 No Reason Phrase
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:09 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 95 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash372657469c7055799359ae04300f2b55 30e761035417d30c5fbd2a9ccb69f5c96c601e48 d7fb922f885e4322860ec8f27f8de0e1089cde11bed7a9b7befba7c6efcdfdd3
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 13:28:09 GMT
expires: Sun, 05 May 2024 13:28:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94575
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| gruffsleighrebellion.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js | 192.243.59.12 | 200 OK | 30 kB |
URL GET HTTP/1.1gruffsleighrebellion.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectgruffsleighrebellion.com Fingerprint36:DD:6E:2E:AE:C0:08:BE:5A:00:27:04:9E:0A:4E:AE:1D:84:8C:AE ValiditySun, 28 Apr 2024 09:39:46 GMT - Sat, 27 Jul 2024 09:39:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1614c0d9d5b1f0bc4590a25a43955593 cd76cd11bab79c3d6ec365d0465fc4152d44b0c9 78499cc618e7c09b9812e8199c5744b04ec33d6ac64871283dd71786ab6fd356
GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: gruffsleighrebellion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:28:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b97d17884670cb06bcadd585ebefc6c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| gruffsleighrebellion.com/sbar.json?key=9785383bf0d8f2fb611d938245088565&psid=CF-3448_1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1gruffsleighrebellion.com/sbar.json?key=9785383bf0d8f2fb611d938245088565&psid=CF-3448_1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectgruffsleighrebellion.com Fingerprint36:DD:6E:2E:AE:C0:08:BE:5A:00:27:04:9E:0A:4E:AE:1D:84:8C:AE ValiditySun, 28 Apr 2024 09:39:46 GMT - Sat, 27 Jul 2024 09:39:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sbar.json?key=9785383bf0d8f2fb611d938245088565&psid=CF-3448_1 HTTP/1.1
Host: gruffsleighrebellion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:28:10 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071529; expires=Mon, 06 May 2024 13:28:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e1eb60a03df021adbad6b55a4d721bc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| static.addtoany.com/menu/locale/ru.js | 104.22.70.197 | 200 OK | 1.2 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2130), with no line terminators Hashc0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCGaSgK4l4uuupkt%2Fh48xawn%2FLsP2Oc7FV2rnIbYLl451pxdJ1oMITTRBbvcYnbHpEriv68tYoC1pM1o9lpB%2FEZ9pq%2F%2FeO7UWlZgkAql17yczLWYLrVFfSr7t10H7zZgMjGxgdHMxT1kCepnhNyo7rqx"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4824
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f11274e9e0abe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1e032a5616121b33872779fc89c20262 5ce9a26ad1132ae6667db9a4f56cca57e08e133f 9a4ad7b9ff7a82e7384de5526f91ebc045ab8251346d81f558b19fe19642f44f
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=40220c6f-1096-4d57-8ea7-d650fefea74f:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 66 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Hash65519f1b5606d023066481318e7be697 242808d2d17ca9998f7cc8bb6a8e037d8370b863 974d2536acbec1fe72a022587790a6dca949562fe34caf7ea4c3d75ca89e19ea
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-26cb6"
expires: Tue, 04 Jun 2024 13:27:00 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 104.22.70.197 | 200 OK | 8.6 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (893), with no line terminators Hash408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0mOx4XlrTIiF2kgPx6kTLqvld9HnTiKfwbHtlQYvoZA5g44lQveP2tVGPcXkEtoJ4gdclI9E4sgSmKYq0PxXzDgMaF%2BsVjnodBsPUjbhHxMB74I6LxuYoSHW9DhGzcNcscDW8G9"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20275
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112750a07abe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 257 kB |
URL GET HTTP/2videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Size257 kB (257378 bytes) Hashbf2ba9471c4db33f93dd67d118dd1644 d21cc230517affb28e1d85a70cf264ec44dfc3aa a39596727354980fc3aa433a0fe03198e8759bc17cf198b38a9d35bf25a88653
GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-14c442"
expires: Tue, 04 Jun 2024 13:19:58 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1667976186.1714915690>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=534088648 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1667976186.1714915690>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=534088648 IP142.250.74.163:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1667976186.1714915690>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=534088648 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 May 2024 13:28:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 843 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hash5bbe3cdc32a2a7bbf8d33ef65a590424 d4bde542a0890d86b9af2cb98fa797402a4cb1e9 5c786fbc0a93305ea0d4cc60f4752a4ce44c9bce0f0dac6644d7d86fc2751a2c
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pH9VUsyNnOYiFTMFqsHS%2FN%2FqeV%2B0NEYVmDx6ceokr7Q3kMz3VXSp58YqRPNifd2Gk4R70mvzt7teXjWygUwalF0%2BSwXBiePz3mw5kaaML6gU6X88XW7YQJ1kglx%2F%2FGSYPim1LBgaa0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112787fcf1c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1714915688748&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1667976186.1714915690&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714915690&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&dt=Watch&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2999 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1714915688748&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1667976186.1714915690&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714915690&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&dt=Watch&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2999 IP216.239.34.36:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1714915688748&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1667976186.1714915690&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714915690&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&dt=Watch&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2999 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Sun, 05 May 2024 13:28:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XNiWlVhj9ky5DXHcI5oaT8MRTolU3IucDis8%2FEHFSHlnLAqVGtclrgDSP3etov8jH9GU9IuDFOG01b92QH%2BKelLIPE%2BiOx1Y1L7dEmhHaVcHLLcmWmrLKGv73T2SLmUvfVnG8OFAOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f11275bd841c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 144 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gk0L4J%2BwvHHyUs5Cr63OiAkPK4ofSO%2F5yhCS3a53AO5jicQVCyTNRRYoVI6XzsQVIkpzTQ5elsslJ4OockOUvnMeWHSkCcXokXwBNQ1czbaYi9Qv3vV3gDMaW%2BXf%2B9Lhs27DFJeaTKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f11271e9af1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.4 kB |
URL GET HTTP/2videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (11269), with no line terminators Hashf2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb
GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-2c05"
expires: Tue, 04 Jun 2024 13:27:15 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xmlclick.adcannyxml.com/nrtb/click?bid=-W3mT8DYdlAuHsq6cY2He0C7cuj9VTlCtnMagBxAIo-PO4BgCY3mjsyGc8Uw4uN9_0_9
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashdf061fb4dfb37e95d4e0a2d1981251d2 eccdd447dfa92af7f474978ed596be9b6cb1d7e8 ef712eaabe9f00b4048c74b413208880d1644101b82c37b0c2de2dcd69ef5f76
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/0YDX8OE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=up2Rd4A0YWMkBXT3nRNVsfRm8sPkTZkvGza6bQy2%2BOu6hVujTqsTEWCDlAYuTLYaAOpAai0pfnfrruIxt342LVO%2FZ%2BulOI2At%2FVuby7pWqJCu%2FJCU0fF3Kb1%2B6LMUNEzdjUgGeBxYLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112764df71c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1e032a5616121b33872779fc89c20262 5ce9a26ad1132ae6667db9a4f56cca57e08e133f 9a4ad7b9ff7a82e7384de5526f91ebc045ab8251346d81f558b19fe19642f44f
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=40220c6f-1096-4d57-8ea7-d650fefea74f:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| becast.onionlive.workers.dev/ | 172.67.141.108 | 200 OK | 633 B |
URL GET HTTP/2becast.onionlive.workers.dev/ IP172.67.141.108:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint47:76:5D:C5:12:3C:C2:68:72:9E:1E:79:C9:B5:09:72:24:11:B4:C0 ValidityThu, 02 May 2024 00:33:08 GMT - Wed, 31 Jul 2024 00:33:07 GMT
File typeHTML document, ASCII text, with very long lines (1015) Hash8a515f4d8c9b4b73ad7e79bb1e04f177 b02ee0e66a0db210d9b73d7f0a190bfd1d3ac7d3 9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1
GET / HTTP/1.1
Host: becast.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xiG5yzGCHVM0baJYyTADzcdaOAyxoCtRLLDf4E49K58kDbuO07fTjuIRVDPCO%2BJmI9KY80%2BIXJdFGVZRoH9exqEZzauZk01GgqSvqfYDND9f2A7WNZZ64sLQREhADIpngOiM6dpOt9nXJ%2FjcJg3m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f1127c3f7d568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3M2vtWsSloiCUjWN6mZ3ZYFBjw%2B3unANvUrox7YLmaUv2MVNM8EkH4eIPzpvTUpYMw2yi5Z6IrA01oowYB%2B8SO2n8E7s0elWRCTbV02X2o804UbaFBLgHk7SrrJVeAL%2Bnabrow%2Feco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f11277ef501c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 104.22.70.197 | 200 OK | 634 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHckTjoXuwSZA9lMRraMKCpOd%2BcFmeHjQbSapL4yb3KetBrr648Avto59mqGEa7rRKEbTaGmjlhEiDLjJQJ4bFxx56XnHuU3vt1j%2FPW7upUauuAxcedteBLZWq7%2B%2Fhu3vpTMQC%2BV"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20275
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112750a04abe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 104.22.70.197 | 200 OK | 508 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1003), with no line terminators Hashaeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M0rb%2BlxK%2FoVsTW%2BGG0gAV%2FZ1piN8S203kYMFo607CVx%2Fjmecxu8H4kL7bp9jwZt8Egtrpb0rM6tKdsDVCVUAUglqOvAhCFDY1u8NVb6rrNNTQXdM8uqjyqMNub3NThTQ85aCzQ%2FFd2quzTVwUO62Ob6"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14384
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112750a0aabe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xmlclick.adcannyxml.com/nrtb/click?bid=-W3mT8DYdlAuHsq6cY2He0C7cuj9VTlCtnMagBxAIo-PO4BgCY3mjsyGc8Uw4uN9_0_9 | 23.226.122.79 | 302 Found | 55 B |
URL GET HTTP/2xmlclick.adcannyxml.com/nrtb/click?bid=-W3mT8DYdlAuHsq6cY2He0C7cuj9VTlCtnMagBxAIo-PO4BgCY3mjsyGc8Uw4uN9_0_9 IP23.226.122.79:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerUnizeto Technologies S.A. Subject*.adcannyxml.com Fingerprint94:3C:B1:37:BD:FA:9C:E1:1E:F4:57:BB:30:0F:66:33:53:31:41:24 ValidityMon, 18 Mar 2024 07:29:56 GMT - Tue, 18 Mar 2025 07:29:55 GMT
File typeHTML document, ASCII text Hash397f81a4f18e04a060c75e5b71f7cee1 557f585b9711a7f867cff5a443ed2bce8eefcf8b bb44fc266d7d490de9db213118e1a22f9edf87f963b26ba9a02e923a9b5a4b1f
GET /nrtb/click?bid=-W3mT8DYdlAuHsq6cY2He0C7cuj9VTlCtnMagBxAIo-PO4BgCY3mjsyGc8Uw4uN9_0_9 HTTP/1.1
Host: xmlclick.adcannyxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html; charset=utf-8
content-length: 55
location: https://t.bawixi.xyz/1/?zid=9776
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/splash.php?idzone=5075902&sub=1746284589&ad_tags= | 95.211.229.248 | 200 OK | 2.9 kB |
URL GET HTTP/1.1s.magsrv.com/splash.php?idzone=5075902&sub=1746284589&ad_tags= IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectmagsrv.com FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51 ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File typeXML 1.0 document, ASCII text, with very long lines (1783) Hash3f507e37bf28b2b63cafc6dec0254f21 5a84e0da901608bef0ff9e30fa2ccd91169042b4 c37495212262b131d71ab4e56f11f360cb2553044d684496f2af3cae8b82301e
GET /splash.php?idzone=5075902&sub=1746284589&ad_tags= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226637896bafca25.26575634251676314%22%3B%7D; expires=Tue, 05 May 2026 13:28:11 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C5075902%7C96221788%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1746284589%7Cvidezz.net%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714915691%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Ceee5475c83d0377f7c625bb4c4a55cfa%7Cok%22%7D; expires=Mon, 06 May 2024 13:28:11 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
|
|
| offmantiner.com/sftouch?userId=00805309068c4d1ef41db75945e8ac52&z=6120639&p_rid=379db74d-be3c-4742-8ced-af44de6c92c2&p_src=sf&branchId=0&rb=2UGZvLQQJoF6jxhsv6W99dLit1hrwa3aekuM4bvT1ooQ5zQmJiO1wjNYHaPYR15lf9xg4fDf0WMAbd7NgSqiFITjWj08EA6JqbVRLymXuQVAaRpcwdH6O4EdGF1J2yv9fCiyy3vIfo8L-PmGbJ67AX3pbO30wHPP2Jr2N3H8kk1c_r71kr_h5lbCX3Upr3eOa27t9egmv1z0atluolvqAFIY_1tyFwcjQhFC-0zGcYPn3WsAZW-GnLiumc0VpoSHPU2ED8ltbByYeTl_PDDVeHiuiSxYV09qeK9Lsw== |  139.45.197.245 | | 2 B |
URL offmantiner.com/sftouch?userId=00805309068c4d1ef41db75945e8ac52&z=6120639&p_rid=379db74d-be3c-4742-8ced-af44de6c92c2&p_src=sf&branchId=0&rb=2UGZvLQQJoF6jxhsv6W99dLit1hrwa3aekuM4bvT1ooQ5zQmJiO1wjNYHaPYR15lf9xg4fDf0WMAbd7NgSqiFITjWj08EA6JqbVRLymXuQVAaRpcwdH6O4EdGF1J2yv9fCiyy3vIfo8L-PmGbJ67AX3pbO30wHPP2Jr2N3H8kk1c_r71kr_h5lbCX3Upr3eOa27t9egmv1z0atluolvqAFIY_1tyFwcjQhFC-0zGcYPn3WsAZW-GnLiumc0VpoSHPU2ED8ltbByYeTl_PDDVeHiuiSxYV09qeK9Lsw== IP139.45.197.245:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=00805309068c4d1ef41db75945e8ac52&z=6120639&p_rid=379db74d-be3c-4742-8ced-af44de6c92c2&p_src=sf&branchId=0&rb=2UGZvLQQJoF6jxhsv6W99dLit1hrwa3aekuM4bvT1ooQ5zQmJiO1wjNYHaPYR15lf9xg4fDf0WMAbd7NgSqiFITjWj08EA6JqbVRLymXuQVAaRpcwdH6O4EdGF1J2yv9fCiyy3vIfo8L-PmGbJ67AX3pbO30wHPP2Jr2N3H8kk1c_r71kr_h5lbCX3Upr3eOa27t9egmv1z0atluolvqAFIY_1tyFwcjQhFC-0zGcYPn3WsAZW-GnLiumc0VpoSHPU2ED8ltbByYeTl_PDDVeHiuiSxYV09qeK9Lsw== HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/4/6120639/
Cookie: OAID=00805309068c4d1ef41db75945e8ac52; oaidts=1714915691
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/plain
content-length: 2
x-trace-id: 9a2ff50446dc21ce07bc391c664332f7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/4/5615727/ | 139.45.197.234 | 200 OK | 14 kB |
URL GET HTTP/2bedrapiona.com/4/5615727/ IP139.45.197.234:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
File typegzip compressed data, max speed, from Unix Hash52493dea3ca4e305b993ce2697c734dc 377fb2e262c1584e373bb9fdcfa1ce0a248ad9ae 2622f2497eaf7e729a086a7a3cdcde93f3f154d64876205b3229a15aea6a8f2a
GET /4/5615727/ HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.animezeno.sbs/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html; charset=utf8
x-trace-id: dc386ba3213ed1ffc0b303724b26575d
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008053ad4f3f4564f27e21db3878836e; expires=Mon, 05 May 2025 13:28:11 GMT; path=/; secure; SameSite=None
oaidts=1714915691; expires=Mon, 05 May 2025 13:28:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashb8207054b13fda020d58a7f94425b36f 9b577687e561e17e9823e7fb83ad648dede4c74c 6dafbda0e014e02f234cd8025d827edc22403b87e4cd22270c86db55dd8bc4a6
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4n23k4yQHyEOATG1CqnL7CLbBjp6ubo%2BECRE%2Ba%2FyzPlbBC5kZ%2BIv%2BbXkg9aoaaYRHUMdHJlKQ4SSS8RaK2%2B2of5TZxtgsPXyznnGfRGhrnObhxojhyo0%2BDvAF6RHfSNMVJv2zaHdIKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f11278f8331c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xml-click-oax.adstork.com/nrtb/click?bid=la8YSGz75KRZi7frS5iVx1LCWgQW_Vwyg3Lpw8yw7j1eP1ypt4GKtFMI5VhxOZE-_0_42
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
|
|
| unseenreport.com/pxf.gif?uuid=40220c6f-1096-4d57-8ea7-d650fefea74f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=40220c6f-1096-4d57-8ea7-d650fefea74f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=40220c6f-1096-4d57-8ea7-d650fefea74f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a272e3be15b42ca74bbb14d5a1120cf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| my.rtmark.net/img.gif?f=merge&userId=00805309068c4d1ef41db75945e8ac52&z=6120639&p_rid=379db74d-be3c-4742-8ced-af44de6c92c2&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=00805309068c4d1ef41db75945e8ac52&z=6120639&p_rid=379db74d-be3c-4742-8ced-af44de6c92c2&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=00805309068c4d1ef41db75945e8ac52&z=6120639&p_rid=379db74d-be3c-4742-8ced-af44de6c92c2&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00805309068c4d1ef41db75945e8ac52; expires=Mon, 05 May 2025 13:28:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/sftouch?userId=008053ad4f3f4564f27e21db3878836e&z=5615727&p_rid=5f31df24-5788-474e-adb8-b64e60726b7b&p_src=sf&branchId=0&rb=yDn_jA-5GtSvrU79gc5gDJ9M94C7BULXTM_88YF67UJ9J98w5rH_yB7tjz7XFerSyZy2giRgI6Q1CezWyRB9TU8MiykHG5lLtxDJeO78BlktHcBhYvXk93xB6oGu2vsNdnHsIX4owdcSb7aQsXsFR8V8x5SKEjM-H_hHiUo0Q1GItYvx7dVC9Farl1ZKB89Ie3m0hiztaoJa1Zr0kAMyD6vvXhazX641X-1eF1j7CsKCsH-_P5atjiItnTyi0W4wPAuFXe4K8aSIBkAkRsuAJw== | 139.45.197.234 | | 2 B |
URL bedrapiona.com/sftouch?userId=008053ad4f3f4564f27e21db3878836e&z=5615727&p_rid=5f31df24-5788-474e-adb8-b64e60726b7b&p_src=sf&branchId=0&rb=yDn_jA-5GtSvrU79gc5gDJ9M94C7BULXTM_88YF67UJ9J98w5rH_yB7tjz7XFerSyZy2giRgI6Q1CezWyRB9TU8MiykHG5lLtxDJeO78BlktHcBhYvXk93xB6oGu2vsNdnHsIX4owdcSb7aQsXsFR8V8x5SKEjM-H_hHiUo0Q1GItYvx7dVC9Farl1ZKB89Ie3m0hiztaoJa1Zr0kAMyD6vvXhazX641X-1eF1j7CsKCsH-_P5atjiItnTyi0W4wPAuFXe4K8aSIBkAkRsuAJw== IP139.45.197.234:0
CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /sftouch?userId=008053ad4f3f4564f27e21db3878836e&z=5615727&p_rid=5f31df24-5788-474e-adb8-b64e60726b7b&p_src=sf&branchId=0&rb=yDn_jA-5GtSvrU79gc5gDJ9M94C7BULXTM_88YF67UJ9J98w5rH_yB7tjz7XFerSyZy2giRgI6Q1CezWyRB9TU8MiykHG5lLtxDJeO78BlktHcBhYvXk93xB6oGu2vsNdnHsIX4owdcSb7aQsXsFR8V8x5SKEjM-H_hHiUo0Q1GItYvx7dVC9Farl1ZKB89Ie3m0hiztaoJa1Zr0kAMyD6vvXhazX641X-1eF1j7CsKCsH-_P5atjiItnTyi0W4wPAuFXe4K8aSIBkAkRsuAJw== HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bedrapiona.com
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/4/5615727/
Cookie: OAID=008053ad4f3f4564f27e21db3878836e; oaidts=1714915691
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/plain
content-length: 2
x-trace-id: a3757fc0cea21bfb2cd45db079fce57b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bedrapiona.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=008053ad4f3f4564f27e21db3878836e&z=5615727&p_rid=5f31df24-5788-474e-adb8-b64e60726b7b&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008053ad4f3f4564f27e21db3878836e&z=5615727&p_rid=5f31df24-5788-474e-adb8-b64e60726b7b&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008053ad4f3f4564f27e21db3878836e&z=5615727&p_rid=5f31df24-5788-474e-adb8-b64e60726b7b&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008053ad4f3f4564f27e21db3878836e; expires=Mon, 05 May 2025 13:28:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=40220c6f-1096-4d57-8ea7-d650fefea74f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=40220c6f-1096-4d57-8ea7-d650fefea74f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=40220c6f-1096-4d57-8ea7-d650fefea74f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 13:28:12 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6230be1b5c55bc59aea82575e83ec8d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| t.bawixi.xyz/1/?zid=9776 | 188.114.96.1 | 200 OK | 363 B |
IP188.114.96.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbawixi.xyz FingerprintAF:9E:B4:BC:30:9E:5D:F1:48:C5:77:67:A5:95:F2:70:E6:E5:A8:91 ValidityThu, 14 Mar 2024 01:23:09 GMT - Wed, 12 Jun 2024 01:23:08 GMT
File typeHTML document, ASCII text, with very long lines (442) Hashc9aadc191cf60adbc5e5de64b3ec289b d91096b13403385a8c923fcb94e955363d1a0686 c0731bcd43683ce9b17ff3147917185245da149282da0d2a17f44f12a2ce6325
GET /1/?zid=9776 HTTP/1.1
Host: t.bawixi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feg%2B%2FuVGPvXNT5N0jCShzb2fLV5B%2BE%2BakAoYJGvAHEetzT%2BBQnyU3%2FOcF62bjnrrXmsqyBV0KGskJ42fgYBeqiwgyhTn%2F8hC%2B%2FhRFWTGNKfWctP4RT3PQoHoxdypBoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112819fa65684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5f31df24-5788-474e-adb8-b64e60726b7b | 139.45.197.234 | | 12 B |
URL bedrapiona.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5f31df24-5788-474e-adb8-b64e60726b7b IP139.45.197.234:0
CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=5f31df24-5788-474e-adb8-b64e60726b7b HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1411
Origin: https://bedrapiona.com
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/4/5615727/
Cookie: OAID=008053ad4f3f4564f27e21db3878836e; oaidts=1714915691
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://bedrapiona.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTY3MH19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTY3MH19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTY3MH19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=4560782206877390913&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=987491dd0040a249a1a86799225f043b&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182 | 109.206.182.60 | 200 OK | 2.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182 IP109.206.182.60:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5467), with no line terminators Hash1b14eb15b3540b838a7a716ea0fa71f8 d21b3ee5143d8ae81ac07faa808d066d528ff548 9ea8a3ddd85d6ad90d6714628254043d674aaf00756536e860fcb0b9ed8042bf
GET /in/p/?spot_id=558728&cat=25&sub_id=1952513182 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: 1095.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 1095.0=1; expires=Mon, 06 May 2024 13:28:10 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTY4OX19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTY4OX19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTY4OX19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=1067607815715879815&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=8bf3782236d3889eedea3e4c0f94a7ad&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 | 109.206.182.60 | 200 OK | 2.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 IP109.206.182.60:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5467), with no line terminators Hash1b14eb15b3540b838a7a716ea0fa71f8 d21b3ee5143d8ae81ac07faa808d066d528ff548 9ea8a3ddd85d6ad90d6714628254043d674aaf00756536e860fcb0b9ed8042bf
GET /in/p/?spot_id=560254&cat=25&sub_id=761082465 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: 1095.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html; charset=UTF-8
pragma: no-cache
vary: Accept-Encoding, *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 1095.0=1; expires=Mon, 06 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false | 139.45.197.234 | 302 Found | 0 B |
URL POST HTTP/2bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false IP139.45.197.234:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5615727&syncedCookie=true&rhd=false HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 604
Origin: https://bedrapiona.com
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/afu.php?zoneid=5615727&var=5615727&rid=e8DJqkaKU-A8kEnzk7U3FA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008053ad4f3f4564f27e21db3878836e; oaidts=1714915691
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
x-trace-id: 1a4372b24d5e9176380008a0bed35bd6
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bedrapiona.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008053ad4f3f4564f27e21db3878836e; expires=Mon, 05 May 2025 13:28:12 GMT; path=/; secure; SameSite=None
oaidts=1714915691; expires=Mon, 05 May 2025 13:28:12 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 12 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/click/5718959503849096095?c=60&data[error]=3 | 135.181.208.216 | 200 OK | 0 B |
URL GET HTTP/2dog.seetron.net/api/click/5718959503849096095?c=60&data[error]=3 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/5718959503849096095?c=60&data[error]=3 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=w9SxmfpWnbKmvU0Qre64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
|
|
| vast.yomeno.xyz/error?katds_ep=NNEFuG4hemXn9YRfE7DaoM0NXqMmYivoQJhcou0MmJzLlVKrPC9uCjRiUm0YMeySUNhr3PFeAbJQi7cEmMVmqhi1L0gQGrj8Oz6RHfGQZbd-VoMLPgrAQE-qvPntqo8sPIpgxDk4GyGAByDIHRfws8T7whWt7i4N-MeB6avOH8SioY8ygMlZDRxpjb_2zwdBJoiE25gNy1IVLpFvtvuHBPChDpvkDM1iKCR11FW-xkcSoBFJiVl73W3IuZMdtAkGpuyS_v0c1x38ZN6DZosKzW-k-48CND_mCdovhZ25Y1X5diRx5OZTwC-u0oq4f976MTisejun68tbhO4qf2kWWNX-mhG3aCmrBhnRdhNQkPlX&error=3 | 109.206.163.116 | 302 Found | 0 B |
URL GET HTTP/2vast.yomeno.xyz/error?katds_ep=NNEFuG4hemXn9YRfE7DaoM0NXqMmYivoQJhcou0MmJzLlVKrPC9uCjRiUm0YMeySUNhr3PFeAbJQi7cEmMVmqhi1L0gQGrj8Oz6RHfGQZbd-VoMLPgrAQE-qvPntqo8sPIpgxDk4GyGAByDIHRfws8T7whWt7i4N-MeB6avOH8SioY8ygMlZDRxpjb_2zwdBJoiE25gNy1IVLpFvtvuHBPChDpvkDM1iKCR11FW-xkcSoBFJiVl73W3IuZMdtAkGpuyS_v0c1x38ZN6DZosKzW-k-48CND_mCdovhZ25Y1X5diRx5OZTwC-u0oq4f976MTisejun68tbhO4qf2kWWNX-mhG3aCmrBhnRdhNQkPlX&error=3 IP109.206.163.116:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvast.yomeno.xyz FingerprintD7:6E:F9:BD:F8:D1:0F:D3:7D:55:3B:C5:8C:48:23:61:40:31:97:01 ValiditySat, 23 Mar 2024 03:09:31 GMT - Fri, 21 Jun 2024 03:09:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error?katds_ep=NNEFuG4hemXn9YRfE7DaoM0NXqMmYivoQJhcou0MmJzLlVKrPC9uCjRiUm0YMeySUNhr3PFeAbJQi7cEmMVmqhi1L0gQGrj8Oz6RHfGQZbd-VoMLPgrAQE-qvPntqo8sPIpgxDk4GyGAByDIHRfws8T7whWt7i4N-MeB6avOH8SioY8ygMlZDRxpjb_2zwdBJoiE25gNy1IVLpFvtvuHBPChDpvkDM1iKCR11FW-xkcSoBFJiVl73W3IuZMdtAkGpuyS_v0c1x38ZN6DZosKzW-k-48CND_mCdovhZ25Y1X5diRx5OZTwC-u0oq4f976MTisejun68tbhO4qf2kWWNX-mhG3aCmrBhnRdhNQkPlX&error=3 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:11 GMT
content-length: 0
location: https://vast.yomeno.xyz/report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=3
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
|
|
| offmantiner.com/4/6120639/ | 139.45.197.245 | 200 OK | 13 kB |
URL GET HTTP/2offmantiner.com/4/6120639/ IP139.45.197.245:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
File typeHTML document, ASCII text, with very long lines (18247) Hashd9cbdb91ac8a1408c50d06e99d5470d2 d3b232bc67fc065947195e857a22e6235bae37cb 8e211643eeb4df67e2d768d8c7c9244303b32db9177856620764ad619e3e3aaf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /4/6120639/ HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://becast.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html; charset=utf8
x-trace-id: 536087816178ef986ea1bff25be67ec7
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805309068c4d1ef41db75945e8ac52; expires=Mon, 05 May 2025 13:28:11 GMT; path=/; secure; SameSite=None
oaidts=1714915691; expires=Mon, 05 May 2025 13:28:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/click/5718959503849096095?c=60&data[error]=400 | 135.181.208.216 | 200 OK | 0 B |
URL GET HTTP/2dog.seetron.net/api/click/5718959503849096095?c=60&data[error]=400 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/5718959503849096095?c=60&data[error]=400 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=w9SxmfpWnbKmvU0Qre64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTk5N319 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTk5N319 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MTk5N319 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=1280279764161502616&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=99cdca6d2c736b64fcb13b9d342f72d3&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| vast.yomeno.xyz/error?katds_ep=NNEFuG4hemXn9YRfE7DaoM0NXqMmYivoQJhcou0MmJzLlVKrPC9uCjRiUm0YMeySUNhr3PFeAbJQi7cEmMVmqhi1L0gQGrj8Oz6RHfGQZbd-VoMLPgrAQE-qvPntqo8sPIpgxDk4GyGAByDIHRfws8T7whWt7i4N-MeB6avOH8SioY8ygMlZDRxpjb_2zwdBJoiE25gNy1IVLpFvtvuHBPChDpvkDM1iKCR11FW-xkcSoBFJiVl73W3IuZMdtAkGpuyS_v0c1x38ZN6DZosKzW-k-48CND_mCdovhZ25Y1X5diRx5OZTwC-u0oq4f976MTisejun68tbhO4qf2kWWNX-mhG3aCmrBhnRdhNQkPlX&error=400 | 109.206.163.116 | 302 Found | 0 B |
URL GET HTTP/2vast.yomeno.xyz/error?katds_ep=NNEFuG4hemXn9YRfE7DaoM0NXqMmYivoQJhcou0MmJzLlVKrPC9uCjRiUm0YMeySUNhr3PFeAbJQi7cEmMVmqhi1L0gQGrj8Oz6RHfGQZbd-VoMLPgrAQE-qvPntqo8sPIpgxDk4GyGAByDIHRfws8T7whWt7i4N-MeB6avOH8SioY8ygMlZDRxpjb_2zwdBJoiE25gNy1IVLpFvtvuHBPChDpvkDM1iKCR11FW-xkcSoBFJiVl73W3IuZMdtAkGpuyS_v0c1x38ZN6DZosKzW-k-48CND_mCdovhZ25Y1X5diRx5OZTwC-u0oq4f976MTisejun68tbhO4qf2kWWNX-mhG3aCmrBhnRdhNQkPlX&error=400 IP109.206.163.116:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvast.yomeno.xyz FingerprintD7:6E:F9:BD:F8:D1:0F:D3:7D:55:3B:C5:8C:48:23:61:40:31:97:01 ValiditySat, 23 Mar 2024 03:09:31 GMT - Fri, 21 Jun 2024 03:09:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error?katds_ep=NNEFuG4hemXn9YRfE7DaoM0NXqMmYivoQJhcou0MmJzLlVKrPC9uCjRiUm0YMeySUNhr3PFeAbJQi7cEmMVmqhi1L0gQGrj8Oz6RHfGQZbd-VoMLPgrAQE-qvPntqo8sPIpgxDk4GyGAByDIHRfws8T7whWt7i4N-MeB6avOH8SioY8ygMlZDRxpjb_2zwdBJoiE25gNy1IVLpFvtvuHBPChDpvkDM1iKCR11FW-xkcSoBFJiVl73W3IuZMdtAkGpuyS_v0c1x38ZN6DZosKzW-k-48CND_mCdovhZ25Y1X5diRx5OZTwC-u0oq4f976MTisejun68tbhO4qf2kWWNX-mhG3aCmrBhnRdhNQkPlX&error=400 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:11 GMT
content-length: 0
location: https://vast.yomeno.xyz/report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=400
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/vregister.php?a=vview&errorcode=400&idzone=5075902&dg=6538616-NOR-96221788-3-0-1-0-InLine | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/vregister.php?a=vview&errorcode=400&idzone=5075902&dg=6538616-NOR-96221788-3-0-1-0-InLine IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectmagsrv.com FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51 ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /vregister.php?a=vview&errorcode=400&idzone=5075902&dg=6538616-NOR-96221788-3-0-1-0-InLine HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226637896bafca25.26575634251676314%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C5075902%7C96221788%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1746284589%7Cvidezz.net%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714915691%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Ceee5475c83d0377f7c625bb4c4a55cfa%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 13:28:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| u3y8v8u4.aucdn.net/library/141372/1861cb7e4f2fb47cb93147f4aa3db2764ba84fc4.mp4 |  185.76.9.18 | 206 Partial Content | 5.1 MB |
URL GET HTTP/2u3y8v8u4.aucdn.net/library/141372/1861cb7e4f2fb47cb93147f4aa3db2764ba84fc4.mp4 IP185.76.9.18:443 ASN#60068 Datacamp Limited
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size5.1 MB (5121555 bytes) Hash6e8080e507549ff9d3ff58431ac1d3c4 1861cb7e4f2fb47cb93147f4aa3db2764ba84fc4 0da964c1fbcc77188dca017135894b0925540457e43f1cc9b219fea9d58f936b
GET /library/141372/1861cb7e4f2fb47cb93147f4aa3db2764ba84fc4.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Sun, 05 May 2024 13:28:12 GMT
content-type: video/mp4
content-length: 5121555
last-modified: Fri, 05 Apr 2024 12:00:33 GMT
etag: "660fe7e1-4e2613"
accept-ch:
expires: Sat, 05 Apr 2025 12:13:53 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJDQHXe9gmAAwBuUwKAQH38MUAAAgB1GY4EQGB
x-77-nzt-ray: c0a4cc282f36b2976c8937662a980506
x-accel-expires: @1743855233
x-77-cache: HIT
x-accel-date: 1712369905
x-77-age: 2545787
server: CDN77-Turbo
x-cache: HIT
x-age: 2545787
x-77-pop: stockholmSE
content-range: bytes 0-5121554/5121555
X-Firefox-Spdy: h2
|
|
| vast.yomeno.xyz/report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=400 | 109.206.163.116 | 204 No Content | 0 B |
URL GET HTTP/2vast.yomeno.xyz/report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=400 IP109.206.163.116:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvast.yomeno.xyz FingerprintD7:6E:F9:BD:F8:D1:0F:D3:7D:55:3B:C5:8C:48:23:61:40:31:97:01 ValiditySat, 23 Mar 2024 03:09:31 GMT - Fri, 21 Jun 2024 03:09:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=400 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:12 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
|
|
| vast.yomeno.xyz/report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=3 | 109.206.163.116 | 204 No Content | 0 B |
URL GET HTTP/2vast.yomeno.xyz/report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=3 IP109.206.163.116:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvast.yomeno.xyz FingerprintD7:6E:F9:BD:F8:D1:0F:D3:7D:55:3B:C5:8C:48:23:61:40:31:97:01 ValiditySat, 23 Mar 2024 03:09:31 GMT - Fri, 21 Jun 2024 03:09:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /report?e_type=Error&rep=tc_vast&source=1746284589&tcid=13095&iab=IAB25&p=&ccid=&ctype=slider&uid=7051e04e36459a8f9e53fc11d762dd92&endpoint=&error=3 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:12 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=4560782206877390913&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=987491dd0040a249a1a86799225f043b&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=4560782206877390913&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=987491dd0040a249a1a86799225f043b&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=4560782206877390913&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=987491dd0040a249a1a86799225f043b&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=3864419237828214168&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b26ac5143693597cd4a0da4dbed097ba&score=302.5243375039884&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D302.5243375039884%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=3864419237828214168&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b26ac5143693597cd4a0da4dbed097ba&score=302.5243375039884&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D302.5243375039884%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=3864419237828214168&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b26ac5143693597cd4a0da4dbed097ba&score=302.5243375039884&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D302.5243375039884%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=302.5243375039884&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=1067607815715879815&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=8bf3782236d3889eedea3e4c0f94a7ad&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=1067607815715879815&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=8bf3782236d3889eedea3e4c0f94a7ad&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=1067607815715879815&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=8bf3782236d3889eedea3e4c0f94a7ad&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=1280279764161502616&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=99cdca6d2c736b64fcb13b9d342f72d3&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=1280279764161502616&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=99cdca6d2c736b64fcb13b9d342f72d3&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=1280279764161502616&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=99cdca6d2c736b64fcb13b9d342f72d3&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MjM4NH19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MjM4NH19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MjM4NH19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=2134918871503352432&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ee5f07c50dfa7b9961d09cfc95f8069c&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| xml-click-oax.adstork.com/nrtb/click?bid=la8YSGz75KRZi7frS5iVx1LCWgQW_Vwyg3Lpw8yw7j1eP1ypt4GKtFMI5VhxOZE-_0_42 | 23.226.122.79 | 302 Found | 153 B |
URL GET HTTP/2xml-click-oax.adstork.com/nrtb/click?bid=la8YSGz75KRZi7frS5iVx1LCWgQW_Vwyg3Lpw8yw7j1eP1ypt4GKtFMI5VhxOZE-_0_42 IP23.226.122.79:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.adstork.com Fingerprint90:C7:C6:2C:5F:EF:4A:42:2C:2D:9A:35:14:D4:1B:8B:73:B6:E3:86 ValiditySun, 21 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT
File typeHTML document, ASCII text Hashf4ed298faf5a1b81bd71f927613fb99d 0912eb387f6a4e179302d2521de4cc200e92d652 a9d400411919aa9d076931cc6d255b9c77f326f385e2d26314dcd9466e56929a
GET /nrtb/click?bid=la8YSGz75KRZi7frS5iVx1LCWgQW_Vwyg3Lpw8yw7j1eP1ypt4GKtFMI5VhxOZE-_0_42 HTTP/1.1
Host: xml-click-oax.adstork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html; charset=utf-8
content-length: 153
location: https://latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1714915680000-1921
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=2134918871503352432&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ee5f07c50dfa7b9961d09cfc95f8069c&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=2134918871503352432&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ee5f07c50dfa7b9961d09cfc95f8069c&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=2134918871503352432&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ee5f07c50dfa7b9961d09cfc95f8069c&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MjQ0Mn19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MjQ0Mn19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJtbDRoMGxuMXVwODhrd3p1YjlpY2E3In0sImV4dCI6eyJkdCI6MTcxNDkxNTY5MjQ0Mn19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=6778367339697951691&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=d850c20ea9e6435c20f52bda7640ae20&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.168.42 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.168.42:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 849.0=1; expires=Mon, 06 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.168.42 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.168.42:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.0=1; expires=Mon, 06 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| t.bawixi.xyz/1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorsgm2dgmbtha4tint5pr6hy6zcoirdumjxgyztinrxhezdclbcoqrdumjxge2dsmjvgy4talbcomrduircpu&mode=2 | 188.114.96.1 | 302 Found | 151 B |
URL GET HTTP/3t.bawixi.xyz/1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorsgm2dgmbtha4tint5pr6hy6zcoirdumjxgyztinrxhezdclbcoqrdumjxge2dsmjvgy4talbcomrduircpu&mode=2 IP188.114.96.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbawixi.xyz FingerprintAF:9E:B4:BC:30:9E:5D:F1:48:C5:77:67:A5:95:F2:70:E6:E5:A8:91 ValidityThu, 14 Mar 2024 01:23:09 GMT - Wed, 12 Jun 2024 01:23:08 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash6598f13d4320f886a9a08cafc75c8705 e78039e1618e545c5cba433785923ddb38b7e241 f83e21d04e6b649ebe7c213bbbfed798362fd21831b4cac38afd70de61c8d9fb
GET /1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorsgm2dgmbtha4tint5pr6hy6zcoirdumjxgyztinrxhezdclbcoqrdumjxge2dsmjvgy4talbcomrduircpu&mode=2 HTTP/1.1
Host: t.bawixi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.bawixi.xyz/1/?zid=9776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html
location: https://t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxArsbks4HHDFlovy3ptvIpJj%2F0FLdv5OCtUCy6Ifn4eEqaTa2puZImS05xGoMwXERJDL9dgznvytqZP80jkOwvfEBo5FEEvXZlLHFvDBUjC8NPRzWjI%2FCe96UM70go%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f11285197eb518-OSL
alt-svc: h3=":443"; ma=86400
|
|
| t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_ | 188.114.96.1 | 302 Found | 151 B |
URL GET HTTP/2t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_ IP188.114.96.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectyunaga.xyz Fingerprint23:B7:72:6D:6F:C6:6F:96:9E:1F:5C:29:0F:31:FC:36:7F:1E:84:40 ValidityTue, 19 Mar 2024 23:59:20 GMT - Mon, 17 Jun 2024 23:59:19 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash6598f13d4320f886a9a08cafc75c8705 e78039e1618e545c5cba433785923ddb38b7e241 f83e21d04e6b649ebe7c213bbbfed798362fd21831b4cac38afd70de61c8d9fb
GET /1/?spot_id=2561&zone_id=14102_ck_if_ HTTP/1.1
Host: t.yunaga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html
location: https://t.yunaga.xyz/1/?spot_id=5011
set-cookie: _trd_=8f12dddcac55d2; Expires=Mon, 05-May-25 13:28:11 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqt3157949621=1; Expires=Mon, 06-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqp3178561817=1; Expires=Mon, 06-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNyNpvS%2BkORW8iy3OR9A4SgD90XLIei9Mbmzp4KK6M2TZ%2BpGZYL19oYmozGt6P2HgXxQ8lqSWnanovOoSIETx0gA2JX0CunWQATeFvX1H81NsiSpgmg9ZIlCFxnypmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112872e455685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=302.5243375039884&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.168.42 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=302.5243375039884&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.168.42:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=302.5243375039884&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.0=1; expires=Mon, 06 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.168.42 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.168.42:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 849.0=1; expires=Mon, 06 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB | 13.107.246.53 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html
content-length: 0
cache-control: private,no-cache, no-store
pragma: no-cache
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_e97283cb9afe4c08b37221f8590a9b97&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714915692936)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024551328%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2237695454-a0d4-40bd-b44f-d4e37b0f626e%7c0%22%7d%5d; domain=.unibet.com; expires=Mon, 05-May-3023 13:28:12 GMT; path=/; secure; SameSite=Strict
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 20240505T132812Z-er15bb998b7x8v2kebpxcn5nss00000003kg00000000712m
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.168.42 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.168.42:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Cookie: 849.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:13 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.0=1; expires=Mon, 06 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP | 13.107.246.53 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html
content-length: 0
cache-control: private,no-cache, no-store
pragma: no-cache
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_bdc72665a5314b45b88fdb17f918d451&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714915692940)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024551328%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2249326bb9-1e0f-4562-b7d9-e6d456ff9ed2%7c0%22%7d%5d; domain=.unibet.com; expires=Mon, 05-May-3023 13:28:12 GMT; path=/; secure; SameSite=Strict
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 20240505T132812Z-er15bb998b7x8v2kebpxcn5nss00000003kg00000000712k
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_e97283cb9afe4c08b37221f8590a9b97&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 |  85.184.96.28 | 302 Found | 138 B |
URL GET HTTP/2www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_e97283cb9afe4c08b37221f8590a9b97&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_e97283cb9afe4c08b37221f8590a9b97&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714915692940)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024551328%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 05 May 2024 13:28:13 GMT
content-type: text/html
content-length: 138
location: https://www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_e97283cb9afe4c08b37221f8590a9b97&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: U
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_bdc72665a5314b45b88fdb17f918d451&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 | 85.184.96.28 | 302 Found | 138 B |
URL GET HTTP/2www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_bdc72665a5314b45b88fdb17f918d451&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_bdc72665a5314b45b88fdb17f918d451&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a95986768%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714915692940)%5c%2f%22%2c%22CookieTag%22%3a%223795095986768451240919C2024551328%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 05 May 2024 13:28:13 GMT
content-type: text/html
content-length: 138
location: https://www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_bdc72665a5314b45b88fdb17f918d451&sref=GIG&GIG=NO_DESKTOP&affiliateId=1&pid=95986768&bid=37950
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: U
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1714915680000-1921 | 206.54.181.250 | 200 OK | 359 B |
URL GET HTTP/1.1latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1714915680000-1921 IP206.54.181.250:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subject*.aqgykagexo.ru FingerprintDF:94:30:8E:BA:55:DE:41:4D:F9:A3:64:DE:7E:C8:C4:CA:64:32:61 ValidityWed, 06 Mar 2024 08:45:05 GMT - Tue, 04 Jun 2024 08:45:04 GMT
File typeHTML document, ASCII text Hash597e5f2d8df91c9e0be1405118356ddf 8b6d9ba9d008089c004701006838c569125fee4b 1350f9aa4c5b88a85e3116e59ec991a861bc2cb6fc9ac11c0ba4e66106ccdbd2
GET /click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1714915680000-1921 HTTP/1.1
Host: latest-557263.aqgykagexo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
set-cookie: clickId_557263=1714915680000-13; path=/; samesite=none; secure; httponly
date: Sun, 05 May 2024 13:28:13 GMT
connection: close
transfer-encoding: chunked
|
|
| yahoo.com/ | 74.6.231.21 | 301 Moved Permanently | 8 B |
IP74.6.231.21:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerDigiCert Inc Subjectyahoo.com Fingerprint2C:3D:69:2F:18:D8:60:42:F4:5D:66:B5:11:C1:80:98:ED:45:9E:85 ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf17ca2c829680ada2fec9fc87bc5f606 fb5ed1e8458cc7da71478ddab87136681cb0179e 093452239d0e2e43b06b9d5cd8ac735c26449e340e001f87904765bb30e2293e
GET / HTTP/1.1
Host: yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sun, 05 May 2024 13:28:13 GMT
strict-transport-security: max-age=31536000
server: ATS
cache-control: no-store, no-cache
content-type: text/html
content-language: en
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
location: https://www.yahoo.com/
content-length: 8
X-Firefox-Spdy: h2
|
|
| videzz.net/dl?op=enc_status&id=undefined&_=1714915688622 | 78.142.18.54 | 443 No Reason Phrase | 0 B |
URL GET HTTP/2videzz.net/dl?op=enc_status&id=undefined&_=1714915688622 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dl?op=enc_status&id=undefined&_=1714915688622 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1; file_id=; _ga_HEX1BG8H46=GS1.1.1714915690.1.0.1714915690.60.0.0; _ga=GA1.1.1667976186.1714915690; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; pp_main_57e9128f004dc8dd272477c7cdb9cf15=1; pp_idelay_57e9128f004dc8dd272477c7cdb9cf15=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=gruffsleighrebellion.com; dom3ic8zudi28v8lr6fgphwffqoz0j6c=40220c6f-1096-4d57-8ea7-d650fefea74f%3A1%3A1; naslvq=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 443 No Reason Phrase
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:19 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 | 188.114.97.1 | 200 OK | 2.3 kB |
URL GET HTTP/2topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 IP188.114.97.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashd469d732a1eb1a5284b77bd2732bd0c0 ab1684e71458f16924f389a64495d83537ceb6a5 9c3666c10b424ee1a09900ba73e3b8d89d34230b82e4bd55d0bf87045e421d08
GET /?source=761082465&site_id=560254&spot_id=560254 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 043291d6e1c5fc79faff2970e2a476cc
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FNujYPvoBGDaFci0pb1SWf9IWle26Eek36WbYnZXo3Kz39KWSY7KPl0knPcXLz%2BwOgAzJzmhmMKEN74Pwb004iL%2FXSwizFh7g2yAD9jg0m9ERBMA2QAYoFqYNgFjYl5vPfLEpLPhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1128d89d70b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 5.5 kB |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.70.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 8869
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f11270dccdabe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| myliveforyoudreder.com/vidozza.js | 104.21.40.134 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP104.21.40.134:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofWTkWLMafkYUxXw7hN3ACLvDUisG5qeDFsh70uUiNApLvoxNwZXT8YUy55c7bCzf41QyVXFT%2BiXuPOlS4mgVQLxc26SwrXXS0LrRVRJvD%2BYN2tj3WAeDq6bF2O4zBPGoiCajSeWnn04"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f11273593ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0bdc2f806e75bd66b3dc04c3a14f02b7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 0
last-modified: Sun, 05 May 2024 13:28:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNQAX9Nd0Ii3SwDmYt%2Fs1PVpOuRCY%2BiRF%2BjBUan8Fyv55clFQzeBd9ydAj8DWZgKHdf3vkbVjg2agjDzvAMigqubsM9KPpNZU%2Bmhyg7zhanFoqv3Fr19oUhX00r947e6YbQ6ZRvr%2Fk5Yl9RK%2F%2BBo4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f112785cae7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-65a66"
expires: Tue, 04 Jun 2024 13:21:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 104.22.70.197 | 200 OK | 360 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (370), with no line terminators Hashd455b7099e753a3680d5e481a7b56a9d 146fdec3f2e51dabdd15fc8acda6d73823b0d44d 4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9pMpDWY00S1UoBh7dh%2BqpIB7xhAcdI3P3uTdcS6qq%2FtzBjk7n4vAi1%2BOKW1Nn2Tu6UDIw%2FTM%2Fn2MlHdbEFjDk6axCU4elS5Yq9F04lGV5fCgvnFISm%2BDhGKCweMmDEI4ytEVFz5JPvB7orF4KjdSsYL"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14384
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112750a08abe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dog.seetron.net/api/spots/190873?p=1&s1= | 135.181.208.216 | 200 OK | 94 B |
URL GET HTTP/2dog.seetron.net/api/spots/190873?p=1&s1= IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeHTML document, ASCII text, with no line terminators Hashc118b24869f85e4f08ea9cef3bde4492 7a7f0b87ac0967b24b246f54e649e640bd7d6c45 976c66117f2dcd0d138138f1cb8bb49aba832c76cf821cae5321e0217b92367d
GET /api/spots/190873?p=1&s1= HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=w9SxmfpWnbKmvU0Qre64; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 5.5 kB |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-22364"
expires: Tue, 04 Jun 2024 13:27:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hash824a3f01774373d84e2c831d29c4cdc1 a90fddcc8bc46e63240496ec164cbbb651a379d0 735c9eb1ab5740ecd5f901abf9c89369e3feedd80f2ed6feb9d716aeb75a818d
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kD53VF1e2lOIYeKqPa1pteF014Vsm2HZ5ZN1VdiiVT%2FstyMh%2FvWh4PfR8nBsGv%2FhiNmT4zk5ZX2d82uC%2B30E%2BK38fBViaSBE48FIIzlfob9IlCZBAsa%2Bpz3Q1ZwQNqR6APopaR11hI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112727a251c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.animezeno.sbs/ | 188.114.97.1 | 200 OK | 1.4 kB |
IP188.114.97.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectanimezeno.sbs FingerprintD1:88:3B:4F:6E:24:62:91:E5:7C:D7:4B:24:7E:37:2C:B4:E6:81:07 ValidityFri, 12 Apr 2024 00:39:53 GMT - Thu, 11 Jul 2024 00:39:52 GMT
File typeHTML document, ASCII text, with very long lines (1380), with no line terminators Hashbe42cb30510e54f37a69e2c5f244a5fd 982132974a70f7fbb26f4de4f0d29f78fc960c4c ff4814e83aad096af9d3ddfb373f00d40d170c57169edff731511efa661063f9
GET / HTTP/1.1
Host: www.animezeno.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbwMb7AmuMLV0TxFkbugahZVv0cZitpfzbp7M8ex3Q5%2FsEzQmlBEQ4lYOnDLHx2lO13AUKm4pumFPv9uy2jVm4zfm0BfSoUY%2B%2B9fhSL01wV8xaWr1hRKxDJc5RmPBwF5bffltA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f1127ddf0756aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/facebook_button.png | 78.142.18.54 | 200 OK | 3.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/facebook_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash7136dd30e8f2bac19a84c71f7051fbe4 9e0386c21a34c2034c5736d083f2aa9d74aa9698 0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf
GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 3296
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-ce0"
expires: Tue, 04 Jun 2024 13:20:42 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/dl?op=enc_status&id=undefined&_=1714915688623 | 78.142.18.54 | 443 No Reason Phrase | 0 B |
URL GET HTTP/2videzz.net/dl?op=enc_status&id=undefined&_=1714915688623 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dl?op=enc_status&id=undefined&_=1714915688623 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1; file_id=; _ga_HEX1BG8H46=GS1.1.1714915690.1.0.1714915690.60.0.0; _ga=GA1.1.1667976186.1714915690; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; pp_main_57e9128f004dc8dd272477c7cdb9cf15=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=40220c6f-1096-4d57-8ea7-d650fefea74f%3A1%3A1; naslvq=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 443 No Reason Phrase
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:29 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoibWw0aDBsbjF1cDg4a3d6dWI5aWNhNyJ9LCJleHQiOnsiZHQiOjE3MTQ5MTU2OTE3Mjl9fQ== | 94.130.197.240 | 302 Found | 35 kB |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoibWw0aDBsbjF1cDg4a3d6dWI5aWNhNyJ9LCJleHQiOnsiZHQiOjE3MTQ5MTU2OTE3Mjl9fQ== IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoibWw0aDBsbjF1cDg4a3d6dWI5aWNhNyJ9LCJleHQiOnsiZHQiOjE3MTQ5MTU2OTE3Mjl9fQ== HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=3864419237828214168&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b26ac5143693597cd4a0da4dbed097ba&score=302.5243375039884&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D302.5243375039884%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/users/4782906223498900095/1588132?fill=0&kw=file%20upload,share%20files,free%20upload | 135.181.208.216 | 200 OK | 1.5 kB |
URL GET HTTP/2dog.seetron.net/api/users/4782906223498900095/1588132?fill=0&kw=file%20upload,share%20files,free%20upload IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeXML document, ASCII text, with very long lines (1526), with no line terminators Hash13ce65df9a4c844f9798ca4751e184b6 cecb681059235d7e70d8aff530cb4c19466d52a3 999b79a01ef2cd8b98fa17adb9cbc52eca9026d4ab6c2747562f4f98ab643617
GET /api/users/4782906223498900095/1588132?fill=0&kw=file%20upload,share%20files,free%20upload HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=w9SxmfpWnbKmvU0Qre64
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-29645"
expires: Tue, 04 Jun 2024 13:27:22 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/ico_signup.png | 78.142.18.54 | 200 OK | 1.1 kB |
URL GET HTTP/2videzz.net/images-newtheme/ico_signup.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hasheb2e533fce6d10e6f1231e3c07aa7e7a 194f55dab0899b59605972b6a0edd85bfd975488 6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a
GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 1094
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-446"
expires: Tue, 04 Jun 2024 13:21:11 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d63f2305c05503d8bdcc593a4bff3ad1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 May 2024 13:28:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPbnpOfDiX%2BlQwZ8Xk9jRyX%2BgP6ol9NB9QizmSa1s3ikLlR%2FF6IqWgEaS6TNZFH%2B5aWTzT5RD3Cr%2FRfiMIj63nPc6fxs%2BKG%2B7QlpoxHNHWQHbehvNrnPZfUHX6czsNXWv3hQ%2BpKMrZ9CavZ7gHzYAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f11272589cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t.yunaga.xyz/1/?spot_id=5011 | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/2t.yunaga.xyz/1/?spot_id=5011 IP188.114.96.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectyunaga.xyz Fingerprint23:B7:72:6D:6F:C6:6F:96:9E:1F:5C:29:0F:31:FC:36:7F:1E:84:40 ValidityTue, 19 Mar 2024 23:59:20 GMT - Mon, 17 Jun 2024 23:59:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/?spot_id=5011 HTTP/1.1
Host: t.yunaga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Cookie: _trd_=8f12dddcac55d2; _uqt3157949621=1; _uqp3178561817=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 05 May 2024 13:28:12 GMT
content-type: text/html
location: https://yahoo.com
set-cookie: _trd_=8f12dddcac55d2; Expires=Mon, 05-May-25 13:28:11 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqt3157949621=2; Expires=Mon, 06-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqp3178561817=2; Expires=Mon, 06-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eD1UykLD3eRCDZfSU0xi9F5yYrISfgnxtnCswEoFXsVf3iI2cA2VBCHD2tc7Djg1M2hhlVC1YhQbLRBMaao5xRHdPtcZ8RFP96H02WEaF0QTXew%2FMYfd7nmQY2QBqlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f11287ff575685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 209 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Size209 kB (208785 bytes) Hashf7a1d1e02542af989a6fb35a72e70619 176a13d5db6e1562ca86f08746a94b517f61c9c1 a59d7c163928db264cbd2a5ba3592615d402276619b5dfebda1e9f22690df6b0
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 13:28:08 GMT
expires: Sun, 05 May 2024 13:28:08 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| dog.seetron.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561 | 135.181.208.216 | 200 OK | 814 B |
URL GET HTTP/2dog.seetron.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeXML document, ASCII text, with very long lines (846), with no line terminators Hash590af78602cc738663fa2e15be95ac05 25f18cbd2d5d447ec406b6e143918449e136abf7 cc6e7ad7d398468f590ca37f0445190582e8107ac5c56e716dd22c6abf1d8f4e
GET /api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=w9SxmfpWnbKmvU0Qre64
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hash824a3f01774373d84e2c831d29c4cdc1 a90fddcc8bc46e63240496ec164cbbb651a379d0 735c9eb1ab5740ecd5f901abf9c89369e3feedd80f2ed6feb9d716aeb75a818d
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHfL%2B0t44CjnKuR8GdhKtvuWhhfCcpO%2B2Lqoy36dWKVtB0xdUD0NSSU90Klvey5JLPF2l%2FBPcHnMEgHKpEMP8u54gsOFcBNQa9bX4AlQXEKp8pYm3naqW8OUZSpJ37ejRpsUf5ivqsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1127239ff1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dog.seetron.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload | 135.181.208.216 | 200 OK | 650 B |
URL GET HTTP/2dog.seetron.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (784), with no line terminators Hash67bb15bd3958e7a3b0bb46bfecffdf5a 4675f86f26daaf0a0d2fb6b946e5b6c02b86233a 56a06d72d794f1fe5c74000be950df88bf824da4b779c968cea365cb826d08ee
GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=w9SxmfpWnbKmvU0Qre64
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeM8as%2BZprH8lsChmdyD16lQmyMttNP8NFqANHQGhmQkZSQSw5286uMtR7KGqqV%2BemtSiizTvxRhRgGeMj7SFIZ4qMEjCaBtp5wSn1gITMHrEh5oMYMIUVGhL3XI83iyon%2Bb4IhW3Ts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112713b2756c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| offmantiner.com/?z=6120639&syncedCookie=true&rhd=false | 139.45.197.245 | 302 Found | 0 B |
URL POST HTTP/2offmantiner.com/?z=6120639&syncedCookie=true&rhd=false IP139.45.197.245:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /?z=6120639&syncedCookie=true&rhd=false HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 631
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/afu.php?zoneid=6120639&var=6120639&rid=IUzYL-eT4VvoQwPRHmPGTA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=00805309068c4d1ef41db75945e8ac52; oaidts=1714915691
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESKTOP
x-trace-id: 572e1bd9dad05cc7a2820a8bc82dfb11
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805309068c4d1ef41db75945e8ac52; expires=Mon, 05 May 2025 13:28:12 GMT; path=/; secure; SameSite=None
oaidts=1714915691; expires=Mon, 05 May 2025 13:28:12 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 12 May 2024 13:28:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 | 188.114.97.1 | 200 OK | 35 kB |
URL GET HTTP/2topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 IP188.114.97.1:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4fa6b892dbb4f17837c0b491c1c04699 3bb0ed9288ad14c11a376bad907a450a00080673 80876bad2ff041a1e76439fa894b879afa0f803ef0e12145fd5376b56afadbbf
GET /?source=1952513182&site_id=558728&spot_id=558728 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: c2b741e48e284960bcfc1e00461559e4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rn3RF2XQsgxNMqurrNhfXjkjfol2B4QeXGwZo3HSJA74J1tzjBk6VhNK%2Fw3H2NGTsJ89m266Qve1oXrrwmRM3fyMJlxzEEN15Rj5h3lFLTNRCNvi3mDG9ySMtHAcfvV1VIM0wG23%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1128d99e40b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.70.197 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9is32%2FvBRjKBMF%2BBEdP7sN4xINU%2FGCfuJuuuQf7jR0OhsmJZXKf2mdBIWRxQZC2Xdb%2Fu4CIqU4D7O62VmM5Sr%2FSS%2FfBC%2F%2BHVMfwaHKXWIcGc9wRp0B%2B1xU6yUr79Ax7dbmD2Vmzn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14188
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112714d60abe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 421783
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f11273bc1eb51b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| devoutgrantedserenity.com/pixel/purst?dl=0&th=0&sc=0&rs=3109&rd=3109&fd=1162&bv=24.5.6485&tmpl=136 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1devoutgrantedserenity.com/pixel/purst?dl=0&th=0&sc=0&rs=3109&rd=3109&fd=1162&bv=24.5.6485&tmpl=136 IP172.240.127.234:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectdevoutgrantedserenity.com FingerprintC7:C2:27:F3:0F:CD:E1:02:46:46:88:9C:46:E0:52:70:64:71:1F:86 ValidityMon, 29 Apr 2024 12:36:12 GMT - Sun, 28 Jul 2024 12:36:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=3109&rd=3109&fd=1162&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: devoutgrantedserenity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 13:28:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-1762a"
expires: Tue, 04 Jun 2024 13:27:07 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 111 kB |
URL GET HTTP/2videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111387 bytes) Hash6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca
GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1b31b"
expires: Tue, 04 Jun 2024 13:27:40 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/settings/59845 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2dog.seetron.net/api/settings/59845 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59845 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:08 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 104.22.70.197 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMNCF5cuYNbdgSQIYvGvJmAiNyrh4kdkShQKpIHbislO3uUBlP2WcmvA7CwUz25UAwFVWMunJPGRuiI78m2oYPQhcG%2FLrEnWp7pzWU%2BujyuRcJns%2FzbfiyL7PHZhZxHqwBORwnEho8YWG5UW6DUZlpFo"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7764
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112750a0babe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.animezeno.sbs/
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/xx1x1z02lb5b.html
Cookie: lang=1; file_id=; _ga_HEX1BG8H46=GS1.1.1714915690.1.0.1714915690.60.0.0; _ga=GA1.1.1667976186.1714915690; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:10 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:37 GMT
vary: Accept-Encoding
etag: W/"662ca99d-47e"
expires: Tue, 04 Jun 2024 13:25:40 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cb55ma0VLYinpWd3QTw3rXL37Akw%2FsrCdSdyAMCiEur%2FdfuzsngUcatpH45JdNa67eVUFxTgnTOc%2BcmMyZobVET97cv%2F2Kxohy5xDqGa2aAVNfAI2PEUsa1JNQlVO%2BsI8m3bfYjnKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112729a451c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 IP142.250.74.163:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48336, version 1.0 Hashbfe7ad4aa54cff8909b2d7632073cc30 7c2e625bea4d449ca78cde09ab59dc6c9cb4726f 47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
GET /s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 09:19:20 GMT
expires: Fri, 02 May 2025 09:19:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
age: 274128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hash824a3f01774373d84e2c831d29c4cdc1 a90fddcc8bc46e63240496ec164cbbb651a379d0 735c9eb1ab5740ecd5f901abf9c89369e3feedd80f2ed6feb9d716aeb75a818d
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Botvy0UlcMTkkpF7YB6eCq%2FMv81BIhhSuCxcI3apmPCIoCaH7dCmAakattKEcZWKe0rTOApDNy3NBw53tO0vPCh%2BF76S3vYWHztCSKsVOMgzAtDEpcNS9OA4Pyw3wy31WVnIWd4wp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1127229f81c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:28:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://becast.onionlive.workers.dev/
|
|
| dog.seetron.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload | 135.181.208.216 | 200 OK | 910 B |
URL GET HTTP/2dog.seetron.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (1017), with no line terminators Hashc16a556e669183058fecca4ce1e29af3 7424172615a0252ba57544d6b2c604ea96dd55ff 5e4f581090b4657994428accada371353d357103b294210d323406ba2a741c8c
GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=w9SxmfpWnbKmvU0Qre64
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:11 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBsLpxv3Bk6TzreodkXP1df6TZ0sb%2FP6JTfYghQHaToilh6w1jS516Ii2cQgrzVJifGg48NdmDCFZ9c53HCyDCeegs0uMtY1VG5SRyctDhkcm4FOrxNWUTtRlHcz9EGc11WWVHyZ3c8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112727a2e1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 104.22.70.197 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDPgy6%2FCFco7ZqeYZITOPpe4G7aTd1GkCTxJkCzo3%2Faq1nSc8YCKI5rv%2FEc26ZobIVPfG95wngqxtuC1v6ytV7ocv34Wmf%2FCJNYbd0Rt8Iro2ga8%2Bx3Q3cFEQLvZQNh9dar9LmUpfyutdXuKILUrcx88"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14384
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f112750a09abe6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zv.7vid.net/api/spots/70101?s1=&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70101?s1=&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70101?s1=&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fxx1x1z02lb5b.html&sid=737ee3b8-abf3-4e83-8339-71b2390e1561 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=R8LVqHa0WhB4BlXY7ttv; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| vast.yomeno.xyz/?tcid=13095 | 109.206.163.116 | 200 OK | 3.0 kB |
URL GET HTTP/2vast.yomeno.xyz/?tcid=13095 IP109.206.163.116:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvast.yomeno.xyz FingerprintD7:6E:F9:BD:F8:D1:0F:D3:7D:55:3B:C5:8C:48:23:61:40:31:97:01 ValiditySat, 23 Mar 2024 03:09:31 GMT - Fri, 21 Jun 2024 03:09:30 GMT
File typeASCII text, with very long lines (2997), with no line terminators Hash616ca9686df0557623c124b55408a84a b769e634326cb76864cca88c8b85130069e8b996 0ca8e8185ec62c57e1ed12bb184c50624baae107eec012483a9407c545450fab
GET /?tcid=13095 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/vregister.php?a=vview&errorcode=3&idzone=5075902&dg=6538616-NOR-96221788-3-0-1-0-InLine | 95.211.229.248 | 200 OK | 0 B |
URL GET HTTP/1.1s.magsrv.com/vregister.php?a=vview&errorcode=3&idzone=5075902&dg=6538616-NOR-96221788-3-0-1-0-InLine IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectmagsrv.com FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51 ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vregister.php?a=vview&errorcode=3&idzone=5075902&dg=6538616-NOR-96221788-3-0-1-0-InLine HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226637896bafca25.26575634251676314%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C5075902%7C96221788%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1746284589%7Cvidezz.net%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714915691%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Ceee5475c83d0377f7c625bb4c4a55cfa%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 13:28:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| mcpuwpsh.com/popunder/in/click/?mid=6778367339697951691&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=d850c20ea9e6435c20f52bda7640ae20&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 35 kB |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=6778367339697951691&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=d850c20ea9e6435c20f52bda7640ae20&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=6778367339697951691&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-0&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=d850c20ea9e6435c20f52bda7640ae20&score=334.71740137294904&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D334.71740137294904%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 05 May 2024 13:28:12 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=334.71740137294904&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| videzz.net/xx1x1z02lb5b.html | 78.142.18.54 | 200 OK | 44 kB |
URL User Request GET HTTP/2videzz.net/xx1x1z02lb5b.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xx1x1z02lb5b.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 04 May 2024 13:28:07 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Sat, 06-May-2023 13:28:07 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/telergram_button.png | 78.142.18.54 | 200 OK | 7.1 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/telergram_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash30c0202bb8d66d562c2f6f74e04cecf5 330d3cb6d6e12800458fb4e711f5ad2669ed6418 5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60
GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 05 May 2024 13:28:08 GMT
content-type: image/png
content-length: 7130
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-1bda"
expires: Tue, 04 Jun 2024 13:18:42 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP172.67.205.77:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:09 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfOFndGnpX7hOcEXwCP0lcYIlICcA7sLkEjLND4Rze7PZ2aEdU1McxKMX97HR%2F9WSuc%2BTKryAYJOcLiC5rFSxFprtN37xCwk1emrvYosx%2Fxlnsu9rZPzRNvUGVLaFEitnq5wD601%2FpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f112708a5356c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 13:28:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| static.addtoany.com/menu/page.js | 104.22.70.197 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP104.22.70.197:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:08 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWZsNxx5LDQ%2FCmyOFsE8E2BnrVsLnneGIQNyd9wW5p4HAuYJk1J8NDKyEOb3GQVsuv1k1liuf%2Bmj3zbtE6j3FHtvw%2FKNdKKDmXgE%2Fq44DiWXRWJOh045rrNs9uLI3BbIrsQ0WiQVSeSa3Tq2fKeyXXzg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20497
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87f1126a996f92df-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| allvideometrika.com/f.php?sid=212515 | 104.21.83.61 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP104.21.83.61:443
Requested byhttps://videzz.net/xx1x1z02lb5b.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:28:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZFaGjUBB4G1zD5Og9QiqaumbssI81WT0KF9o0INo5Mx3wOidLit%2FXa4Gp2FbD29sv%2F8FMO2iw3l861xWcul2JdlPz3CIcJ4Dolu4miz5%2Fs2vQki7Lcc5uqY7zJKqoX4E8%2Bosb3f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1127669f0b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
0.0.0.0