| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-23"
expires: Mon, 03 Jun 2024 18:05:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-d3"
expires: Mon, 03 Jun 2024 18:05:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-2074"
expires: Mon, 03 Jun 2024 18:05:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-18e9"
expires: Mon, 03 Jun 2024 18:06:27 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/LrfK7A3.js | 135.181.208.216 | 200 OK | 77 kB |
URL GET HTTP/2dog.seetron.net/LrfK7A3.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /LrfK7A3.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/lx4oag1.js | 135.181.208.216 | 200 OK | 77 kB |
URL GET HTTP/2dog.seetron.net/lx4oag1.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /lx4oag1.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash9280f886360b1c2cc4b2ebadc4be8457 88a99b591d4ade06876a74cdb0f9aa7cc698036e 5742ac3be3556abba7ad33fad593f698c380fa1ad85581d6afdf94f2bf9b837a
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:27 GMT
expires: Sat, 04 May 2024 18:06:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yd.cottoidearldom.com/1clkn/14903 | 23.109.170.72 | 200 OK | 26 B |
URL GET HTTP/1.1yd.cottoidearldom.com/1clkn/14903 IP23.109.170.72:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectyd.cottoidearldom.com Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:27 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 18:06:27 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 18:06:27 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 243453
expires: Thu, 24 Apr 2025 18:06:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l45Xl1VE%2Bi2%2BJr8oJIKYJB9PClci5k2zd%2BPLeo5IH6lIAWIGHM7%2FekuSZu%2FZpEswykDd3ewmebcuONiXCG69VzQ%2B%2BIQ9h32EDR81uqJ2uraUKj6gFKAlxOqw%2FNGDEzirGoX3x3rh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea6cc0fe7756a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hash640c04483ec4f2747b350311fb970cc7 e2fbf2d1004ca08fa97ac63cb0908662b7359191 90c9dd32f46e39e818c78d0d8faabb61731be77d1b8c8db4f95693fb719c9c66
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:28 GMT
expires: Sat, 04 May 2024 18:06:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js | 172.240.253.132 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP172.240.253.132:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44115), with no line terminators Hash07d87364a2dc9d48d89c122e29139fb7 06cb79ab82127288a90f796b50f389c3091053b4 edafe0cba2b634388234ef51f635d1a9ab94c16675232b6b2a1e9f35b3d96a58
GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:06:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Tue, 07 May 2024 21:06:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8d3ee357d0a2ca6c9b85108d1a198fd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| zv.7vid.net/api/spots/70102?s1=174908&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515 | 135.181.208.216 | 200 OK | 545 B |
URL GET HTTP/2zv.7vid.net/api/spots/70102?s1=174908&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typegzip compressed data, from Unix Hash96681d988efe1a616cd8e5f9ad89f8a3 1e5b9d5a5cbff23b52e356f82b155a5209d6b96e a07265bf8e2784eeaa7f885272e8ff6d6bce27d3f9266786f9999da71329f1f5
GET /api/spots/70102?s1=174908&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=sV1wOwlToO4W1wnKjRyD; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd2fb19d8d1ae49388732a3b16cc9a75c ecc2290ef0f423616396cc6576293403416f41fd cccc7fc85f18fbd4a8174f986e0af306a9086b6b13045ab286f7ff8ffc3cf818
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e54da55b-9dea-42ca-ad22-8912f24bb312:1:1; expires=Tue, 02 May 2034 18:06:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 172.67.39.148 | 200 OK | 37 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3003), with no line terminators Hash5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgezfhqgqVTMRSCdIrsKRfYkTxH%2FPj8LGo%2FZi7bo9fU4bzjrWOUuM%2FuqWdESz21N5bpaJYUt1gOALJJNuyaI4ehXqxRbTvLTpK26n%2FiZMmvypcd9Sxrz%2Bq3mFCmK6Ma%2FchKwisEm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6518
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cbe3b9656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 95 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaVIZGzleVd1Bn6XjRpe3bzvPIMazWhX3nStUn1QKI4fzP37yNbQx1RJcIDjeQeNL4Khbrm9xhwde3Gc6C4PxnHE6cd2gtUWtX00vpTo62Ae9jka%2FKfGxRCc88nxduDb6AL%2F0m9WPHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3f91256ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dismaytestimony.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js | 192.243.59.13 | 200 OK | 30 kB |
URL GET HTTP/1.1dismaytestimony.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashede8e514e8171037491e1dfdf1a63da8 7692b8f7f74419b001094ec4c7281a7cf8298bcf 0bae85e7d1716aead8c323db9f2ee455aa1d7e7ae694323e1e1614d303c23eab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7843ca7b80b2b3af3e702d627a289b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.11.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.11.207:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 352083
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc75cd1b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd2fb19d8d1ae49388732a3b16cc9a75c ecc2290ef0f423616396cc6576293403416f41fd cccc7fc85f18fbd4a8174f986e0af306a9086b6b13045ab286f7ff8ffc3cf818
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=e54da55b-9dea-42ca-ad22-8912f24bb312:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| dismaytestimony.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66&psid=CF-3448_0 | 192.243.59.13 | 200 OK | 6.1 kB |
URL GET HTTP/1.1dismaytestimony.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66&psid=CF-3448_0 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
Hash460569000ba5260045e21151a4dc7f80 4dd9e51778e31b262d463bdd86832b1915c45e0f 4a68bc6905c176b16f7943069710ffc828fe031e05a6002354e51ea846610b79
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66&psid=CF-3448_0 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]; expires=Sat, 04 May 2024 18:06:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97b724059b92c28dfcd11cbc7251ca91
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 121 kB |
URL GET HTTP/2videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Size121 kB (121257 bytes) Hash6886c48e623fba1d38b7ee9c6f1b088c 1f38ba1ac588ca5b7edeb0e4193798e7e53413b7 2becc81fb7b82848cb89a0c6e7095bd422dea94141c3315b8e08f5e5579aae67
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-96f9f"
expires: Mon, 03 Jun 2024 18:05:12 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 65 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Hashb0371175f00eaefdd884b58d55fcc4c0 e9cd29fe5b0b8b880aea7cc04fbabebecab3050e 92dcf1eaab5ebc24ac94afa98961e19e15abcba4b43f270dd862bcd957435e4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-26cb6"
expires: Mon, 03 Jun 2024 18:04:22 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 172.67.39.148 | 200 OK | 26 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK8gUdgRP8GeYnLNHjDu6u8caDNHdfO2sQNKdIoJNqcMjR7wKzBSRPIzKBAhIZ8GUNx3vYpRT%2B9Wl0bTiXTo1YqoNOdrpxq%2F84ur0eWSRu%2B8ofOTPc9x7M1JwH%2F7P4Z%2FP3le3Hg2mdvhb0ePe1lTNo51"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc2ff2d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dismaytestimony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fs8aTgv96K8KCFBTrZmZ2M7trD8E0jQTTpraKBYXyZt6bzTNv5g3vzdvZ7Ck0ID0uXrxOfps0VEvVkyerbAoKASHrKYfm5sGT0GKvyq6hwQ9mvu97v9%2BD3%2Ff73hfb9pj4sPRo8bLqCynp7FzNrb55w%2FMuVFdEanvVXiu4GTQuVHX33XZQc9%2Bqvs%2BjdTXru57req5XXRKax6o3OwEhsnttr9Z2aw2%2F5s010NP%2F7411YKgD1j0mr0Kw8cxD5wxENEKafLfIzXqusvOXEitprjS6bO%2FjdD1VRYrktIy1gzjdO2FDmcOlB1Dp7lQuVPcZMRRj4vzyAGG6dyISYXdnqjOU4ClC9gKK7ghcjiDoCJHagmCHBIgYrqwiTe5cUbqgG%2F%2BhdIKOyczTJxDFmMw8OoM0ub8gRa96XUmbC5Ua9OISojeC6IyQ2X3k%2FQpEsY8ovwXBfiOzT1eQJjurRioIVk5nF2IEEY8g%2BQDUOLCTTziwsQObOUjYUTXyPK%2Fpsoi6rXYU1VmThwFzPdqMPeq5QQs2msgbIM8GiOQAkd5EpjexLgbQ9meYtRKGOTD5mDgfbqLLShScoDAEBSUoBEGRExTdcpdJ45vyDpPGht5J9k9yvRyqvLNNd1Xe4SkB1QNoVm5nx%2BSViT%2FOGxUf6%2FyoGrOGGwYtn7pzvEFp3Gi1md8OXK8%2B51IaBDDi7sWld%2BqNRuumC2Eq09n7YkzOxT8gE2Py4q8EId2HkfuIxGug9nXQogRdK9FPv02oSGtdwVSf1lKeg6kSWT6DfMPZlsfk7HRbq1sGPDqYf%2FLP%2FbPuo78Q6RKZLvG5eEjQkbeH11RBdq6pwpDvV7NcJKJPJ5u8ntOcP%2F%2F1B3yjUJotL5rB3feiCTAp733ETb5CUybSjiHfLAjGuF5SOuLkx2XzCQ%2BvWrO2YHVqs5WrF5eWk0xzY4RKR6Di8NJXiMSYvPTTZ9Mnev7TPyD0CNqWSOwBOQkItY8o24TJDuYfy7%2FfHuzdglEEWp5ywsxBYcuh9sPTQykIJD%2FtaVjC8IP5P2%2B8HF4eP0bIn9kx1HRym4py29xGR1dA8y2kSYmuLtGVJagcwNjnhnmmD%2BZ%2Fr08DoawMQ6krO6HU8supyZOfhRFH1Wa97tKgPec1m5Q3w4bfigOPUeo3Aj8IaB25GcfBxrl%2FAQAA%2F%2F8BAAD%2F%2F%2FYy0WN8BAAA | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1dismaytestimony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fs8aTgv96K8KCFBTrZmZ2M7trD8E0jQTTpraKBYXyZt6bzTNv5g3vzdvZ7Ck0ID0uXrxOfps0VEvVkyerbAoKASHrKYfm5sGT0GKvyq6hwQ9mvu97v9%2BD3%2Ff73hfb9pj4sPRo8bLqCynp7FzNrb55w%2FMuVFdEanvVXiu4GTQuVHX33XZQc9%2Bqvs%2BjdTXru57req5XXRKax6o3OwEhsnttr9Z2aw2%2F5s010NP%2F7411YKgD1j0mr0Kw8cxD5wxENEKafLfIzXqusvOXEitprjS6bO%2FjdD1VRYrktIy1gzjdO2FDmcOlB1Dp7lQuVPcZMRRj4vzyAGG6dyISYXdnqjOU4ClC9gKK7ghcjiDoCJHagmCHBIgYrqwiTe5cUbqgG%2F%2BhdIKOyczTJxDFmMw8OoM0ub8gRa96XUmbC5Ua9OISojeC6IyQ2X3k%2FQpEsY8ovwXBfiOzT1eQJjurRioIVk5nF2IEEY8g%2BQDUOLCTTziwsQObOUjYUTXyPK%2Fpsoi6rXYU1VmThwFzPdqMPeq5QQs2msgbIM8GiOQAkd5EpjexLgbQ9meYtRKGOTD5mDgfbqLLShScoDAEBSUoBEGRExTdcpdJ45vyDpPGht5J9k9yvRyqvLNNd1Xe4SkB1QNoVm5nx%2BSViT%2FOGxUf6%2FyoGrOGGwYtn7pzvEFp3Gi1md8OXK8%2B51IaBDDi7sWld%2BqNRuumC2Eq09n7YkzOxT8gE2Py4q8EId2HkfuIxGug9nXQogRdK9FPv02oSGtdwVSf1lKeg6kSWT6DfMPZlsfk7HRbq1sGPDqYf%2FLP%2FbPuo78Q6RKZLvG5eEjQkbeH11RBdq6pwpDvV7NcJKJPJ5u8ntOcP%2F%2F1B3yjUJotL5rB3feiCTAp733ETb5CUybSjiHfLAjGuF5SOuLkx2XzCQ%2BvWrO2YHVqs5WrF5eWk0xzY4RKR6Di8NJXiMSYvPTTZ9Mnev7TPyD0CNqWSOwBOQkItY8o24TJDuYfy7%2FfHuzdglEEWp5ywsxBYcuh9sPTQykIJD%2FtaVjC8IP5P2%2B8HF4eP0bIn9kx1HRym4py29xGR1dA8y2kSYmuLtGVJagcwNjnhnmmD%2BZ%2Fr08DoawMQ6krO6HU8supyZOfhRFH1Wa97tKgPec1m5Q3w4bfigOPUeo3Aj8IaB25GcfBxrl%2FAQAA%2F%2F8BAAD%2F%2F%2FYy0WN8BAAA IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fs8aTgv96K8KCFBTrZmZ2M7trD8E0jQTTpraKBYXyZt6bzTNv5g3vzdvZ7Ck0ID0uXrxOfps0VEvVkyerbAoKASHrKYfm5sGT0GKvyq6hwQ9mvu97v9%2BD3%2Ff73hfb9pj4sPRo8bLqCynp7FzNrb55w%2FMuVFdEanvVXiu4GTQuVHX33XZQc9%2Bqvs%2BjdTXru57req5XXRKax6o3OwEhsnttr9Z2aw2%2F5s010NP%2F7411YKgD1j0mr0Kw8cxD5wxENEKafLfIzXqusvOXEitprjS6bO%2FjdD1VRYrktIy1gzjdO2FDmcOlB1Dp7lQuVPcZMRRj4vzyAGG6dyISYXdnqjOU4ClC9gKK7ghcjiDoCJHagmCHBIgYrqwiTe5cUbqgG%2F%2BhdIKOyczTJxDFmMw8OoM0ub8gRa96XUmbC5Ua9OISojeC6IyQ2X3k%2FQpEsY8ovwXBfiOzT1eQJjurRioIVk5nF2IEEY8g%2BQDUOLCTTziwsQObOUjYUTXyPK%2Fpsoi6rXYU1VmThwFzPdqMPeq5QQs2msgbIM8GiOQAkd5EpjexLgbQ9meYtRKGOTD5mDgfbqLLShScoDAEBSUoBEGRExTdcpdJ45vyDpPGht5J9k9yvRyqvLNNd1Xe4SkB1QNoVm5nx%2BSViT%2FOGxUf6%2FyoGrOGGwYtn7pzvEFp3Gi1md8OXK8%2B51IaBDDi7sWld%2BqNRuumC2Eq09n7YkzOxT8gE2Py4q8EId2HkfuIxGug9nXQogRdK9FPv02oSGtdwVSf1lKeg6kSWT6DfMPZlsfk7HRbq1sGPDqYf%2FLP%2FbPuo78Q6RKZLvG5eEjQkbeH11RBdq6pwpDvV7NcJKJPJ5u8ntOcP%2F%2F1B3yjUJotL5rB3feiCTAp733ETb5CUybSjiHfLAjGuF5SOuLkx2XzCQ%2BvWrO2YHVqs5WrF5eWk0xzY4RKR6Di8NJXiMSYvPTTZ9Mnev7TPyD0CNqWSOwBOQkItY8o24TJDuYfy7%2FfHuzdglEEWp5ywsxBYcuh9sPTQykIJD%2FtaVjC8IP5P2%2B8HF4eP0bIn9kx1HRym4py29xGR1dA8y2kSYmuLtGVJagcwNjnhnmmD%2BZ%2Fr08DoawMQ6krO6HU8supyZOfhRFH1Wa97tKgPec1m5Q3w4bfigOPUeo3Aj8IaB25GcfBxrl%2FAQAA%2F%2F8BAAD%2F%2F%2FYy0WN8BAAA HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d42a71e4f424d3bd5c1f49f5f6644d39
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1714845988057&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2195 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1714845988057&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2195 IP216.239.34.36:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1714845988057&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2195 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Sat, 04 May 2024 18:06:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=53 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=53 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=53 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif | 172.67.141.24 | 200 OK | 206 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif IP172.67.141.24:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeGIF image data, version 89a, 480 x 360 Size206 kB (206291 bytes) Hash0b33face774f2203446507ce5f075538 1dd3522529bce7739df0687f47f5bc84356698a0 ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2
GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 343616
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uxmk9ztGD0pPBGnD2yLnR3mBriKx9Oge6cb6uD549g3FeXXzlfVakZar6531QIVyANpFmqL%2BnrEN5R9MR47dNCDKiVIEIBRIB%2F1Adpni40SQvKDs25QLfg8pLordZoBldSgACPAE8K%2Bl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccd6c1c569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 | 172.67.141.24 | 206 Partial Content | 34 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 IP172.67.141.24:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash69e52ff16a779d8ab66a1156cc50ab23 27f8897a2acc3bcfd319c267d137aaa4650fb3c5 2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61
GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Sat, 04 May 2024 18:06:29 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 343607
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MqyiinyG%2FVrATJOQFh27hrLct00hRMYVN17U%2BcXsCvZTy9TWikbuU5Y6He29QZ84vzVd07Y9NTKTmFz7af9cws2NL4gYAvEtyCIomaCIWYB2XTB1NDkw%2B7asYekTI%2F7Yuy3h2e3KMnq2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccd7c1f569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 172.67.205.77 | 200 OK | 144 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashf5ed6ce7b82ba2323315254d8ec73268 130f2deb64cffe104ed683e06bb6f60d3755ac1c fea4d8201695c74087e6b7cdd58df01361f12fcad31870e7d9fbbed7402a2926
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wK0k1ToQzorLgbnFAs2U8BhAJGmDDz7BtyNdvLOcy1RDRowh0HLTef3NXBKPTwA8xA5QiZLLCiOth1lt%2BDYPrMCA9Pi7hy4aLZD6lNc5rhbl9UjLpWDu7PpwpcpxLKfMdqUmTcdzXU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3f90f56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css | 172.67.141.24 | 200 OK | 1.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css IP172.67.141.24:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashaf19abbabe1a862a20cb0e0a3ef31c7e efcc04c4011905e4f013adae56ea928dc47ac7ef 8a72b4d48ce36805c492e3927213e1327c8d924544a595527da9955fd8916e19
GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 328175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4S1BQYnwcPyZMYSPUAMD6kLqQmeEX90u7N9%2FgBHNNFdZgQGbkSBObeSnZC54KmEauAORnn2HQY0n4BKSDlyzLXaBPaaZdwa1j6Rx6Q4e3rodNPZ6ELiTo3nX%2BnvLUrVm%2FYrTzq0QKTz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cccdb32b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsSirc3TzkY3%2FA5p184IGKmuasc%2BwBq4ebLDAknHF3idebl10fU1lyYWV4kuxjJK7ZW3XY5l6ASuBDV5tmITYt5Rymxa8CSFGW4lrke%2F9egk5%2BmwQYaHhspZivDWH3%2FGD%2BZQfQgJLUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc75be81bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iVqfRWTW9U0SzVH6SyKNIlL3dUQAfNuw9DPMDLhfEIqNQfsOXvXX39WFp73Gn0DT4MNEz%2BuZeE3gc%2F5zEBTO0ouPy%2FBQeKBwjHIjdi7iEAF8S8%2BzHOdwP8P9BhYbVD4U39CmXbQkmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc83cbf1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=55 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=55 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=55 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash5e48f11f5e65274412215f94f73f8c49 4dd35e5b5136df76bd7ff9da1f119d0ec0e57ff7 40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:06:30 GMT
date: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-7 | 142.250.74.168 | | 72 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-7 IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash42f0d9e93e4b188c45d4edf4f394e091 9b59f40609f6e5f973b5e798c64c656e1d8e0d04 ad704719fc2b9cb3439df6d840bcf3b55c5c07644af7aff3388c914f4c9e2e88
GET /gtag/js?id=UA-119774978-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK | 142.250.74.168 | | 103 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size103 kB (102757 bytes) Hash4a5211aa47347416ee9cd867aae7057c b4221f12477cdf4ad1bb1b0aef44496718ff7750 a7d45b48cac24327bec8ba928b0398793b10dcaedf99cedfc5cc506b9bee3af3
GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| tfosrv.com/impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7 | 216.18.168.29 | 302 Found | 0 B |
URL GET HTTP/1.1tfosrv.com/impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7 IP216.18.168.29:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.tfosrv.com Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80 ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=a485aa4b-4506-4500-a377-2ddb8a23d95c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Sat, 04 May 2024 18:06:30 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f
set-cookie: sppc_uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css | 172.67.141.24 | 200 OK | 5.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css IP172.67.141.24:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash49a38187f94418e173e4bcc50c96dc4b b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293 92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0
GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 328175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fN8goGule%2BGQ56IiPOcmW0%2F5NfM%2FdanIAxwjR2%2BXeMAK5V%2FY4FawzxOoQHYsEyB%2FtKk5LOS7ZnpEyYxf1Xxw0lyvLGKa2znRtea%2FvDchkblSqXY3yeJYwoF%2BNAg0S%2FcRBM2Xok5tJWga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cccdb2eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c | 142.250.74.168 | | 94 kB |
URL www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hashf390046d962e105c12f4dbb23e8d7865 5522dc3d15196dfe8b71f59a9729a4c215b43c27 237332e2b314dc0eb1e79d69cbfc36ffd8d04870ac5ebb914c77a4c1c5aa9e5a
GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c | 142.250.74.168 | | 102 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101650 bytes) Hash5a924abc240e28d0f3d68ab95da3f925 c7c95cd17ffccf12a5b3084a5ec9b190b4795c84 334f66e8b2ec164594f0ecc6261a9ed586c2125c906879c081ef49b46f1d3ce6
GET /gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| dismaytestimony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Bb4wrBf%2B6K8KAFBTr5L35y4xdBNM0Ekyb2ioWFMr9e5Nr7nv3ce978yazCg1Il4Mbty%2FfJA3VUnXlyiqTgkJAyLjKotm5cCW02K0yY2jwwHvnnPt9F77znfvFdnZMqsjo0eJl01da09lGxS%2B%2FeSMILpRXVJz1yr1W82azfqFsu%2B%2B2mxX%2FrfL7kq%2Bb2aof%2BH7gB%2BUlZWVoerMTECq51w4qbb9Sr1aCRh09%2B%2F%2FeZR4c9SC6x%2BRVKDGeeeidgeIjxNF3i9KtpyY5fynKNE2NRVfsfRyvxyaPEZ2WofUQxnsnbBh3uPQAJt6dyoXpPiMyNSbeLw%2FA4r0TkWDdnalOpiFjMPEC8u4IUo%2Bg6AjcbEGJQwJwgSuriKM7V4zN6cZ%2FKJ2gYzLz9AlUPiYzj84gju4vaNUrXzc6S5WJHXphAdUbQXVGSLJ9pP0SVL4Pnt6CEr%2BR2acriKOdVacNlCimsys1ggpH0HIA6jxkk095yEIPWeIhEkdlHgTBnC849VttzmtiTrKm8AM6FwY08JstZHwib4A0GYDrAbjdRGI3sa4GsNnPcGsFnPDg0jHxPtxEVxTIJUHuCHJKkCuCPCXIu8Wu0K7qijtCu4wFJ7l6kmvF0KSdbbpr0o6MCagdwIpiOzkmr0z88d4oVbEuj8qhqPus2apSvyHrlIb1VltU200%2FqDV8SptNOHX34tI7tXq9ddOHcqXp7H01JufCH5CoMXnxVwJG9%2BH0Prh6DTR7HTQvQNcK9ONvI6riSlcJ06eVWKYQpkCSziDd8Lb1MTk73dbqloPkB%2FNP%2Frl%2F1n%2F0F7gtkNgCn6uHBB19e3jN5GTnmskd%2BX41SVWk%2BnSyyespTeXzX38gN3JjxfKiG9x9j0%2BASXnvI%2BnSFRoLFXcc%2BWZBCSHtkrFckh%2BX3SeSXc3c2kJm4yxZuXpxaTlKrHROmXgEqg4vfQWuxuSlnz6bPtHzn%2F4BZUewWYEoOyAnAWX2wZNNuORg%2FrH%2B%2B%2B3B3i04Q2D1KYclHvKsGNoqOz3UikDL056yAk4ezP9542V2efwYTD6zY2jp5DZVxba7jY4tgaZbiKMCXVugqwtQPYDLnhumiT2Y%2F702DTBdGjJtSztMW%2F3l1OTJL4NTR%2BWaL%2BaYDOUck%2FVGPZRcsEaD%2BTzkrCZaLY7UjcPmxrl%2FAQAA%2F%2F8BAAD%2F%2F3bmBIt8BAAA | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1dismaytestimony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Bb4wrBf%2B6K8KAFBTr5L35y4xdBNM0Ekyb2ioWFMr9e5Nr7nv3ce978yazCg1Il4Mbty%2FfJA3VUnXlyiqTgkJAyLjKotm5cCW02K0yY2jwwHvnnPt9F77znfvFdnZMqsjo0eJl01da09lGxS%2B%2FeSMILpRXVJz1yr1W82azfqFsu%2B%2B2mxX%2FrfL7kq%2Bb2aof%2BH7gB%2BUlZWVoerMTECq51w4qbb9Sr1aCRh09%2B%2F%2FeZR4c9SC6x%2BRVKDGeeeidgeIjxNF3i9KtpyY5fynKNE2NRVfsfRyvxyaPEZ2WofUQxnsnbBh3uPQAJt6dyoXpPiMyNSbeLw%2FA4r0TkWDdnalOpiFjMPEC8u4IUo%2Bg6AjcbEGJQwJwgSuriKM7V4zN6cZ%2FKJ2gYzLz9AlUPiYzj84gju4vaNUrXzc6S5WJHXphAdUbQXVGSLJ9pP0SVL4Pnt6CEr%2BR2acriKOdVacNlCimsys1ggpH0HIA6jxkk095yEIPWeIhEkdlHgTBnC849VttzmtiTrKm8AM6FwY08JstZHwib4A0GYDrAbjdRGI3sa4GsNnPcGsFnPDg0jHxPtxEVxTIJUHuCHJKkCuCPCXIu8Wu0K7qijtCu4wFJ7l6kmvF0KSdbbpr0o6MCagdwIpiOzkmr0z88d4oVbEuj8qhqPus2apSvyHrlIb1VltU200%2FqDV8SptNOHX34tI7tXq9ddOHcqXp7H01JufCH5CoMXnxVwJG9%2BH0Prh6DTR7HTQvQNcK9ONvI6riSlcJ06eVWKYQpkCSziDd8Lb1MTk73dbqloPkB%2FNP%2Frl%2F1n%2F0F7gtkNgCn6uHBB19e3jN5GTnmskd%2BX41SVWk%2BnSyyespTeXzX38gN3JjxfKiG9x9j0%2BASXnvI%2BnSFRoLFXcc%2BWZBCSHtkrFckh%2BX3SeSXc3c2kJm4yxZuXpxaTlKrHROmXgEqg4vfQWuxuSlnz6bPtHzn%2F4BZUewWYEoOyAnAWX2wZNNuORg%2FrH%2B%2B%2B3B3i04Q2D1KYclHvKsGNoqOz3UikDL056yAk4ezP9542V2efwYTD6zY2jp5DZVxba7jY4tgaZbiKMCXVugqwtQPYDLnhumiT2Y%2F702DTBdGjJtSztMW%2F3l1OTJL4NTR%2BWaL%2BaYDOUck%2FVGPZRcsEaD%2BTzkrCZaLY7UjcPmxrl%2FAQAA%2F%2F8BAAD%2F%2F3bmBIt8BAAA IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Bb4wrBf%2B6K8KAFBTr5L35y4xdBNM0Ekyb2ioWFMr9e5Nr7nv3ce978yazCg1Il4Mbty%2FfJA3VUnXlyiqTgkJAyLjKotm5cCW02K0yY2jwwHvnnPt9F77znfvFdnZMqsjo0eJl01da09lGxS%2B%2FeSMILpRXVJz1yr1W82azfqFsu%2B%2B2mxX%2FrfL7kq%2Bb2aof%2BH7gB%2BUlZWVoerMTECq51w4qbb9Sr1aCRh09%2B%2F%2FeZR4c9SC6x%2BRVKDGeeeidgeIjxNF3i9KtpyY5fynKNE2NRVfsfRyvxyaPEZ2WofUQxnsnbBh3uPQAJt6dyoXpPiMyNSbeLw%2FA4r0TkWDdnalOpiFjMPEC8u4IUo%2Bg6AjcbEGJQwJwgSuriKM7V4zN6cZ%2FKJ2gYzLz9AlUPiYzj84gju4vaNUrXzc6S5WJHXphAdUbQXVGSLJ9pP0SVL4Pnt6CEr%2BR2acriKOdVacNlCimsys1ggpH0HIA6jxkk095yEIPWeIhEkdlHgTBnC849VttzmtiTrKm8AM6FwY08JstZHwib4A0GYDrAbjdRGI3sa4GsNnPcGsFnPDg0jHxPtxEVxTIJUHuCHJKkCuCPCXIu8Wu0K7qijtCu4wFJ7l6kmvF0KSdbbpr0o6MCagdwIpiOzkmr0z88d4oVbEuj8qhqPus2apSvyHrlIb1VltU200%2FqDV8SptNOHX34tI7tXq9ddOHcqXp7H01JufCH5CoMXnxVwJG9%2BH0Prh6DTR7HTQvQNcK9ONvI6riSlcJ06eVWKYQpkCSziDd8Lb1MTk73dbqloPkB%2FNP%2Frl%2F1n%2F0F7gtkNgCn6uHBB19e3jN5GTnmskd%2BX41SVWk%2BnSyyespTeXzX38gN3JjxfKiG9x9j0%2BASXnvI%2BnSFRoLFXcc%2BWZBCSHtkrFckh%2BX3SeSXc3c2kJm4yxZuXpxaTlKrHROmXgEqg4vfQWuxuSlnz6bPtHzn%2F4BZUewWYEoOyAnAWX2wZNNuORg%2FrH%2B%2B%2B3B3i04Q2D1KYclHvKsGNoqOz3UikDL056yAk4ezP9542V2efwYTD6zY2jp5DZVxba7jY4tgaZbiKMCXVugqwtQPYDLnhumiT2Y%2F702DTBdGjJtSztMW%2F3l1OTJL4NTR%2BWaL%2BaYDOUck%2FVGPZRcsEaD%2BTzkrCZaLY7UjcPmxrl%2FAQAA%2F%2F8BAAD%2F%2F3bmBIt8BAAA HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41036e6bd87a4cd440a53b108face7fa
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| dismaytestimony.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1dismaytestimony.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 53 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Hash788efc9c3385cbfc4b9a0ba082089335 6cfafdd2715c97df55572f456f220a044a0c9387 648c26b5754e32365150b0ff034da8bf4b76e5b619f472b1a3867997936bb806
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-29645"
expires: Mon, 03 Jun 2024 18:04:45 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 31073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 231090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c | 142.250.74.168 | | 71 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash13d57096053c2f89e213d6cb524a5b3b 5396a0f0bdc0aa4d8e4da5b1ac88f4fdd6e2a6c8 e93ac98b5520f17e43691b7e0f636f93e915b7ebf04fcf115058db587db56087
GET /gtag/js?id=UA-119774978-8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 505 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9hmKZ1f6agXewnteH8NFhYzgEGmMkwCQOakrhbtmfg5dhGN7sZmBAC4Pgpliefjb3hwBEMfs6veBXvvOP1CXhjSA2r4A%2FXSObguR8R3rXNCya6nxpFinrvZFOb5m3SlaLbhQW6Zm%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc4091c56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| trafforsrv.com/click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f | 216.18.168.28 | 302 Found | 0 B |
URL GET HTTP/1.1trafforsrv.com/click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f IP216.18.168.28:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.trafforsrv.com FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00 ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Sat, 04 May 2024 18:06:30 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=fdd65544-ccfa-456d-977c-ca945a009435; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| dog.seetron.net/api/settings/59846 | 135.181.208.216 | 200 OK | 414 B |
URL GET HTTP/2dog.seetron.net/api/settings/59846 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typegzip compressed data, from Unix Hash21a0a9ce8be40c1e7a7307a9fb9cfe7a 2f5ecb688e36c55718a866e41c3c37f2ecfb57f5 513be113166f77c78ff345893db75be1ced8468e2c2f14ca106aa13289e02ae1
GET /api/settings/59846 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=2030832543.1714845989>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=413211492 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=2030832543.1714845989>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=413211492 IP142.250.74.163:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=2030832543.1714845989>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=413211492 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 18:06:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/splash.php?idzone=5040978&type=8 | 95.211.229.247 | 200 OK | 478 B |
URL GET HTTP/1.1s.pemsrv.com/splash.php?idzone=5040978&type=8 IP95.211.229.247:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintBA:AA:AB:1F:22:EF:D5:0A:2D:0C:D0:E8:1C:F5:D4:F5:29:2A:0D:5D ValidityTue, 30 Apr 2024 07:53:35 GMT - Mon, 29 Jul 2024 07:53:34 GMT
File typeHTML document, ASCII text, with very long lines (717) Hash0a0facbef164c9e58f80ef97a1a0827e 11213522b288f0683c8f640b87b1e4e246ad8030 8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf
GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266367926f333e6.761464332405032564%22%3B%7D; expires=Mon, 04 May 2026 18:06:30 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNTk1fX0= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNTk1fX0= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNTk1fX0= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js | 104.17.25.14 | 200 OK | 5.1 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP104.17.25.14:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17660) Hash12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 248423
expires: Thu, 24 Apr 2025 18:06:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZ4SJ3eg9v92PrVGaotx63c8RIvTQdhDs5i%2F%2BLVC%2Fd3u7p8n2DbQ0pDIJgQgEbyp6KNZOyyPFVqC7uvP8NyeU4aozUib0tKRpwwGyPGxq4m54hqINvQcKod0xYiqAHv4%2F8cOCi3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea6cd4baee56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mcpuwpsh.com/popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNjEwfX0= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNjEwfX0= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNjEwfX0= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 | 135.181.208.216 | 200 OK | 419 B |
URL GET HTTP/2dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (373) Hash09c2eec970a16ced7d8a45ad8113a599 4732f5268881efe4fbc8d620117b0f1c4a723065 2027ca21356eb30bea2709e0967bda5285765966b478bfde420e34024858774b
GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=yJaSZp7sTldXrpgtUf2k; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 | 135.181.208.216 | 200 OK | 449 B |
URL GET HTTP/2dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (350) Hashbb125c0ed3920d4a09b9601b2d6a19a4 89ea2f25f1669ee5708aa0bc501eb80c2b3dfcc8 cbc1f7391bf5b7b99d2f4423f37bce5582f1b674968203d115c9bc6b964cdc34
GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=1OV557rxBvxm71lIk9lE; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| hoddlegamey.com/itLmTlMrHisAt/67652 | 23.109.170.77 | 200 OK | 61 B |
URL GET HTTP/1.1hoddlegamey.com/itLmTlMrHisAt/67652 IP23.109.170.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjecthoddlegamey.com Fingerprint07:BD:B4:24:F4:70:EB:F5:60:F8:9F:61:E8:65:29:7E:9B:54:8C:D2 ValidityMon, 22 Apr 2024 23:02:12 GMT - Sun, 21 Jul 2024 23:02:11 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 18:06:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 18:06:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| mcpuwpsh.com/popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| ossgogoaton.com/tag.min.js | 188.114.96.1 | 200 OK | 26 kB |
URL GET HTTP/2ossgogoaton.com/tag.min.js IP188.114.96.1:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectossgogoaton.com FingerprintDE:B3:2A:B0:2A:4A:C3:F8:A3:3F:5B:C6:96:E6:F1:41:55:B4:87:1E ValiditySat, 04 May 2024 10:37:16 GMT - Fri, 02 Aug 2024 10:37:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hashd8fe6d8977be78f78ee48c068b8c8686 e9c96bfc9bcd374f528f73c0441c2358d6d1d135 43423a879e310562ceed423aa563f4fac45713e6f59b0517d897e2c96a42993b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 75f804f095bd203a11970aa4780913d8
cache-control: max-age=86400
last-modified: Fri, 03 May 2024 05:53:49 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 04 May 2024 20:39:18 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 77233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbsw4twmvAf%2F5DbkWL8aFx2KmWby%2F8e60hPaTp9Tzp0GpOlTZFVVrHKntWsX85AcFo1dirlddfQ2DkoaHwWkQuAExFcT27ysrnir3W3Za4aHKZUVY0tM%2F0hqGO9oJkM2SrI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cd56bb11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.173.28 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.173.28:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Cookie: 849.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 849.0=1; expires=Sun, 05 May 2024 18:06:31 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=00805276252d4c5be7dcd3789b43edf6 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=00805276252d4c5be7dcd3789b43edf6 IP139.45.195.8:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash481c6e99c22c2dec226b4311569bc8ff c414baa623c568b3bf32a8431add77573ed7f2e2 b2fa63063e230f2027f6422b29291f5e38ab7a833d1194ba09cdb855d1adf8e7
GET /gid.js?userId=00805276252d4c5be7dcd3789b43edf6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00805276252d4c5be7dcd3789b43edf6; expires=Sun, 04 May 2025 18:06:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Do/g4.jpg | 188.114.96.1 | | 18 kB |
URL porn13.com/thumbs/AA/Do/g4.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x198, components 3 Hash2e3a76e552b73eb352650cf6fabc1eda 9b89d8ad2511127ba533e7bd95296980853fae10 a3790214e3350c87aa73e6052872be9ef3cd4102fa6baead8ced673557cca4b9
GET /thumbs/AA/Do/g4.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 17477
last-modified: Fri, 19 Aug 2022 16:09:25 GMT
etag: "62ffb5b5-4445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 343699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJcWmupZeUy14YovOKn30h02PMn2%2B2vB7Up7Yc0P0hWZMimVgJDgh%2B88CSGEyxyfA1NR%2Bx3iaen%2BYggL1FB5fzQzKev1dZfQt1BtWA1Xs4%2B%2BGGjEXH05yoRLCM22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdbcc5eb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Wn/pT.jpg | 188.114.96.1 | | 42 kB |
URL porn13.com/thumbs/AA/Wn/pT.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x198, components 3 Hashe8c0bf25f08c870fda507e60005e0686 8e4dc80792ebc32bfc74f7e4b0cb5b3ea3e93bb1 3a8b7696257794aaa82ba4245e64a7279d8dc4e2d0df7abe82ca2d719f72611e
GET /thumbs/AA/Wn/pT.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 42041
last-modified: Fri, 19 Aug 2022 16:17:24 GMT
etag: "62ffb794-a439"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 347997
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTE6sl2agwWEI3AgDVZfSwhZft9CPPTuCKtNOLAXxN%2F2BzagPbPF3kxWabbv%2FrU9oVl3hy46IlX7FTXyFUs4POpRNXxphfBaRdTJgssbilQfRdikwh7HTC%2FY4nU7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdbfcafb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22bc3076b2c7917caea283ba67514a00
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b7089723dcdc89304f7dc67189fc7b8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| topsites.hadesex.com/js/utm-datasource.js?v=1.90 | 188.114.96.1 | | 21 kB |
URL topsites.hadesex.com/js/utm-datasource.js?v=1.90 IP188.114.96.1:0
File typeGeneric INItialization configuration [] Hashf9eb7bacc6a92d4e5d1ae8299b53a3bb 3fef0ee46b983203be0c4dfb15a90a29526a391b 6fd474fdf1c98b145149e617ee1a24876332690123ff8c4cd43bbcce7c1b7bcf
GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 352129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCJp6u8rRlpnJEutRP67ehWr2%2FUIwm2LuVDf85gygbvhHoX9X0FB0qaNcna7wXBUumJpNHmMPJtjBQQ5dIaEpCUgI4OLGLT0hIvqbPUjxXC6GfbuuJIP7JgsJNF3wXqIY4bU9Ya%2Fxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cdb6e390b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| porn13.com/thumbs/AA/Wn/pT.jpg | 188.114.96.1 | | 42 kB |
URL porn13.com/thumbs/AA/Wn/pT.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x198, components 3 Hashe8c0bf25f08c870fda507e60005e0686 8e4dc80792ebc32bfc74f7e4b0cb5b3ea3e93bb1 3a8b7696257794aaa82ba4245e64a7279d8dc4e2d0df7abe82ca2d719f72611e
GET /thumbs/AA/Wn/pT.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 42041
last-modified: Fri, 19 Aug 2022 16:17:24 GMT
etag: "62ffb794-a439"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 347997
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vR7zXwjVAWUc9e8Wk%2FNNNYtwxxbV3ODYIiWTQsdezVpnFdV4TUHE4%2FrbbBtzebKIBLqYaQs%2FlS9EdhJ5AJHQhx1K1%2FGmVvZXVztlnEN2jVE0zgRC5aEpZ11owGiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cde5cc85696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| porn13.com/thumbs/AA/Do/g4.jpg | 188.114.96.1 | | 18 kB |
URL porn13.com/thumbs/AA/Do/g4.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x198, components 3 Hash2e3a76e552b73eb352650cf6fabc1eda 9b89d8ad2511127ba533e7bd95296980853fae10 a3790214e3350c87aa73e6052872be9ef3cd4102fa6baead8ced673557cca4b9
GET /thumbs/AA/Do/g4.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 17477
last-modified: Fri, 19 Aug 2022 16:09:25 GMT
etag: "62ffb5b5-4445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 343699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdT%2B9fc5d0KBgWigeCUP3uHSYXE4NI%2FJ7S47we7GU4LrESA8qFODJTF%2Bb%2FXNLbSi0X6f9Sa9c6wNWtg7xupZfAoHxyd0awMKxT95BYHryONzYzzMgLlKeDaZt8j2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cde7cfe5696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aistekso.net/401/5708419 | 139.45.197.244 | 200 OK | 55 kB |
IP139.45.197.244:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typegzip compressed data, max speed, from Unix Hash806ebb5740a1c80565bbe575639067ed c38625b5da39ce91071ecb49ed5b049ab54b3fdd ab43bc9562a59c48dbea2c7f78e422be9c037e3dc0bd9b735ac1d5cfc95a30df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/javascript
x-trace-id: 4712d47a96bfc4d0666891767eb46977
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03005209af654145ff6bba496778a91d; expires=Sun, 04 May 2025 18:06:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/yL/fI.jpg | 188.114.96.1 | | 34 kB |
URL hadesex.com/thumbs/AA/yL/fI.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash752cd3e9680d19a92c60ce01cf5fd834 17c182d1ebb07079e4f3ba6bdc4bbd6922c5516f ab2a559435256e7e3ccb5269b0ab2b0b0c86bbd89d806f1b8dc8bb74aa557a0e
GET /thumbs/AA/yL/fI.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 33521
last-modified: Fri, 03 May 2024 00:42:05 GMT
etag: "663432dd-82f1"
expires: Sun, 02 Jun 2024 09:16:40 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 118192
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmcOgvDBzoz9X3ANcvzp3YVQ4WU1W9JCRYjjHo7idWlct5RI1B1%2F1QWskYM4fSgUIhpLR5W%2FS1%2BNeeOB2OOlDt5gOL1GhgM5DSrcsDMXCm%2BYVJEdop5ElOmMVHy0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf1c7e0b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hadesex.com/thumbs/AA/62/5w.jpg | 188.114.96.1 | | 40 kB |
URL hadesex.com/thumbs/AA/62/5w.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash1b417aaaccda6865698de32d8d9c2463 7db57373d18850a5f772a8387b01b162a9837081 4d7e546f8d9cc2e493b91d41d3f86fabd2fb4ab5c9de2b595193f1603c6c43e5
GET /thumbs/AA/62/5w.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 40360
last-modified: Wed, 10 Apr 2024 12:20:38 GMT
etag: "66168416-9da8"
expires: Thu, 30 May 2024 20:14:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 337907
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUUmEXZZu86YDHD8k%2BXAgWpznXDbxh3yAx%2B21o9c02wWfR1JnDM65XXvLcMuS0f7gOf8FAQSzcgb%2FOETDMmqYgIwmkWvwWQNlNHKT%2FGzzgrwBix300bF911WFagyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf8d000b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hadesex.com/thumbs/AA/N2/yJ.jpg | 188.114.96.1 | | 42 kB |
URL hadesex.com/thumbs/AA/N2/yJ.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hasheff9da53859d748cf29cef84d6314787 e99af0eaa71a209f85787ede261e0611270fb1c1 49ff2362f89478281b5099047cc0f2ddda8abae2fc9ad6914ec307085851763d
GET /thumbs/AA/N2/yJ.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 41906
last-modified: Fri, 03 May 2024 00:33:05 GMT
etag: "663430c1-a3b2"
expires: Mon, 03 Jun 2024 10:17:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 28120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQAMvGBdwKUcXO7PjAdmdXYvu0XR6T1laPm9C6PSLZ9WCkv%2BAMaxDtXsHjbNOaMDP2lvcLZrjtUXw5LO7FAIp3Rs5Z3cIw1gF1FJIT6iHQwU4iTK4jMN2IZHWG74KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf8d030b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| myretrocollection.com/thumbs/AA/xl/sZ.jpg | 188.114.97.1 | | 61 kB |
URL myretrocollection.com/thumbs/AA/xl/sZ.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 640x480, components 3 Hashaef9f3351dd76be26a042267239ac650 a6e5038903c1250b7ba2a3b056d3c0fbcc36e51f cc4b8a6429318d2001f5ff15e7089c2dcef0cc6985d200c8544ddcddc8dd3483
GET /thumbs/AA/xl/sZ.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 61171
last-modified: Sun, 14 Jan 2024 15:43:33 GMT
etag: "65a40125-eef3"
expires: Thu, 30 May 2024 16:17:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9XcYKPc9zRnW6LrwkVC2qLsDL0EFgizi%2BpJnqiDwOTV9KnNUVgmNqoxPDxtHSc0UvgXCk8FfzTmSzHu1Ou%2Fst%2FyUv%2BMAG5cgZhg5tiZzu3Sw5ws7GRBlxFM9Z1YMzG5yLf%2Bm01TFTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdfd86656a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| myretrocollection.com/thumbs/AA/rc/5Q.jpg | 188.114.97.1 | | 95 kB |
URL myretrocollection.com/thumbs/AA/rc/5Q.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 960x720, components 3 Hashb39c315b9dd966a4ecf1e036d1074354 c2603211054c12e6d4097863c3386cc59ea55b65 30fb123175d97fcd3fedf093d8e46c5c236c966a20e2c530045c18304c38c8c8
GET /thumbs/AA/rc/5Q.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 95015
last-modified: Wed, 31 Jan 2024 16:02:30 GMT
etag: "65ba6f16-17327"
expires: Thu, 30 May 2024 20:11:56 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keCTxQOwCb2hvMx0zI5Q8DDf%2FvkxDVYPJHJL3AOH5urr0thFQA%2FLvz1DcHUc1H%2FzrJKcK%2BUN%2FoJiAcwkXfCuWbTTzupput3ZvclRpzU1UnZk3Hd4Xo894qPBP0YC44Cox0T0i6fDikQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdfd86556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/5n/k1.jpg | 188.114.96.1 | | 33 kB |
URL hadesex.com/thumbs/AA/5n/k1.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash1cd11f9aa2bf866b40bd400ebd619d25 ff28b6c6de251812d9cfa4b5cc9a084613a23485 3953372a397118518dd31899c0f55b6bbba84ccd212e4bfe873ebde39d1ef956
GET /thumbs/AA/5n/k1.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 33355
last-modified: Wed, 10 Apr 2024 12:27:53 GMT
etag: "661685c9-824b"
expires: Thu, 30 May 2024 16:17:48 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352123
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2uPyeKrQ9AOKCEjwaSBeiln%2FRbwmJHU15Lpy4Kzn7OReSR1YQ23xbBr1D6SnMDTbOlFLdZi8Izq36avu8kFxezQW%2Bo%2F98C9eYekRldzY9Et4KeyN%2BaeBN5TrmNbSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf8d090b3d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| myretrocollection.com/thumbs/AA/NA/Zm.jpg | 188.114.97.1 | | 76 kB |
URL myretrocollection.com/thumbs/AA/NA/Zm.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1058x450, components 3 Hashd3dcf3026892e9d09e05dfc80a9318a7 8437224a391618d03d6882a9839c37f880c22bac 11e754a2031d93f77c3e1d1400a763e15c69f739f4f584f2e37db3cf99ead39b
GET /thumbs/AA/NA/Zm.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 75467
last-modified: Sun, 17 Dec 2023 15:15:36 GMT
etag: "657f1098-126cb"
expires: Thu, 30 May 2024 16:17:57 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352114
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqJy2mUlrLiqL1NaDqWtaoU2HoQ18oyoBcmu9eXGE5jkte9offIB9E9FdF%2FdoeJ3%2BvRHuWUlZm9luRonHHt29PWQGRw4HjTB9hWX4NcwIpz%2FXPZmDNjCavx2wt6Wq7M8XKdj1Rdf%2Fz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0291156a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/HB/gz.jpg | 104.21.79.209 | | 65 kB |
URL femdomqueen.com/thumbs/AA/HB/gz.jpg IP104.21.79.209:0
File typeJPEG image data, baseline, precision 8, 852x480, components 3 Hashb0a71a8fdcf3a8266f5d1b90026e2d45 3be70d85434ed37f81e4b588cb20521fca55a534 4c5877e3e8b8691addfb7ea3f3367de4d9cdaf930be7402f613b55c064150aa2
GET /thumbs/AA/HB/gz.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 64656
last-modified: Mon, 22 Jan 2024 11:32:05 GMT
etag: "65ae5235-fc90"
expires: Thu, 30 May 2024 20:11:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJRb5QvwaDBhV67G9nCXeLOBk6aWsdZJbgcVloiIVmX3VGCPwfNPdos3VvdDLk9E8Azf6dH3p5vTAUus2DJdxuTBn3E7iQpEVkD%2BZW6N%2FB3bA2O1XBSURYvstWaRpd5xFR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce048ff568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/ef/4k.jpg | 104.21.79.209 | | 56 kB |
URL femdomqueen.com/thumbs/AA/ef/4k.jpg IP104.21.79.209:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 27395x27382, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 1022x576, components 3 Hashe46b33dd7f0931f2593d5526b46b53f4 a7cd1e399e96df40ff0a8745d93da276691f4048 df74f602f6f66c3a84e9839cc00b8a1e3baf05736350f30222d207ccd41db19b
GET /thumbs/AA/ef/4k.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 56322
last-modified: Mon, 20 Aug 2018 13:06:51 GMT
etag: "5b7abceb-dc02"
expires: Fri, 31 May 2024 11:29:28 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 283025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Fkg26CFAtNeqS7%2BOhfU2oSm40PkIRASbbUAcV2UjZzuNqQ3vuZNF%2F5kfwpWUgEySFgWdYIV%2FW6gPeQy%2F2X%2BGh5IXJhtY7HwC8VlcGMX71AvarYgv1JXy%2FN5cYSRJK%2F0lOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce04901568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/st/nk.jpg | 188.114.96.1 | | 26 kB |
URL interracial69.com/thumbs/AA/st/nk.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 600x450, components 3 Hash1b5b85f280d2684d505f0c144771b215 3c9f843b27d4503fd4d41833cd5fbf4704f4e822 32f77ba71cc72c21c710a01e52ed2b6540cd6a8b3e0f49273e997b8af80d0804
GET /thumbs/AA/st/nk.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 25721
last-modified: Sat, 30 Jun 2018 09:27:16 GMT
etag: "5b374cf4-6479"
expires: Thu, 30 May 2024 18:38:16 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVIippabUg0a9mHdBy4DJ162tW6Fe1O5g7QLQOuIwbKPvYsbhsEbHad%2Bs5ESontJJPKY4dIoGoi2orRIkMxtTcHzOzF8jdQwOZUq26MTpnf35WIw5UO%2FL%2FPZfhzVtR8tLvCodw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0dfa9b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/df/F_.jpg | 188.114.96.1 | | 174 kB |
URL interracial69.com/thumbs/AA/df/F_.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size174 kB (174301 bytes) Hash0e2eb4904271c0975d1cc71512a8104c 700fa8b264bddfe438a79d023a7c0670d4a51fef caab98e273b5f0aa00c3b1e8b8ea5816fb5291b5f51dd5a8cc84dee8a1b48271
GET /thumbs/AA/df/F_.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 174301
last-modified: Fri, 01 Mar 2024 03:42:03 GMT
etag: "65e14e8b-2a8dd"
expires: Thu, 30 May 2024 20:11:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338081
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FAu%2BUU%2BL4tWRxzhGx8r0tR3aar5d1pX10%2BVwMV2neNMg0a%2B%2FoUSTYOC6bMD7Kjmyq%2FCEuXhZQzwCOx1DKxeViwNDlnMj6s9YP6sD9OL%2FymLryBYS0%2BOJvZlvVqh8ONE7Df1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0dfa5b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/yp/WA.jpg | 188.114.97.1 | | 27 kB |
URL 69ebony.com/thumbs/AA/yp/WA.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 640x480, components 3 Hashf8b721bd78676febb42c6f212b38fb3b 7ca043267191dcacf72ab242c17f98da5c62b0c1 148c99d50d1743dd2f9265328aa7ff2a930065c7a40ec3df8b4637a64c053a69
GET /thumbs/AA/yp/WA.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 26787
last-modified: Tue, 14 Nov 2023 08:07:20 GMT
etag: "65532ab8-68a3"
expires: Thu, 30 May 2024 18:38:15 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4I9qWyoNr3FImPjuOXBuZssgGxZI9EF1I6FwW9Alo0YU4Lg3TgXBu%2BBUbzOVKVpaYgh7%2Fl35AVpGpyK%2BdCpdqtDfyLgpIkl9q9FvX%2FGXOOTwproNglRrqf63CzW3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0ecb9b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/89/hH.jpg | 188.114.97.1 | | 18 kB |
URL gftranny.com/thumbs/AA/89/hH.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash442082d9a9a019d6bb4d6ec6a4e505e1 a5a889db68dab7bb83ad10081f7bf245d2a03c4f e70f2f20b952be2c2739b0a9976ff797dd66ba824a3cb8a96afd0811fa79d29a
GET /thumbs/AA/89/hH.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 17659
last-modified: Wed, 01 May 2024 03:50:09 GMT
etag: "6631bbf1-44fb"
expires: Fri, 31 May 2024 09:54:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 288723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlRDz5V%2BjTIfllMcuv9Sw9DpASIXFpZUSyBOW91%2Bzg3zep5QJgySaAMVwu6wmF0T6tflNk1XFZGQg%2Bxwqpk7j7QN6qAh58QJRKZtzXYmj%2BgHctBywsE0ft6XatX1Rp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0eede56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/GZ/qE.jpg | 188.114.97.1 | | 16 kB |
URL 69ebony.com/thumbs/AA/GZ/qE.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 320x240, components 3 Hash8220721fb3597d785802225efa9bda38 c03ed0c5383da0756cd0064a4f0ee7c60bb8c255 ae6ec51a6554cd4567c1de0492ed294aa1c29f9cb496fb81833005e1512968ab
GET /thumbs/AA/GZ/qE.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 15603
last-modified: Wed, 28 Feb 2024 16:33:11 GMT
etag: "65df6047-3cf3"
expires: Mon, 03 Jun 2024 07:05:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 39647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPgDDhi2nvne0dp0NSDqlcapiYdB9DYiVin0AMBLGUN2HBldPp56kx%2B3hUaeHMG7TBeiH%2Beo5xHrLGLkKlKs5sn4gXSPwFKqA81SA1BQYuKWurQTCYOCBv9iq4YMHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0ecbbb51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/fw/P0.jpg | 188.114.97.1 | | 20 kB |
URL gftranny.com/thumbs/AA/fw/P0.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash98622c7f0c1ceb391999dfd4de2a4a00 6ba980bf9b47980249b59f769859675484a51fc1 e4008e753cd0c50eb38c97c57457d45d5dc9060d951baf341491b872099fbc8e
GET /thumbs/AA/fw/P0.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 19745
last-modified: Thu, 14 Mar 2024 14:13:08 GMT
etag: "65f305f4-4d21"
expires: Thu, 30 May 2024 18:38:18 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKQPH%2FChknXCOQlFhHQBEBWCaNjlcE5fRGXkAlLqjq7pe1Me5Atg%2Fwh9foOc5SLPYsrK5fh%2Bifm1T22HWk4qw%2FUM%2BmV5CmmAdhXmjj20wkGmtAygZuWWhm9UxXua7Ic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0eee556c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/7G/Qf.jpg | 188.114.96.1 | | 66 kB |
URL interracial69.com/thumbs/AA/7G/Qf.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash4aa6a884a95006b07d380f25c49ff514 639a82510172fddaa19edc10ef2e43561521415d c2b4682841961b07154d92481a375b477c6b3e1ff0aa21d3696759899d6d6440
GET /thumbs/AA/7G/Qf.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 65524
last-modified: Fri, 15 Mar 2024 14:25:41 GMT
etag: "65f45a65-fff4"
expires: Mon, 03 Jun 2024 00:25:05 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 63688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFw2%2B41NQnr3MkBA0JXGpadOvcGqJXun8f%2FddnhM%2BFO3NJv%2Bmt43PaBghXnbnWDWs4o0r9VzpEmHejBfSEUj4%2FYIVj3sq4JiDPM%2B6n0KNah3Yf1QhVzM3RMtJllVIlIZI9QOiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0dfaab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/1z/_P.jpg | 188.114.97.1 | | 288 kB |
URL 69ebony.com/thumbs/AA/1z/_P.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size288 kB (288381 bytes) Hash03c7a52d867d1821dabbd607b472334c dfcb156529387624cdfaac36207cd00d055430a6 9e1982c4cf6c7163a07df61029f09b4f588b4722c58389a60919cb6eeb293e45
GET /thumbs/AA/1z/_P.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 288381
last-modified: Tue, 14 Nov 2023 08:17:10 GMT
etag: "65532d06-4667d"
expires: Thu, 30 May 2024 20:11:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338078
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0xrmGwpZOvq1NZY%2F8m8Sgsd947kgdVewxmJ03PWqpl%2FXzoqhbTMnrSjZ4kdWuZ9SP0i6Blx%2B4mWxi9YdILCR2jq3lqspU3syyi6%2FXqxq9%2FeA8BZh%2F%2B258F3%2F4LmKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0ecb8b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/Ar/tR.jpg | 188.114.97.1 | | 94 kB |
URL 69ebony.com/thumbs/AA/Ar/tR.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashcae8a97a867412a5d55f7f67b732bd80 28b84e2dcc964892e1bf3f591419ed9814b6b382 3305ebc505be119c037b4e3c7dd7d928d01ab5125068f66363d3de8683fe6125
GET /thumbs/AA/Ar/tR.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 94022
last-modified: Tue, 19 Mar 2024 17:11:25 GMT
etag: "65f9c73d-16f46"
expires: Thu, 30 May 2024 20:11:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338079
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NNdBeYgbSLnz%2FkGtxv2oBvqhUno1NCSvrX4dVY6Ma3ZKc14xTIvgmq2aE49Y8Vh8bjWaOGnCnQDYRrv1cp47Ey7KV45Ksq3zIZZPuIiRZhv65UKC2q76MGvSbT9qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce1bdf3b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/n0/m6.jpg | 172.67.212.50 | | 49 kB |
URL 69lesbi.com/thumbs/AA/n0/m6.jpg IP172.67.212.50:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3 Hash2bf48be9b4af401bf6150f944d46a6ce 545ced166d8b0c12d92427bf7d2cfe86d5f41e6d 67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e
GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRm5Zet3nH%2BLugq8s%2FpJ29a77UdGFqXc%2BEts5%2Bv6wal7y0th%2BWrISJvfEBgDEFp8HIBCuvg3LwR%2FxNXfGLRE%2BAw5Ki2wWKqiFevBkle%2FSvSKK29uJubaYpPezjj3jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22ecd56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/JE/tE.jpg | 188.114.97.1 | | 107 kB |
URL lovefootjob.com/thumbs/AA/JE/tE.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size107 kB (107120 bytes) Hash24adcb7e287d8786a0bc83a386ef02d7 c9496020f4cc92442594456e3cc473c57c205b10 f6256a3bdc6fad5b489f0c1d6029992dd2229905d5051e4e6e64aec81124e3d1
GET /thumbs/AA/JE/tE.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 107120
last-modified: Wed, 28 Feb 2024 16:15:43 GMT
etag: "65df5c2f-1a270"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 347997
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxVWPmf28CWe4B9zQ9mjtcd6Wra3ddCQDvM5aizXrV1%2FFRdrw4p1ouPVKL00MZucN10rRv06VaH9dguBUo5vH5nAoweBRv9iU%2FlffpIClnq9xcTPrxnzSMXJDDyaWRkQECY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22a5bb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/9X/4I.jpg | 188.114.97.1 | | 25 kB |
URL lovefootjob.com/thumbs/AA/9X/4I.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3 Hash73f71341cf4be9aa3dceddd02655661d 392820d89ed970a13af645612eb7404f27aa965f 1a865253447a81e92f47a7b26fcfab9162b9d7bfb50f5b4daf5ff16baa7f9840
GET /thumbs/AA/9X/4I.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 25296
last-modified: Wed, 28 Feb 2024 17:02:47 GMT
etag: "65df6737-62d0"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wR3nta7PYKcTum61Y6YRwo%2FIEbnYCDT0h7wyNl98dYiU5kOg4o1NLhFvhEwfuv3wMftOMbD3xrS6Dt3pv0LbLTq5owI2V%2FS1XXaciaSeaTjq4BYCGXS1AWE9jsAxiqTa7Yg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22a5db4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xcumwebcam.com/thumbs/AA/BG/0O.jpg | 188.114.97.1 | | 95 kB |
URL xcumwebcam.com/thumbs/AA/BG/0O.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 255x254, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 1268x720, components 3 Hashbb595d07212cf0c8a43b6e0827306632 2bb1739de5de9423a4efcdec8c043d5bf05809f7 4936297287cd06aa283eb2fa40abde58eb16146864e99f12c538f2d5c33f9642
GET /thumbs/AA/BG/0O.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 95265
last-modified: Wed, 28 Feb 2024 19:52:43 GMT
etag: "65df8f0b-17421"
expires: Sun, 02 Jun 2024 21:57:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 72573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziWp1ieRo5kmtoQUjX1PU6fGS0VOQ9d9a34pCrYkacibwo5J9%2Be69t9uUZprTPGochT8Mn281GJJLX%2BYoS1G56ZAIpuQefLWoCT%2Bd3fsE4sXKEsIt4Aqo2dwM%2B%2BoXDru9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce239da56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/Uk/cQ.jpg | 172.67.212.50 | | 203 kB |
URL 69lesbi.com/thumbs/AA/Uk/cQ.jpg IP172.67.212.50:0
File typeJPEG image data, baseline, precision 8, 1784x1004, components 3 Size203 kB (203147 bytes) Hash2cc8cce560d29995243fc2aa48c17ee3 a91c085a839bea85fb1b4cee92d4246280f6c72f 77b4defc6e00089ca8aad82935d59460f401d15c4a382c910cd60849bcc1f298
GET /thumbs/AA/Uk/cQ.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 203147
last-modified: Tue, 05 Dec 2023 09:53:08 GMT
etag: "656ef304-3198b"
expires: Thu, 30 May 2024 16:17:38 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5XAlQDzP8EIIl6wdYDvr8NbLDjntAlPY0zZ2HkNwcYg5PorfGEjbdf%2FAtMeBvKUK6G4RIWyyk%2BdAQnXMoznpvIvFO4GuixODqQTaYxDbybLqW0%2ByBscsgTFwopyOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22ece56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/17/LH.jpg | 188.114.97.1 | | 178 kB |
URL lovefootjob.com/thumbs/AA/17/LH.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 852x480, components 3 Size178 kB (178203 bytes) Hashc1b5eeca4725f5c0ed8ca6a82097a0de 424b70e2c133449badacf11b32b3e4a145c69137 5ba32bf15cbe9cbb2bd8c99b35314073ca6ca5ba38f3882467f275c677ac7469
GET /thumbs/AA/17/LH.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 178203
last-modified: Mon, 09 May 2016 00:25:07 GMT
etag: "572fd8e3-2b81b"
expires: Thu, 30 May 2024 20:11:48 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338085
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=op1WQJDW2KMGzZuLsOXpbUsj6m87uJlxh%2FwtIABmHG1feo9gqr5s8NTnPc2F16p2U7%2B32Em9emVikac7C2UAp24%2B%2B0m2O04Rq8Mg9yTO3jLmrlCTwD8T1NR8A55IKBwu%2Bzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22a60b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/17/Iu.jpg | 172.67.188.32 | | 89 kB |
URL groupsexxx.com/thumbs/AA/17/Iu.jpg IP172.67.188.32:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 1280x720, components 3 Hashbd8bd08d73c81a141d6de394d7fa0481 dd4516afcdfa9c3f45f9d554a587523c790f0f6d b185952d445bf6252ca80a6511a571f78b29935f6dd9d67478c0a10f5367faee
GET /thumbs/AA/17/Iu.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 89035
last-modified: Tue, 14 Nov 2023 08:13:52 GMT
etag: "65532c40-15bcb"
expires: Thu, 30 May 2024 16:17:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UB2sKK1uqqilgyDniLUDW7pvZhSiOSAdkU7ulqGdVLYtMCkkT9H6P%2BUuqRkEpiYkR%2FeH1nf6uxTOKtD88Y8%2FNKptnu5pQ%2FxKpQSd4EXLQKLspmCJO5VqfM9DsPnsqvtAIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22fd85699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/Fp/LQ.jpg | 172.67.188.32 | | 299 kB |
URL groupsexxx.com/thumbs/AA/Fp/LQ.jpg IP172.67.188.32:0
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size299 kB (299241 bytes) Hashbfef495de2a253234039f69a0b5d433a 38a4db2a3d7259b1b068ba8e978acfb29b37f7b0 20decf461c72462f775c094d5ac989a5af760278aa58d70ca76455b59fab5e23
GET /thumbs/AA/Fp/LQ.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 299241
last-modified: Sat, 16 Mar 2024 17:10:03 GMT
etag: "65f5d26b-490e9"
expires: Thu, 30 May 2024 20:11:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338082
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FI%2B4EPGDef%2B1r4rhBitUPZZxLdqAlZhfxbqGkmIMWmZJU6kE1KPrkL39bsSSFU62yvvsZ45Nho6suK25SSNL5k%2FjqAWPpwQ8yeqg1MlL6ZfAi7FeQgCYTDidoXtLThjXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22fd15699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/qx/4M.jpg | 172.67.188.32 | | 98 kB |
URL groupsexxx.com/thumbs/AA/qx/4M.jpg IP172.67.188.32:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash59b268faf407fff82b94b9bd7f9ea8e3 423ebe432d1edebbd161444f6cd1e98950d9a835 0c2d7666623f67566b0177f03b7caaeb44289026cb0f71ad0339880c56d4d5c3
GET /thumbs/AA/qx/4M.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 97802
last-modified: Wed, 01 May 2024 00:31:18 GMT
etag: "66318d56-17e0a"
expires: Sat, 01 Jun 2024 01:07:34 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 233939
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=somDIGvdd2V4%2F6QrToBzTJKvw9VJptJKReohvDG9c1P3OYtPU7M%2BOXJyq2l1O13xNqZ%2BfjS9fDRO1BMr7D1a7OhE3R%2FJ6b2q4t2Ha5aFVr8i7w33NraMbmGfaab7Wojd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22fdb5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| myretrocollection.com/thumbs/AA/NA/Zm.jpg | 188.114.97.1 | | 76 kB |
URL myretrocollection.com/thumbs/AA/NA/Zm.jpg IP188.114.97.1:0
File typeJPEG image data, baseline, precision 8, 1058x450, components 3 Hashd3dcf3026892e9d09e05dfc80a9318a7 8437224a391618d03d6882a9839c37f880c22bac 11e754a2031d93f77c3e1d1400a763e15c69f739f4f584f2e37db3cf99ead39b
GET /thumbs/AA/NA/Zm.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 75467
last-modified: Sun, 17 Dec 2023 15:15:36 GMT
etag: "657f1098-126cb"
expires: Thu, 30 May 2024 16:17:57 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352115
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtkXshpYS1%2FYyxUlF0HndLOX1oto15VzXMFUSYemX6BoHlMAwRclaqQFDzwd%2BozKxWaWsTR%2B0bOQ5lpIsjrQhsP7KOQY2k59DwRju1yYsRx43Or2lbaif5QPzSDD9cujX%2F88KA5B1V4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3aec556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/1u/zp.jpg | 188.114.97.1 | | 15 kB |
URL gftranny.com/thumbs/AA/1u/zp.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash9e33c9c0a5f7224720c1f5991d006b32 371ebc9f3d6b1636119b9820d5a4a5604132f63f 4b3e1b1a2d400081915796037dc76718796b1195810f10da1ee5fa57be89de72
GET /thumbs/AA/1u/zp.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 14796
last-modified: Sun, 11 Feb 2024 06:58:44 GMT
etag: "65c87024-39cc"
expires: Thu, 30 May 2024 16:17:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352121
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RfcfV0MRoLxwTE2Y8oaBtKFwFZf7XoucimXUp%2BX7KJswLj9C0hTwuC9FMRYtwsOjxKTQhoqA6471FXiOzGY%2FiidX7N6Vurpv6eAmft9pw5mv7CiNdSjF%2F3PFudpv9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3ab2756c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/js/utm-datasource.js?v=1.90 | 188.114.96.1 | | 96 kB |
URL topsites.hadesex.com/js/utm-datasource.js?v=1.90 IP188.114.96.1:0
File typeGeneric INItialization configuration [] Hashf9eb7bacc6a92d4e5d1ae8299b53a3bb 3fef0ee46b983203be0c4dfb15a90a29526a391b 6fd474fdf1c98b145149e617ee1a24876332690123ff8c4cd43bbcce7c1b7bcf
GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 352129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rupcNs8vFR3Rk2NmJZTBtukDGd89pVXM%2FylukzClc7hKC6FK0rZRC50cW%2Bp3GLZgl2ObIwX3spdj8noG626p7wOXJ9VBpkcUwqfw9XSdCbulz0r2nWkkJYdaH5F5MT7bXy9WCaRFjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cdb5e110b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| interracial69.com/thumbs/AA/7G/Qf.jpg | 188.114.96.1 | | 66 kB |
URL interracial69.com/thumbs/AA/7G/Qf.jpg IP188.114.96.1:0
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash4aa6a884a95006b07d380f25c49ff514 639a82510172fddaa19edc10ef2e43561521415d c2b4682841961b07154d92481a375b477c6b3e1ff0aa21d3696759899d6d6440
GET /thumbs/AA/7G/Qf.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 65524
last-modified: Fri, 15 Mar 2024 14:25:41 GMT
etag: "65f45a65-fff4"
expires: Mon, 03 Jun 2024 00:25:05 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 63688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZH86veC3l1B0WULloAZeax6et5opGDnzit85quxV%2BLylRQHCdl5ImTIlqoRX1TFjC7tVIpBYrBGQjMV6obQf8wyEpguZv6eiapXmUygkMT4j0puma1gPqded1Dfft9UlW9v1Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3fe33b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/n0/m6.jpg | 172.67.212.50 | | 49 kB |
URL 69lesbi.com/thumbs/AA/n0/m6.jpg IP172.67.212.50:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3 Hash2bf48be9b4af401bf6150f944d46a6ce 545ced166d8b0c12d92427bf7d2cfe86d5f41e6d 67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e
GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvdjUi37JPPm5UGoq9YNOLLwLY3d4SeAbe5ZmvCUG%2BGONnHPEbbLTq%2BhzdpnJE%2FZzNnx3YdUjiQHVupvFvfek5wspo6E%2FIhsfuhlJhoqKmkWWEo16OXaMy3y2b7Reg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3a92e56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/ef/4k.jpg | 104.21.79.209 | | 56 kB |
URL femdomqueen.com/thumbs/AA/ef/4k.jpg IP104.21.79.209:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 27395x27382, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 1022x576, components 3 Hashe46b33dd7f0931f2593d5526b46b53f4 a7cd1e399e96df40ff0a8745d93da276691f4048 df74f602f6f66c3a84e9839cc00b8a1e3baf05736350f30222d207ccd41db19b
GET /thumbs/AA/ef/4k.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 56322
last-modified: Mon, 20 Aug 2018 13:06:51 GMT
etag: "5b7abceb-dc02"
expires: Fri, 31 May 2024 11:29:28 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 283025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMzmqZizViCQR0hPAB860WA08vxhPmXAurodv7Dkm9blrcVTa8dA9FFKElVViBrJ2LbovlnoHBGGFevOuqY0dXFiTJE3J6ULXSBwKOMcqEAzVpvksBnwV70%2F90%2Fueh5lwy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3ad0d568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1502ae11-521d-457a-ada1-b49ddee32e81 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1502ae11-521d-457a-ada1-b49ddee32e81 IP139.45.195.254:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1502ae11-521d-457a-ada1-b49ddee32e81 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1403
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 18:06:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| aistekso.net/500/5708419?excludes=&oaid=00805276252d4c5be7dcd3789b43edf6&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 0 B |
URL GET HTTP/2aistekso.net/500/5708419?excludes=&oaid=00805276252d4c5be7dcd3789b43edf6&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/5708419?excludes=&oaid=00805276252d4c5be7dcd3789b43edf6&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:34 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://videzz.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg | 104.22.33.172 | 200 OK | 12 kB |
URL GET HTTP/2offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg IP104.22.33.172:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash59d005e99dabed8d7a753617b9dfe4d6 5b4b05e20f8496be4f1f8d9e93adc1e1ccfbe383 d09719c31f8376e40f2a23e1e9833214527ec837e61e2e715752d58a1154bd31
GET /www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:34 GMT
content-type: image/jpeg
content-length: 11455
cache-control: max-age=86400
cf-bgj: h2pri
etag: "631844d9-2cbf"
expires: Sun, 05 May 2024 15:49:27 GMT
last-modified: Wed, 07 Sep 2022 07:14:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 8227
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ceb189e92c8-CPH
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843z8832020053za200&_p=1714845988057&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=error_network&tfd=7493 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843z8832020053za200&_p=1714845988057&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=error_network&tfd=7493 IP216.239.34.36:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843z8832020053za200&_p=1714845988057&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=error_network&tfd=7493 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Sat, 04 May 2024 18:06:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 42 kB |
URL GET HTTP/2videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:37 GMT
vary: Accept-Encoding
etag: W/"662ca99d-a554"
expires: Mon, 03 Jun 2024 17:59:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/embed-c32aq2yhm77r.html | 78.142.18.54 | 200 OK | 32 kB |
URL User Request GET HTTP/2videzz.net/embed-c32aq2yhm77r.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeHTML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators Hasha33d4dd7f6e7ce0837d2d3ec5d0bb1a2 ca63dd7e729953180ac46191884f645c9c5ef88d 1c33fa45220a17c232c1bd8f9e8b4433c6a2c3bcb9ded1b25a2b14c98b4ba452
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /embed-c32aq2yhm77r.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Fri, 03 May 2024 18:06:27 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Fri, 05-May-2023 18:06:27 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 | 95.211.229.247 | 302 Found | 961 kB |
URL GET HTTP/1.1s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 IP95.211.229.247:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintBA:AA:AB:1F:22:EF:D5:0A:2D:0C:D0:E8:1C:F5:D4:F5:29:2A:0D:5D ValidityTue, 30 Apr 2024 07:53:35 GMT - Mon, 29 Jul 2024 07:53:34 GMT
Size961 kB (960672 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266367926f333e6.761464332405032564%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266367926f333e6.761464332405032564%22%3B%7D; expires=Mon, 04 May 2026 18:06:31 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C66367926f333e6.761464332405032564%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714845991%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cc7c78eaf8b1648f55b0664813f37121e%7Cok%22%7D; expires=Fri, 02 Aug 2024 18:06:31 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A
Accept-CH:
X-Robots-Tag: noindex, follow
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1; file_id=38018298; aff=174908; _ga_HEX1BG8H46=GS1.1.1714845989.1.0.1714845989.60.0.0; _ga=GA1.1.2030832543.1714845989; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; dom3ic8zudi28v8lr6fgphwffqoz0j6c=e54da55b-9dea-42ca-ad22-8912f24bb312%3A1%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=dismaytestimony.com; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:30 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:27 GMT
vary: Accept-Encoding
etag: W/"662ca993-47e"
expires: Mon, 03 Jun 2024 18:02:24 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=65 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=65 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=65 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| myliveforyoudreder.com/vidozza.js | 172.67.151.245 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP172.67.151.245:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2U7w5DrL%2FhBtkWWfl%2FhjMvnX5z%2Fj7HnyGPOOUoGyjA3%2BJMR847J3DWQmy4p2Sk6FGhytV3vnYysY8Vak2QH5IefUvB9iaRO8vWdvy7wv0z8jD5XCnx2JfKi3RMva8jHC5SuM%2FcMVk7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cc4d810b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A | 66.254.114.234 | 200 OK | 961 kB |
URL GET HTTP/2tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A IP66.254.114.234:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectbrazzersnetwork.com Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT
Size961 kB (960672 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2BBAC8801A06E4C00328FB6E417D184F1A0AA0A5436329F934B198C27E00
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 281681
x_ats_instance_type: tour
etag: W/"ea8a0-rxqvTtPVpxi8A8DuFlp2YZjPDuo"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE0OTUzNjAwLCJpZCI6MjgxNjgxLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.ZK4G2GiLhQDQk6ci34J39Qilaxyb7U7C7sZZwUNsCe4; Max-Age=86400; Path=/; Expires=Sun, 05 May 2024 18:06:31 GMT
__s=66367927-42FE72EA01BB7E0DD-574F5;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 172.67.39.148 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSU96ixWaD28Nb8I9Aj5jZKa%2BNYvW5VNkLrER1jYJS3ugzz7lGmzEIqiV3kXv434fWEdsYyUJ20xzAKnVVSufqyGQTOoBYND5UVCAwOpt8%2F%2B06wSA2ntzjWDOs%2FtjtYxzfNBdlx7"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24896
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc4c96c1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-22364"
expires: Mon, 03 Jun 2024 18:04:33 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOa2Fvf3FektXtO%2FGW7q9tO9imUoyDwB%2BiC1DDPUT%2FnJxjM5wXmiiPQU21oz%2Fv0lfeyn%2FJERbmQIhdJqEtduUBRiJ9eDzOkLn8fnKPrMUufhw0FlcM5YsZEQHwAkP0is6cIb4uePD1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3483956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| allvideometrika.com/f.php?sid=212515 | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP188.114.96.1:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0uJJniO0RVrPMAbKVMTA2BE%2FRgY5tNCs%2F%2Fl24Qi1tVSk40Hk6lJgUcwPv4OheaHJGS3NG4LpSHVsnsLjMcjfuBImLEgmqSenwmzAaTRdLcuZ4yuogTJuD581H15OpBZecXcrBQs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc72fb80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 275 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size275 kB (274624 bytes) Hash52cb8aaa7bd47e65fd8537712e19e2d3 bad2016be7f852ccf0285ec4333380c87f52158a 0310dec94b61c898c72be346862713b01d87e94229117b7f0e81613be4aabb35
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:28 GMT
expires: Sat, 04 May 2024 18:06:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94573
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lk8XBSa04GF4U8zH%2BK6cg27y0jsS65G9rimor%2F4onk8g7CTMCEaV9CTtR%2BnSWaQKOr8K99Vgg3tgFKQyIqHfhhLDnZpXAzShTMt8iqH303sH2CKtJuvCos4kM1VtZyA%2FtZQahO0GNEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3585056ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 | 139.45.197.236 | 200 OK | 94 kB |
URL GET HTTP/2cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 IP139.45.197.236:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash3c6c086a886c82bc63923629afb19046 ad359eb06090823bda8ebbb2d0f4302816b44112 3b5dc02a498450ede4c084917209ba2931f0fdb949992d180c1259ab8136a703
GET /apu.php?zoneid=5902452&var=5708419 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:34 GMT
content-type: application/javascript
x-trace-id: c5864c57c1228b0bd54eb94e0a089f3e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080524e145e4229e0fb89de93524e4e; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
oaidts=1714845994; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 172.67.39.148 | 200 OK | 360 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (370), with no line terminators Hashd455b7099e753a3680d5e481a7b56a9d 146fdec3f2e51dabdd15fc8acda6d73823b0d44d 4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMJGe1UEbwEs5HbBF8m%2BObmMrUHG3OMVxSIiGFVJ0SBsWQtY4ktOVYoKCkEfNMvA2hFAWUXImpgCZn%2FIPhH%2BmAGHYgiMjn5Ua2dPP6e4%2FusvRjDnGR%2Bq0snIiikFzrjU%2FXCNvb6W8C6UnsFjYJvUV0rv"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc499281c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 | 109.206.181.2 | 200 OK | 5.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 IP109.206.181.2:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint6F:0E:74:E5:CA:A4:DB:42:D9:1B:66:1B:AB:A6:18:A4:80:FA:E1:32 ValidityTue, 09 Apr 2024 22:46:15 GMT - Mon, 08 Jul 2024 22:46:14 GMT
File typeHTML document, ASCII text, with very long lines (5565), with no line terminators Hasha18bc7768222cb1f76ae5bb9c3580ff5 0e0881c0a9b97612a5aff67cd85ac42fc1b3489b ecfdb09b230aabfe691fa772dfeaa7d4335e3bbecc9aa31413e46f9c0abaf48d
GET /in/p/?spot_id=560254&cat=25&sub_id=761082465 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:30 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Sun, 05 May 2024 18:06:30 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/104 | 139.45.197.242 | 200 OK | 3.0 kB |
IP139.45.197.242:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3232), with no line terminators Hashddc5e30ff5d5b7221ffb387a6e54d946 40c6be50cdc1cb229766a9d5a3cd9e8fbdc117c0 7e7e808f90adf8cd57703a702dd1a9e9e245bc857a8e84d5884ded455a1fb456
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:31 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-1183"
expires: Mon, 03 Jun 2024 17:56:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e1f1bd0352b48c123f04825a8055f09f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 18:06:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxp05B6kHsxgUCWDNlB%2BSH5kirByZtWywf0W2kpe4e4hzY%2B98WsbY6csynpCBHDEKeqqadcaMisYyoda5%2BsssNFFdV%2B5tpK7NyD0U38nG8O2yVLjj4ZyNrjsUv8cmgAp8RRlrIbkMVk0SJliqwi8kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cc8ad980b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lavendertyre.com/pixel/purst?dl=0&th=0&sc=0&rs=2224&rd=2224&fd=720&bv=24.5.6485&tmpl=136 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1lavendertyre.com/pixel/purst?dl=0&th=0&sc=0&rs=2224&rd=2224&fd=720&bv=24.5.6485&tmpl=136 IP172.240.108.76:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectlavendertyre.com FingerprintB4:92:8C:C7:AA:1D:22:5D:74:7B:4B:55:10:CE:60:FF:C4:BD:D6:7F ValidityMon, 29 Apr 2024 12:53:26 GMT - Sun, 28 Jul 2024 12:53:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2224&rd=2224&fd=720&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: lavendertyre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg | 172.67.141.24 | 200 OK | 1.3 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg IP172.67.141.24:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hash24937fd159a21f2e91207d5788e86c70 1b07e0334cc16c5cd659de56314bd2188e3a82f9 b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a
GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 347973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nei2kJWWPJCaa5I%2BZ%2B9QHqPJROoy2u%2FLrc4R9F1pXvk092pEy5DelYiHMVyiTVYWUFNULOFTqipNlQsNIzVR7NwlIqtHsouLHDzcw0AH2T9kiEHvVmQC8d88FqLYYg2MmShauFtVufmr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccd6c18569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 | 109.206.181.2 | 200 OK | 5.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 IP109.206.181.2:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint6F:0E:74:E5:CA:A4:DB:42:D9:1B:66:1B:AB:A6:18:A4:80:FA:E1:32 ValidityTue, 09 Apr 2024 22:46:15 GMT - Mon, 08 Jul 2024 22:46:14 GMT
File typeHTML document, ASCII text, with very long lines (5565), with no line terminators Hasha18bc7768222cb1f76ae5bb9c3580ff5 0e0881c0a9b97612a5aff67cd85ac42fc1b3489b ecfdb09b230aabfe691fa772dfeaa7d4335e3bbecc9aa31413e46f9c0abaf48d
GET /in/p/?spot_id=560254&cat=25&sub_id=761082465 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:30 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Sun, 05 May 2024 18:06:30 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.533320839847953 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.533320839847953 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.533320839847953 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-1c25"
expires: Mon, 03 Jun 2024 18:06:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 | 188.114.96.1 | 200 OK | 35 kB |
URL GET HTTP/2topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 IP188.114.96.1:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash43ec678415c61f890d9681a720878538 20053769f7a0be4a625d753d50f86c24f2dd7298 3a94327f87bc09522b7333e3bb2d75a3c6023d58d7112b45d84d0750514dccca
GET /?source=761082465&site_id=560254&spot_id=560254 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 0dc162375b8133a2efcd45b983255e71
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAGxuhNK2GD7SAS%2Bh3KFXUONLBQSJzH9faohL1Szvv4A6lS6q%2Fab9398Psh%2BueaggBK8OcYSgwRgZt%2B8alekzUUSUsPx2CEO19FNs82TviM%2BJGaApnFkxWRbzY9JHUZfzsNCtTgkRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cd72a2556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 104.21.11.245 | 200 OK | 19 kB |
IP104.21.11.245:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOs2L21jtb3eGSQCVmLKz21k%2BTtd7F%2Bo6qhITfRBDmwH194Qip8dbHfCJTqSecdV6rd5IljXDMxWHsfJfnIb5tsOAMDRaEoxRL%2B1tVCXB2YwxpGs7RejZFkjZgJgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce4adf9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 172.67.39.148 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggiKokhYH%2FRwG5kRNsQxxkES41zx0pRhTrFCFihLqsTSZDy5P6xBR0gPdEzsNoj600eU8miSvk2pNojpOEm0ToV01dZ%2BWv9rYzF%2F0crLCtKrUyFE67PnrnzZvkmGvUV%2BiiVGrF6naj2jHKv3CePNqH%2B%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc4b9561c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 | 0.0.0.0 | | 0 B |
URL GET cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 HTTP/1.1
Host: cache62.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:28 GMT
content-type: video/mp4
content-length: 244385842
last-modified: Fri, 03 May 2024 17:15:43 GMT
etag: "66351bbf-e910832"
content-range: bytes 0-244385841/244385842
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-65a66"
expires: Mon, 03 Jun 2024 18:04:37 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cache62.vidoza.net/i/01/07603/c32aq2yhm77r.jpg?v=1714845987 | 51.15.39.180 | 200 OK | 36 kB |
URL GET HTTP/2cache62.vidoza.net/i/01/07603/c32aq2yhm77r.jpg?v=1714845987 IP51.15.39.180:443 ASN#12876 Scaleway S.a.s.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3 Hash652f67398228ff401593710828614869 b1c7f35719088a75eb4280a814f01fc94d156be2 3b9020e047ed68d008ad755669dba2e8458305c2883a4659a5719f84a811b009
GET /i/01/07603/c32aq2yhm77r.jpg?v=1714845987 HTTP/1.1
Host: cache62.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:28 GMT
content-type: image/jpeg
content-length: 35823
last-modified: Fri, 03 May 2024 17:15:37 GMT
etag: "66351bb9-8bef"
expires: Sat, 18 May 2024 18:06:28 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/locale/ru.js | 172.67.39.148 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Pns6TtwvXJrabXBg5qD34U9tGeMGrEdyUXo1Ifn5UQb5j%2FCb0kNzo4kU4t%2BwBPaHA8Py5yVUYqQOtvtjiUJeOTkgqF2%2B8WrkfDd3KIvQdWwPMR2W2eJHhLs1mdCyT2pxQI6S5LuakxUHp8hEEzVcw4J"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21050
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc468ff1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 | 188.114.96.1 | 200 OK | 35 kB |
URL GET HTTP/2topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 IP188.114.96.1:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash646ac673029a4d9fa991a3e55337f323 5dc4c42e4a0757f30a912b00b7e1c80054732192 6a218668c299be4694f00b8b364198c5eb206d030f57d956d2a12a441665d2bf
GET /?source=761082465&site_id=560254&spot_id=560254 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: ea514bfb956331d589101809b88b9c50
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5yd70stWnkvEAJWDl1%2FOkZPxD%2FIkm3jCzCITNCM2R89dvb3zFttDZqDXEd7cNrQYd5L1vshaetEqKiYeDPxBYVTkULQIIX3Cxiz7IbHNLRRz5ldA0%2Fp6FI3dM3QgCmd1x92pLA9Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cd709f556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 172.67.39.148 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjHweqxafNQq1n%2FESzRf2k9F%2FrYlbdwvbqiAi31q1bs4dxVMeUPA7nKp8T0F58E7TOkAh%2FfYESagksyAdIk6odC8nuIMY%2Fii8dgMTHCakMh4qso5JAISV52DVvEx%2FDl%2BX8CDPGH228RHXIBwZtZJQppE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3793
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc499271c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FuQjpQdJiJ7Vkxg%2Fi%2FwgBbJJPICI8hWuHSWRS9zskQxNY%2Bwn%2FLPtcbItVS%2FWg%2BBmcBBF%2BDF0jsC6vG%2BIRb5HvAUuDL%2FC%2Fxz11%2Fg3EvSclBW4arXeH86am7a23nn6mEd170d09UusEhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc4092456ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| veepteero.com/?rb=1aSuW-j_ASfUqGOWZlS7b5KcdGuRKj0YbkMKoPFMT5eogPxwJcrn1fMmhAyCI0FRHqEyyq7cdUZ6r2hs2hGDnkRlO95tOm4U4-pNBHjsIMB5JQMbVzAMeuzq6-V98Mkl-bocq7YEisypzTZx02F2q6cy-9W6Jw28XGh9-uvQSpeoSmz6x9EvmLfpXwSf6-KKMVlB5jqbatHFq6YLGzJU4aLh3sozcXsED2VPApwheOJdXiwkIqz-37M7Nim6-Xj0EiY_7w%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=ba0bf9da-7c82-48c8-9104-f474f645b55b&wasm=1&userId=00805276252d4c5be7dcd3789b43edf6&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2veepteero.com/?rb=1aSuW-j_ASfUqGOWZlS7b5KcdGuRKj0YbkMKoPFMT5eogPxwJcrn1fMmhAyCI0FRHqEyyq7cdUZ6r2hs2hGDnkRlO95tOm4U4-pNBHjsIMB5JQMbVzAMeuzq6-V98Mkl-bocq7YEisypzTZx02F2q6cy-9W6Jw28XGh9-uvQSpeoSmz6x9EvmLfpXwSf6-KKMVlB5jqbatHFq6YLGzJU4aLh3sozcXsED2VPApwheOJdXiwkIqz-37M7Nim6-Xj0EiY_7w%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=ba0bf9da-7c82-48c8-9104-f474f645b55b&wasm=1&userId=00805276252d4c5be7dcd3789b43edf6&m=link IP139.45.197.242:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2337), with no line terminators Hash7cdd235e77aebf4667f0693c47b4fd4e 1fd90cf1d384e7959f51d464e2d22a8f4db48dd8 6d1ca6033cf6ea6fd807cf53da9f14321e445316010e988ed99602a5db90afd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=1aSuW-j_ASfUqGOWZlS7b5KcdGuRKj0YbkMKoPFMT5eogPxwJcrn1fMmhAyCI0FRHqEyyq7cdUZ6r2hs2hGDnkRlO95tOm4U4-pNBHjsIMB5JQMbVzAMeuzq6-V98Mkl-bocq7YEisypzTZx02F2q6cy-9W6Jw28XGh9-uvQSpeoSmz6x9EvmLfpXwSf6-KKMVlB5jqbatHFq6YLGzJU4aLh3sozcXsED2VPApwheOJdXiwkIqz-37M7Nim6-Xj0EiY_7w%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=ba0bf9da-7c82-48c8-9104-f474f645b55b&wasm=1&userId=00805276252d4c5be7dcd3789b43edf6&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/json
x-trace-id: 59a790795bf8b787664236e53ee91443
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805276252d4c5be7dcd3789b43edf6; expires=Sun, 04 May 2025 18:06:32 GMT; path=/; secure; SameSite=None
oaidts=1714845992; expires=Sun, 04 May 2025 18:06:32 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 18:06:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.11.207:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 352081
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cbe08d7b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/?rb=izZb07LKnjcnY0n7trEg1YgKszdQ_6yLWQ4R50VQMCKW7thJRoRZr7gpoxJtBj0lUi8sVP9cFV9N2kJFE19BmPawse7SKfP5Dm3W00vYfXdDGOgOB7JikD2L5LLRNQJ1YY7PJRW1DpKSDZse1E2b6TSx155yKB4UTDrtpwWiWZN_Z7IiHQW-IzBeTPairJvxIG0WoPy-FMWqls6LMlfmT7_elK8Ju3GAyeMBE0jN7NeXT1dCpxiD4C9TCk_IuzqI2_f2nVRXZb0g0MfX&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.7-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.7-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3abb9d7a-53e3-4db3-9916-83e945ad6853&userId=00805276252d4c5be7dcd3789b43edf6&m=link | 139.45.197.236 | 200 OK | 2.4 kB |
URL GET HTTP/2cdn.itskiddien.club/?rb=izZb07LKnjcnY0n7trEg1YgKszdQ_6yLWQ4R50VQMCKW7thJRoRZr7gpoxJtBj0lUi8sVP9cFV9N2kJFE19BmPawse7SKfP5Dm3W00vYfXdDGOgOB7JikD2L5LLRNQJ1YY7PJRW1DpKSDZse1E2b6TSx155yKB4UTDrtpwWiWZN_Z7IiHQW-IzBeTPairJvxIG0WoPy-FMWqls6LMlfmT7_elK8Ju3GAyeMBE0jN7NeXT1dCpxiD4C9TCk_IuzqI2_f2nVRXZb0g0MfX&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.7-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.7-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3abb9d7a-53e3-4db3-9916-83e945ad6853&userId=00805276252d4c5be7dcd3789b43edf6&m=link IP139.45.197.236:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2387), with no line terminators Hashc98fba903c8bbbfc6345647307db481a c266609d55d2fae3689051e4010b44cb0ee359ff 51fda6b6d7b65d2b4f6d2ba69e2e4987f39c983468286d788919100e3a103f6f
GET /?rb=izZb07LKnjcnY0n7trEg1YgKszdQ_6yLWQ4R50VQMCKW7thJRoRZr7gpoxJtBj0lUi8sVP9cFV9N2kJFE19BmPawse7SKfP5Dm3W00vYfXdDGOgOB7JikD2L5LLRNQJ1YY7PJRW1DpKSDZse1E2b6TSx155yKB4UTDrtpwWiWZN_Z7IiHQW-IzBeTPairJvxIG0WoPy-FMWqls6LMlfmT7_elK8Ju3GAyeMBE0jN7NeXT1dCpxiD4C9TCk_IuzqI2_f2nVRXZb0g0MfX&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.7-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.7-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3abb9d7a-53e3-4db3-9916-83e945ad6853&userId=00805276252d4c5be7dcd3789b43edf6&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=0080524e145e4229e0fb89de93524e4e; oaidts=1714845994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:34 GMT
content-type: application/json
x-trace-id: e1429157d8322b9e4a86ca02b40fa2cb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805276252d4c5be7dcd3789b43edf6; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
oaidts=1714845994; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 18:06:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=54 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=54 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdismaytestimony.com Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6 ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=54 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js | 172.67.141.24 | 200 OK | 9.5 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js IP172.67.141.24:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeUnicode text, UTF-8 text, with very long lines (8821), with no line terminators Hashd0707ac5d95047febbb8f131cc7a9af4 65021f149e99900eeaf7d298d2303160872b43f3 3e2e7ab351d401339df520fbd7ce4f177643dca01cad22bf59dd4b3e14853810
GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 170610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKTPJN1nIfUlgzrJq2D5y4bg5zcsW8B9RjjCrId6k5pyfExY8JY3aT16yNVF7PeOFlQxAoNwaO%2FR6crdtogSndIX3t6JvPQKV7W46m%2FmMgmC%2BtmUvs2t7V%2B2SBuY8dU994KgSSVcg1HS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cccdb3cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTp9EadXRRpoQgwMgiWqgmLS5FqrigbxIXZNk002eWRHpIycuZdNzSPZfDZd7Rd3jcVUJRX9rvRqmjZjFqCmSgkqSsiL6Dpw5DCjwMGgiPH4uobXGebYVDIkgChkTvee0dsjDjmBtlE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3483556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 172.67.39.148 | 200 OK | 429 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (439), with no line terminators Hash874e1638740e061f9fa55eda3180724c 108a7e30fa0f7d50b961845ec970a2745f3c821f d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6B%2FV6ADt517psBnU6gY21U1Bic9HzuXd7VQoHHzOpIzDwZJWTz9ICNXIC3sHbp8LbOg8q2%2FF%2BORds3rmW9O1Ls0y6Q7edGN6XzyiY6nnZTscstDrjHgjuWo%2BViAul%2B3fVrY3dDtWjAtHYik3CIlkPl%2B8"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3793
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc469011c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 5.5 kB |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-1762a"
expires: Mon, 03 Jun 2024 18:04:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 172.67.39.148 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GF6l98r1SQYqjDtri4QPzTS5LMOpdVchUnK6BVf%2BlLdjgGTOroVtLoEgBZGV4DnC%2F8H50pBgMuYKNEVy7bN4602BG8Zh2ixMmsk5rDi0fS%2FzgSJQkky1xyzinR9KyteZiB1mtIVLwxRzIrwIJnPctQZD"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc4b9591c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b3976ef452896f784a283221178f42a9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 18:06:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FI2j0m7tDPG%2BrHuDOuLaGRK6mKSGEtZ5clqrpNNnMt08CEb40Kva5qsXSU8pYeApfp0Y2I32zaBlq4O3SFJPKbFkdsh1OEv5H1sJhE3L%2BK8cgxbdVc1PmfeqepMSXWkTyaXR6uTJF5uMKjkJmLufDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cc38df20b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 | 51.15.39.180 | 206 Partial Content | 1.7 MB |
URL GET HTTP/2cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 IP51.15.39.180:443 ASN#12876 Scaleway S.a.s.
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Size1.7 MB (1671132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 HTTP/1.1
Host: cache62.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:28 GMT
content-type: video/mp4
content-length: 244385842
last-modified: Fri, 03 May 2024 17:15:43 GMT
etag: "66351bbf-e910832"
content-range: bytes 0-244385841/244385842
X-Firefox-Spdy: h2
|
|
| animewatch.onionlive.workers.dev/ | 172.67.141.108 | 200 OK | 1.8 kB |
URL GET HTTP/2animewatch.onionlive.workers.dev/ IP172.67.141.108:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint47:76:5D:C5:12:3C:C2:68:72:9E:1E:79:C9:B5:09:72:24:11:B4:C0 ValidityThu, 02 May 2024 00:33:08 GMT - Wed, 31 Jul 2024 00:33:07 GMT
File typeHTML document, ASCII text, with very long lines (1795), with no line terminators Hash9dc1e04cc7affd8cf80ad5feefa89210 4c11c71a6f83138bd24602a1c996ad82364573b1 654082713403f7d1acc1d1fdfb9fca90222fd0a411be1fb02f64e973cdf054b5
GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:30 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4M2mue6OmkuXoCWZtM2BFRJXQjnJzchYLaCOO27Hai9PX%2BBuqNDx%2F06KiloZM%2BdvOP6GTtRjEdG%2FzsMzSK9Ycf1Dq3EzXjy%2BrScyodKOKwxS7z%2FcCDic%2FFNhZNzOk343W2Ans3rvIgY6MR%2F4D0lOW9xCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cce5cd5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html | 104.26.7.19 | 200 OK | 1.4 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html IP104.26.7.19:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1528), with no line terminators Hashe0adf77c0018ca4bbdea4d444a33c1e4 0eb2ec58424d9b07a49a0edf0a0efcf44ee8df13 0cfe04bb8227ac43f186cfc30dbfed963b8043e83704779f1f5ec744ed57d876
GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 96977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2BVQtkIY6g9eS24rNm%2F2QVfzcZQ7duPj2nSmVPSbJAomWmzmEDeF%2BCkZqh4J4jMXbqY82%2BeVxtMSB0sKwbV1V%2F3j4MqrVQCWnrqGV8LRbASZlYxm9MJIacWIbfwVmiq%2FCir29U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccbda8eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true | 216.18.168.29 | 302 Found | 1.2 kB |
URL GET HTTP/1.1tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true IP216.18.168.29:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subject*.tfosrv.com Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80 ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /show_std.php?id_site=13111&id_channel=60781&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Sat, 04 May 2024 18:06:30 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7
set-cookie: sppc_uuid=a485aa4b-4506-4500-a377-2ddb8a23d95c; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.31 | 200 OK | 310 kB |
IP143.204.55.31:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
Size310 kB (310487 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:31 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZmcCFFz79RHTAUZ0It2nL-d8cOJl7O98jh78cvXJgHsf-_n6DC6Lfg==
age: 2018096
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP172.67.39.148:443
Requested byhttps://videzz.net/embed-c32aq2yhm77r.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDW4diA%2BEdy8OJCA%2BpLQ3gmSCi7vKsIXChBvTfZhzGq8tW7aSgoBp4ko5y0Wfi66JNOUEgnNTCRlGyJjb1nGdgevGDDRtPFAHoY%2BbgJySZ8EQL4gSUts1vSKtTOhLXaOnaC5J7u8rg4y8pfyPKUkaxP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 26872
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc2ef1f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|