Report - videzz.net/embed-c32aq2yhm77r.html

Report Overview

Submitted URL
videzz.net/embed-c32aq2yhm77r.html
IP
78.142.18.54
ASN
#208046 ColocationX Ltd.
Submitted
2024-05-04 18:06:57
Access
public
Website Title
Vidoza
Final URL
videzz.net/embed-c32aq2yhm77r.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-03	1.0 kB	110 kB	104.18.11.207
trafforsrv.com	101761	2017-12-28	2018-01-12	2024-04-18	596 B	415 B	216.18.168.28
allvideometrika.com	unknown	2022-05-16	2022-05-16	2024-05-02	520 B	699 B	188.114.96.1
animewatch.onionlive.workers.dev	unknown	2019-02-08	2023-07-29	2024-03-08	528 B	2.4 kB	172.67.141.108
profitablegatecpm.com	unknown	2024-02-05	2024-02-06	2024-04-18	435 B	17 kB	172.240.253.132
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	416 B	1.3 kB	142.250.74.106
www.google.no	25607	2001-02-26	2016-04-05	2024-05-03	575 B	578 B	142.250.74.163
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2024-04-20	1.1 kB	5.9 kB	174.137.133.17
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	1.0 kB	33 kB	216.58.207.227
aistekso.net	unknown	2023-10-16	2023-10-16	2024-04-30	1.2 kB	57 kB	139.45.197.244
gftranny.com	unknown	2023-09-14	2023-09-15	2024-03-18	1.2 kB	54 kB	188.114.97.1
dog.seetron.net	unknown	unknown	No data	No data	2.5 kB	157 kB	135.181.208.216
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-05-03	4.5 kB	80 kB	172.67.39.148
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-03	2.9 kB	263 kB	172.67.141.24
xml.cachegorilla.com	unknown	2021-07-23	2023-11-27	2024-04-30	559 B	193 B	173.239.53.20
hadesex.com	unknown	2023-01-18	2023-01-18	2024-04-30	2.0 kB	152 kB	188.114.96.1
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-03	814 B	173 kB	104.21.35.227
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-03	453 B	739 B	139.45.195.8
myretrocollection.com	unknown	2023-09-15	2021-03-29	2024-04-17	1.6 kB	310 kB	188.114.97.1
dismaytestimony.com	unknown	2024-04-29	2024-04-30	2024-05-03	7.9 kB	42 kB	192.243.59.13
offerimage.com	304078	2019-06-10	2019-06-10	2024-05-02	453 B	12 kB	104.22.33.172
porn13.com	unknown	2022-08-10	2017-05-27	2024-04-18	1.7 kB	122 kB	188.114.96.1
zv.7vid.net	unknown	2018-07-27	2023-07-29	2024-02-22	591 B	1.0 kB	135.181.208.216
mcpuwpsh.com	unknown	2022-08-12	2022-08-12	2024-05-02	6.1 kB	5.2 kB	94.130.197.240
myliveforyoudreder.com	unknown	2023-07-27	2023-07-27	2024-03-20	404 B	2.3 kB	172.67.151.245
cdn.itskiddien.club	unknown	2022-10-06	2022-10-06	2024-04-26	1.6 kB	98 kB	139.45.197.236
s.pemsrv.com	unknown	2023-08-01	2023-08-04	2024-05-03	1.3 kB	963 kB	95.211.229.247
interracial69.com	unknown	2023-09-15	2023-09-15	2024-04-17	1.6 kB	334 kB	188.114.96.1
69ebony.com	unknown	2023-10-25	2015-08-04	2024-04-17	1.6 kB	428 kB	188.114.97.1
lavendertyre.com	unknown	2024-04-29	2024-04-30	2024-05-04	480 B	469 B	172.240.108.76
cdn.o333o.com	158144	2015-02-16	2015-05-28	2024-03-08	395 B	311 kB	143.204.55.31
veepteero.com	unknown	2023-05-08	2023-05-09	2024-04-30	1.5 kB	7.3 kB	139.45.197.242
videzz.net	unknown	2024-02-28	2024-03-04	2024-04-30	7.6 kB	998 kB	78.142.18.54
yd.cottoidearldom.com	unknown	unknown	No data	No data	402 B	1.2 kB	23.109.170.72
s.o333o.com	unknown	2015-02-16	2015-03-05	2024-04-30	389 B	1.2 kB	85.10.205.45
bid.bidclickmedia.com	unknown	2022-09-19	2023-03-09	2024-03-08	5.0 kB	102 kB	172.67.205.77
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2024-03-08	1.1 kB	276 B	174.137.133.17
topsites.hadesex.com	unknown	2023-01-18	2024-02-01	2024-04-16	2.1 kB	190 kB	188.114.96.1
69lesbi.com	unknown	2023-09-15	2023-09-15	2024-04-17	1.2 kB	304 kB	172.67.212.50
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-03	3.6 kB	868 kB	142.250.74.168
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-03	914 B	710 B	18.185.9.67
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-04	1.5 kB	862 B	216.239.34.36
hoddlegamey.com	unknown	2023-07-20	2023-07-20	2024-04-13	539 B	1.2 kB	23.109.170.77
femdomqueen.com	unknown	2023-12-19	2018-11-02	2024-04-17	1.2 kB	180 kB	104.21.79.209
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-05-03	559 B	478 B	139.45.195.254
ossgogoaton.com	unknown	2022-04-18	2022-04-18	2024-04-17	395 B	27 kB	188.114.96.1
xcumwebcam.com	unknown	2023-12-19	2023-12-26	2024-03-18	394 B	96 kB	188.114.97.1
cache62.vidoza.net	unknown	2016-11-18	2023-01-17	2023-09-03	1.5 kB	1.7 MB	0.0.0.0
lovefootjob.com	unknown	2023-12-19	2023-12-28	2024-03-18	1.2 kB	313 kB	188.114.97.1
groupsexxx.com	unknown	2023-10-25	2016-05-18	2024-03-21	1.2 kB	488 kB	172.67.188.32
tgp1.brazzersnetwork.com	143376	2006-12-23	2019-05-08	2024-03-24	906 B	962 kB	66.254.114.234
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-04	905 B	13 kB	104.17.25.14
tfosrv.com	65142	2020-11-17	2020-11-18	2024-03-08	1.3 kB	2.2 kB	216.18.168.29
popdemission.com	unknown	2024-03-20	2024-03-20	2024-04-23	786 B	414 B	62.122.173.28
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-04	1.5 kB	846 B	192.243.59.13
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-05-02	393 B	20 kB	104.21.11.245
meetbenjen.com	unknown	2024-01-25	2019-07-18	2024-04-23	1.1 kB	12 kB	109.206.181.2
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-05-04	473 B	2.2 kB	104.26.7.19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	cottoidearldom.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	hoddlegamey.com	Sinkholed
2024-05-04	medium	ossgogoaton.com	Sinkholed
2024-05-04	medium	unseenreport.com	Sinkholed
2024-05-04	medium	unseenreport.com	Sinkholed
2024-05-04	medium	aistekso.net	Sinkholed
2024-05-04	medium	fleraprt.com	Sinkholed
2024-05-04	medium	aistekso.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	veepteero.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	lavendertyre.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	tzegilo.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed
2024-05-04	medium	veepteero.com	Sinkholed
2024-05-04	medium	dismaytestimony.com	Sinkholed
2024-05-04	medium	videzz.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (72)

	URL	Size	First Seen	Last Seen
	dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908	674 B	2024-05-04	2024-05-04
Pretty URL dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:06 Last Seen2024-05-04 20:07:08 Times Seen2 Hash bb125c0ed3920d4a09b9601b2d6a19a4 89ea2f25f1669ee5708aa0bc501eb80c2b3dfcc8 cbc1f7391bf5b7b99d2f4423f37bce5582f1b674968203d115c9bc6b964cdc34 Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2024-04-12	2024-05-18
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-18 15:06:49 Times Seen199 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	videzz.net/embed-c32aq2yhm77r.html	162 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:48 Times Seen151 Hash 035c117549bb95ad0992ae461d89e44e 2f45bc18613030f169e7c8ef25553df24e7003b6 0d89ce1d538634aeb6d56fa061bb107311c5daaa1c59aed01cb4e18c48081a96 Loading...

	videzz.net/js/videojs.stm.5.min.js?0.533320839847953	7.2 kB	2024-03-08	2024-05-18
Pretty URL videzz.net/js/videojs.stm.5.min.js?0.533320839847953 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-18 15:06:48 Times Seen108 Hash 4630f52d883cdd6dc5b7e0aee209fe40 ae08102d07ab32e76d5dbd12fa7db315e6f51f4e b74ebfdefad877a934b2e7d38afb3a56ad4db4ebbd88a72b7ae4a44fad74c0d3 Loading...

	www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c	275 kB	2024-05-04	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:06 Last Seen2024-05-05 01:16:27 Times Seen4 Hash 52cb8aaa7bd47e65fd8537712e19e2d3 bad2016be7f852ccf0285ec4333380c87f52158a 0310dec94b61c898c72be346862713b01d87e94229117b7f0e81613be4aabb35 Loading...

	videzz.net/embed-c32aq2yhm77r.html	357 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:48 Times Seen151 Hash 824c86e507e4c27bb34b991feedb5820 06bd36505ef9492db28ebb53c740d5c17d4516b4 0c45ee272e41a3a37bb7d5a0881665e4d54b762e20921cdb145bf5539fe4f551 Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-18
Pretty URL static.addtoany.com/menu/page.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-18 15:06:48 Times Seen1100 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	static.addtoany.com/menu/svg/icons/telegram.js	360 B	2023-03-08	2024-05-18
Pretty URL static.addtoany.com/menu/svg/icons/telegram.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2024-05-18 15:06:48 Times Seen919 Hash 48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js	18 kB	2023-03-07	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-18 15:06:49 Times Seen2966 Hash 12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Loading...

	videzz.net/embed-c32aq2yhm77r.html	87 B	2023-03-08	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-18 15:06:48 Times Seen105 Hash 0a672ce747f1a359a1a6ef6d23ea6202 47662e53c52c0e4d4004acd5c72d4fd34f8fc439 49013788910cc5aee4e70354bdde9cce7f9c9912a142dd141622a68bb9d2293f Loading...

	videzz.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-18
Pretty URL videzz.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 15:11:29 Times Seen350296 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	myliveforyoudreder.com/vidozza.js	1.6 kB	2023-03-08	2024-05-18
Pretty URL myliveforyoudreder.com/vidozza.js IP 172.67.151.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-18 15:06:48 Times Seen186 Hash b340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000 Loading...

	videzz.net/embed-c32aq2yhm77r.html	42 B	2023-03-12	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 17:26:16 Last Seen2024-05-18 15:06:48 Times Seen80 Hash ef7ab1eb5fe88b692b3d8d65ff95a2c4 1339642288bd1758b6b3864292da22d085349752 c2ba1c539107eb3a3ceb346cf19e3ba42b4e7104ac2c96dd5495aafb48d0b021 Loading...

	videzz.net/embed-c32aq2yhm77r.html	388 B	2024-01-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-07 20:19:39 Last Seen2024-05-18 15:06:48 Times Seen18 Hash 96a496a5bf450a896816f85c31924113 801e85a60ef83b8a62d9baab51e19fd87939bab5 2c11a4117b0af03ef327bea399f1fd132e66e97a6fc001ebe9ac831845f25baf Loading...

	videzz.net/embed-c32aq2yhm77r.html	82 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-18 15:06:48 Times Seen147 Hash 67b70174cc2854586ec824f84b79d825 c9bde16aa4e39ab912e1a20fe298b028a3432596 a979d312087118fa753a8ed59077b51936c9595eb2a37cd369a6b4f579eebafd Loading...

	videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	140 kB	2023-03-08	2024-05-18
Pretty URL videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:59 Last Seen2024-05-18 15:06:49 Times Seen152 Hash 8986804e792bac03d992cfa0d65281de 4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44 e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295 Loading...

	videzz.net/embed-c32aq2yhm77r.html	488 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:48 Times Seen147 Hash c88a098ddb34ae8eb653079349e1eb71 c273d06595b90b3f3eadde95865d4fd88a2cdc4a f8be9aff934fb09a35261e76d411268402098e38f3c1468679a0ffddf96cb8cd Loading...

	yd.cottoidearldom.com/1clkn/14903	6 B	2023-03-07	2024-05-18
Pretty URL yd.cottoidearldom.com/1clkn/14903 IP 23.109.170.72 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-18 15:06:49 Times Seen15126 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	dog.seetron.net/lx4oag1.js	239 kB	2024-03-22	2024-05-18
Pretty URL dog.seetron.net/lx4oag1.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-18 15:06:49 Times Seen679 Hash a6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Loading...

	videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	42 kB	2023-03-07	2024-05-18
Pretty URL videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:48 Times Seen244 Hash 764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa Loading...

	aistekso.net/401/5708419	91 kB	2024-05-04	2024-05-04
Pretty URL aistekso.net/401/5708419 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:06 Last Seen2024-05-04 20:07:06 Times Seen1 Hash 7bc5a053f3adaaa0a7156c2903b27ceb 0e740a42c14650df261b2bc4fe8b9f7162a60db2 bc0860ff9f8459ebf9f590386470dfc7efc16194f1fb145a16a325beef946b5d Loading...

	videzz.net/embed-c32aq2yhm77r.html	1.9 kB	2024-05-04	2024-05-04
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:07 Times Seen1 Hash 70f30a5c37bfb50f51dd13cd1d5bcec8 a87af7bac44798bfa30d3cc1fb5298e4a74ee1b3 1f23b5c145a4eab811b6fd4fd8aa99ed6fa2679996796a26c54bc229776b4b69 Loading...

	unknown	627 B	2023-10-28	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 00:22:41 Last Seen2024-05-18 15:06:48 Times Seen28 Hash d9334270bd31fdac18496fe7cd079dfb e073469dca5a3738953b029031ce516484ef8d8f 130a71372360348a1038494c9302c2adb48133f40cf352112d9dd0753b6fa69e Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-18
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 15:11:30 Times Seen349784 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	videzz.net/js/pop.js?v=1.0	35 B	2023-03-07	2024-05-18
Pretty URL videzz.net/js/pop.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-18 15:06:49 Times Seen286 Hash da4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d Loading...

	unknown	623 B	2023-10-28	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 00:22:42 Last Seen2024-05-18 15:06:48 Times Seen28 Hash 448bf6ba1a81b08fc827beeab1762a8f aa93a42c463893e0753c4b8ef2a1a4536fe79ee1 ba80fe3447201708f905503a252055c3593ce907fbce00c61770f33d63e83710 Loading...

	videzz.net/embed-c32aq2yhm77r.html	1.9 kB	2023-03-26	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-18 15:06:48 Times Seen131 Hash 82e1ab0f6fb26e1a626e1ad6812a2e50 ff89302fd6c7736cfe3c0ce1bea0da569a763ced c1133cdc2ae23220a521a156d0edc736cea501341435673899a05f4d54597373 Loading...

	videzz.net/embed-c32aq2yhm77r.html	1.9 kB	2023-05-14	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-18 15:06:48 Times Seen130 Hash a692b14c46b795baddef6cde7925aec0 83421ee7434ca7916a53f711c1a207c04e264e3c 0a136fef0aef4b2b4d90057c95c48e84618ecebe376ad324594150d0b8588f90 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	645 B	2024-04-12	2024-05-18
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:45 Last Seen2024-05-18 15:06:49 Times Seen197 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	dismaytestimony.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js	84 kB	2024-05-04	2024-05-04
Pretty URL dismaytestimony.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:07 Times Seen2 Hash ede8e514e8171037491e1dfdf1a63da8 7692b8f7f74419b001094ec4c7281a7cf8298bcf 0bae85e7d1716aead8c323db9f2ee455aa1d7e7ae694323e1e1614d303c23eab Loading...

	www.googletagmanager.com/gtm.js?id=GTM-56DK3TH	209 kB	2024-05-04	2024-05-04
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:07 Times Seen2 Hash 640c04483ec4f2747b350311fb970cc7 e2fbf2d1004ca08fa97ac63cb0908662b7359191 90c9dd32f46e39e818c78d0d8faabb61731be77d1b8c8db4f95693fb719c9c66 Loading...

	ossgogoaton.com/tag.min.js	81 kB	2024-05-04	2024-05-05
Pretty URL ossgogoaton.com/tag.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 00:02:57 Last Seen2024-05-05 12:14:36 Times Seen29 Hash d8fe6d8977be78f78ee48c068b8c8686 e9c96bfc9bcd374f528f73c0441c2358d6d1d135 43423a879e310562ceed423aa563f4fac45713e6f59b0517d897e2c96a42993b Loading...

	unknown	660 B	2023-12-02	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-18 15:06:48 Times Seen31 Hash 6fd1be1abc624d10186974c2a6ef4502 8d975476c4defc975a3ca622558427daec6c3f38 44adf544834a165ce516122963884d91f0aaa353c313e469faea995aed849fab Loading...

	videzz.net/embed-c32aq2yhm77r.html	221 B	2024-05-04	2024-05-04
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:07 Times Seen1 Hash 40255d745960a23a268044b7a5851d40 631d36bbc648b8f175eb078fa348f07e8a579260 d2936ee0ee412c89b6184eaea0b32e9a462ccf1fea0b29ea7d9b7ebcd08a01ec Loading...

	unknown	662 B	2023-12-02	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-18 15:06:48 Times Seen31 Hash 2a5e6e1741ecff15c9b8353884d70b4e b3c484dd4bdf6d7d89aa3d13a26e66ee253ef318 2a4a2bc469d46ae85dae6362bfd3a172c38404575b09d80bae244c664dd8af83 Loading...

	videzz.net/js/jquery.min.js	96 kB	2023-03-07	2024-05-18
Pretty URL videzz.net/js/jquery.min.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-18 15:06:51 Times Seen48011 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	416 kB	2023-03-07	2024-05-18
Pretty URL videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:48 Times Seen153 Hash 9721700ae4b3d8e0e81f9c6c1c8d511b 1c987ebb7fac787eaa3b2190c9b53bb685d5b8ea d4098ce7457b5191970d2df49c8b8f6c2ffc0d8510673777a08910f0b68d5c2f Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	429 B	2024-04-12	2024-05-18
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:44 Last Seen2024-05-18 15:06:49 Times Seen210 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	s.o333o.com/adgpt.js	2.0 kB	2024-03-22	2024-05-18
Pretty URL s.o333o.com/adgpt.js IP 85.10.205.45 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:49 Last Seen2024-05-18 15:06:49 Times Seen375 Hash 55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Loading...

	unknown	652 B	2023-11-02	2024-05-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 00:44:33 Last Seen2024-05-16 17:16:23 Times Seen31 Hash 90a7fb6f3fd2e87d1af6ef8356ae8573 8a88de6448927a9008ddf081f9bc5473c3b59e67 a7e229056bbef6f07db2831da9341f40f48d71f93f4fff8c29e325c1e721c4cc Loading...

	static.addtoany.com/menu/locale/ru.js	2.1 kB	2023-03-07	2024-05-18
Pretty URL static.addtoany.com/menu/locale/ru.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2024-05-18 15:06:49 Times Seen190 Hash c0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397 Loading...

	static.addtoany.com/menu/svg/icons/viber.js	1.0 kB	2024-04-12	2024-05-18
Pretty URL static.addtoany.com/menu/svg/icons/viber.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-18 15:06:49 Times Seen175 Hash aeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee Loading...

	www.googletagmanager.com/gtag/js?id=UA-158623850-1	208 kB	2024-05-04	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 17:23:27 Last Seen2024-05-05 01:16:27 Times Seen6 Hash 9280f886360b1c2cc4b2ebadc4be8457 88a99b591d4ade06876a74cdb0f9aa7cc698036e 5742ac3be3556abba7ad33fad593f698c380fa1ad85581d6afdf94f2bf9b837a Loading...

	videzz.net/embed-c32aq2yhm77r.html	1.9 kB	2023-09-20	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-18 15:06:48 Times Seen119 Hash ea18635ebabe6012d41f9fe215f59b54 4bb7351c02f51a2d10b55eb8daecf0862aec3db7 4e69daf6970b0700406f701311ff61bf0623749d951327a09de054a9906c8056 Loading...

	cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419	94 kB	2024-05-04	2024-05-04
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:09 Times Seen2 Hash 3c6c086a886c82bc63923629afb19046 ad359eb06090823bda8ebbb2d0f4302816b44112 3b5dc02a498450ede4c084917209ba2931f0fdb949992d180c1259ab8136a703 Loading...

	profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js	44 kB	2024-05-04	2024-05-04
Pretty URL profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:07 Times Seen2 Hash 07d87364a2dc9d48d89c122e29139fb7 06cb79ab82127288a90f796b50f389c3091053b4 edafe0cba2b634388234ef51f635d1a9ab94c16675232b6b2a1e9f35b3d96a58 Loading...

	videzz.net/embed-c32aq2yhm77r.html	1.9 kB	2023-09-20	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-18 15:06:49 Times Seen119 Hash af6177bd7ff00168d56dcbb2dfad8aad b0565c811d5bc5e2b4923cc1194a81126512010c 68848e296ab0993815dd2ae9efbb9b41e1bddf7d57aafd1ce37fcb6588b09901 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	893 B	2024-04-16	2024-05-18
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58:32 Last Seen2024-05-18 15:06:49 Times Seen163 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

	unknown	9.7 kB	2024-05-04	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 17:23:27 Last Seen2024-05-18 15:06:48 Times Seen39 Hash 9b10afef621b188725357ddc3cb354e8 eafa5d3550def25ab84004fe5bb6c764bae8c7b4 5a40b246cfe96dd29952c1ecc925968fc02689639f96a763ac22dfbbd51dcef4 Loading...

	cdn.o333o.com/vast-im.js	310 kB	2024-03-22	2024-05-18
Pretty URL cdn.o333o.com/vast-im.js IP 143.204.55.31 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-18 15:06:49 Times Seen380 Hash 04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286 Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-18
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-18 15:06:51 Times Seen1641 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

	videzz.net/js/ads.js?v=1.0	211 B	2023-03-07	2024-05-18
Pretty URL videzz.net/js/ads.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:49 Times Seen270 Hash 09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523 Loading...

	unknown	625 B	2023-10-28	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 00:22:41 Last Seen2024-05-18 15:06:48 Times Seen28 Hash c792d5d07a8195cc1c0c3391296d9540 c251471b68199fd4baf055ec3a6fe010f2878a71 d0ddb0d20e6a09a1dbc9fe02f3d386995f163f0dc403301fb2692ec7eeb94cfe Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-18
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 15:12:02 Times Seen37788252 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	4.5 kB	2023-03-08	2024-05-18
Pretty URL videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-18 15:06:48 Times Seen107 Hash b3415295ff8e1f9ac2ee3804686e8000 aa440d72b1f380d6b63cea2615984bddfd78c3d0 e5b0442a1e812c047177f669bec8d9f81678b0e26d4cc98c642a00da19ccb1b7 Loading...

	videzz.net/embed-c32aq2yhm77r.html	1.9 kB	2023-12-02	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-18 15:06:49 Times Seen110 Hash 861dcaf645aae37b6316256c150d9dfb 3a9f80b6a4bf4c7807b354238ee1092098ef0592 8580955f289133f8987846865a71337744c9e2f39defb5c7bad0df0752a47ae7 Loading...

	unknown	654 B	2023-12-02	2024-05-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 22:02:09 Last Seen2024-05-16 17:16:22 Times Seen30 Hash 23fc70c20089168d050ef5eaddbf7ee6 5a80fea5f23400aae85a0cda6e784a7630713a27 b62d7d1ce2825740f2bf6ee197b23ee9e4f2c4189fca72142c4fa049588e665e Loading...

	videzz.net/embed-c32aq2yhm77r.html	416 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:49 Times Seen151 Hash 7b2ab585a733a8e54eb7117dbe673331 38ba49b934ea93104d43c095a34cbebabee2416b 161196e2eb45160ec056dcf19476aaf0a8694cd099ce5ddb43f53f58fa86d0d8 Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-18
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-18 15:06:50 Times Seen1795 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	159 kB	2023-03-07	2024-05-18
Pretty URL videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-18 15:06:50 Times Seen256 Hash 7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02 Loading...

	videzz.net/embed-c32aq2yhm77r.html	604 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-18 15:06:49 Times Seen150 Hash 3f51f1dc48435128b95bc2f1354a7a17 1baedda0ccf0cdaaa29bf441fcfe0c5fb2f8d4d4 9a3b5d51bd26f5549b2a1ca571835e3c1f0beede7826fd81566bdbc1dad656e9 Loading...

	unknown	656 B	2023-12-02	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-18 15:06:49 Times Seen34 Hash 0cb63a542cc8304f1b414eb985b358d8 62b35a29974ed7788d74efbbf6f37bc0603a7a57 f1a1ce1f8c7cfcebe82f6c3e05267fcdc1d052073de83232c3f65a6a246a927c Loading...

	videzz.net/embed-c32aq2yhm77r.html	0 B	2023-03-07	2024-05-18
Pretty URL videzz.net/embed-c32aq2yhm77r.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 15:12:02 Times Seen37788252 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	658 B	2023-12-02	2024-05-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 22:02:09 Last Seen2024-05-18 15:06:49 Times Seen34 Hash f2a627f60c3e858d02c665cb50e29998 cf946e95e052f6c63ec09abbfd64890f893b9341 74b81147b6d910383e801b755eabad4dc3df3f82e797aa8fa720bb00497cfc76 Loading...

	dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908	636 B	2024-05-04	2024-05-04
Pretty URL dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:07:07 Last Seen2024-05-04 20:07:08 Times Seen2 Hash 09c2eec970a16ced7d8a45ad8113a599 4732f5268881efe4fbc8d620117b0f1c4a723065 2027ca21356eb30bea2709e0967bda5285765966b478bfde420e34024858774b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-18 15:04:35 Times Seen2446 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - bf6e0ef92ae84c6ac72a2e33e3bd0ba5	614 B	2023-09-20	2024-05-18
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-18 15:06:49 Times Seen119 Hash bf6e0ef92ae84c6ac72a2e33e3bd0ba5 dd276e9188ea2de2da9b957adbb91c7e2b08d4ec 5f5f7af99db9aecf63f1ae5480d2b95a82e350abcdd3a765f5537235d12a4744 Loading...

	#2 Write - ab34ea7c979c46402352a8ce4c7b87cf	614 B	2023-12-02	2024-05-18
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-18 15:06:49 Times Seen110 Hash ab34ea7c979c46402352a8ce4c7b87cf 4ec90223aeea83fe3850db77b92c11eed50c99d3 fd21c10a5b8c554e00e76da6ce58475053e414d4280741ed032a857cf9876978 Loading...

	#3 Write - 7aea427efe0ebb35cac7f6c65074feaa	613 B	2023-03-26	2024-05-18
Pretty Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-18 15:06:49 Times Seen131 Hash 7aea427efe0ebb35cac7f6c65074feaa 7f7025ff75b6c305cf0f7258c68dcc5c3b787ea6 d72f60419e2549dc6934524845bed150c6aa5e1541b5eac18dd5c145f40d2857 Loading...

	#4 Write - 43449de866396eb0131d8111f4fa3895	613 B	2023-05-14	2024-05-18
Pretty Observations First Seen2023-05-14 23:54:06 Last Seen2024-05-18 15:06:49 Times Seen130 Hash 43449de866396eb0131d8111f4fa3895 d74126ea9f2c40f8395c79b3e7f69760f91702fc a67ffe15bbd54d8f4cc64a1e458fc3b742f73783efb009b827b9cf3e9b502add Loading...

	#5 Write - c661bb9a7cc33ed4849427e94a91858c	614 B	2023-09-20	2024-05-18
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-18 15:06:49 Times Seen118 Hash c661bb9a7cc33ed4849427e94a91858c 4be38292beb83aa1b58a668283dfe08ed97d7a42 e56ca9ad4497b40fd4b7c14e2c5e6c5b58563af9cb588188992d2189d22dc477 Loading...

HTTP Transactions (161)

URL IP Response Size

videzz.net/js/pop.js?v=1.0

78.142.18.54

200 OK

35 B

URL GET HTTP/2
videzz.net/js/pop.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
ASCII text
Size
35 B (35 bytes)
Hash
da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-23"
expires: Mon, 03 Jun 2024 18:05:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/ads.js?v=1.0

78.142.18.54

200 OK

211 B

URL GET HTTP/2
videzz.net/js/ads.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
Unicode text, UTF-8 text
Size
211 B (211 bytes)
Hash
09f34de71e8853387dd398fbb263af69
4ccb7007fcebcffe64eaa80f2991509fdbac55d5
6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-d3"
expires: Mon, 03 Jun 2024 18:05:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/adb_logo.png

78.142.18.54

200 OK

8.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/adb_logo.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-2074"
expires: Mon, 03 Jun 2024 18:05:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/attention.png

78.142.18.54

200 OK

6.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/attention.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6377 bytes)
Hash
d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-18e9"
expires: Mon, 03 Jun 2024 18:06:27 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

dog.seetron.net/LrfK7A3.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
dog.seetron.net/LrfK7A3.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /LrfK7A3.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

dog.seetron.net/lx4oag1.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
dog.seetron.net/lx4oag1.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /lx4oag1.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158623850-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74901 bytes)
Hash
9280f886360b1c2cc4b2ebadc4be8457
88a99b591d4ade06876a74cdb0f9aa7cc698036e
5742ac3be3556abba7ad33fad593f698c380fa1ad85581d6afdf94f2bf9b837a

HTTP Headers

GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:27 GMT
expires: Sat, 04 May 2024 18:06:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

yd.cottoidearldom.com/1clkn/14903

23.109.170.72

200 OK

26 B

URL GET HTTP/1.1
yd.cottoidearldom.com/1clkn/14903
IP
23.109.170.72:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectyd.cottoidearldom.com
Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE
ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:27 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 18:06:27 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 18:06:27 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 243453
expires: Thu, 24 Apr 2025 18:06:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l45Xl1VE%2Bi2%2BJr8oJIKYJB9PClci5k2zd%2BPLeo5IH6lIAWIGHM7%2FekuSZu%2FZpEswykDd3ewmebcuONiXCG69VzQ%2B%2BIQ9h32EDR81uqJ2uraUKj6gFKAlxOqw%2FNGDEzirGoX3x3rh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea6cc0fe7756a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-56DK3TH

142.250.74.168

200 OK

74 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3287)
Size
74 kB (73649 bytes)
Hash
640c04483ec4f2747b350311fb970cc7
e2fbf2d1004ca08fa97ac63cb0908662b7359191
90c9dd32f46e39e818c78d0d8faabb61731be77d1b8c8db4f95693fb719c9c66

HTTP Headers

GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:28 GMT
expires: Sat, 04 May 2024 18:06:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

s.o333o.com/adgpt.js

85.10.205.45

200 OK

820 B

URL GET HTTP/2
s.o333o.com/adgpt.js
IP
85.10.205.45:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subjects.o333o.com
FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46
ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2040), with no line terminators
Size
820 B (820 bytes)
Hash
55f8db8e0ec58b646f0b5425b405fdd0
0c79af1239cafc7ec4783f20b0b886a61daccc09
3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2

profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js

172.240.253.132

200 OK

16 kB

URL GET HTTP/1.1
profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectprofitablegatecpm.com
Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30
ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT

File type
JavaScript source, ASCII text, with very long lines (44115), with no line terminators
Size
16 kB (15870 bytes)
Hash
07d87364a2dc9d48d89c122e29139fb7
06cb79ab82127288a90f796b50f389c3091053b4
edafe0cba2b634388234ef51f635d1a9ab94c16675232b6b2a1e9f35b3d96a58

HTTP Headers

GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:06:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Tue, 07 May 2024 21:06:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8d3ee357d0a2ca6c9b85108d1a198fd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

zv.7vid.net/api/spots/70102?s1=174908&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515

135.181.208.216

200 OK

545 B

URL GET HTTP/2
zv.7vid.net/api/spots/70102?s1=174908&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subject1111.spinna.online
FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED
ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT

File type
gzip compressed data, from Unix
Size
545 B (545 bytes)
Hash
96681d988efe1a616cd8e5f9ad89f8a3
1e5b9d5a5cbff23b52e356f82b155a5209d6b96e
a07265bf8e2784eeaa7f885272e8ff6d6bce27d3f9266786f9999da71329f1f5

HTTP Headers

GET /api/spots/70102?s1=174908&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=sV1wOwlToO4W1wnKjRyD; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d2fb19d8d1ae49388732a3b16cc9a75c
ecc2290ef0f423616396cc6576293403416f41fd
cccc7fc85f18fbd4a8174f986e0af306a9086b6b13045ab286f7ff8ffc3cf818

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e54da55b-9dea-42ca-ad22-8912f24bb312:1:1; expires=Tue, 02 May 2034 18:06:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

172.67.39.148

200 OK

37 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3003), with no line terminators
Size
37 kB (37422 bytes)
Hash
5f984fdd1d3384220c67422c1f544a95
79c8a48b5fab47972dd69ce7dfd08cee895006b5
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgezfhqgqVTMRSCdIrsKRfYkTxH%2FPj8LGo%2FZi7bo9fU4bzjrWOUuM%2FuqWdESz21N5bpaJYUt1gOALJJNuyaI4ehXqxRbTvLTpK26n%2FiZMmvypcd9Sxrz%2Bq3mFCmK6Ma%2FchKwisEm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6518
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cbe3b9656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

95 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
95 kB (94717 bytes)
Hash
e151e24dc5b354ea8ee36534a8264594
4b5f293d59d009ee46087f164ee86d066e8e83f4
b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaVIZGzleVd1Bn6XjRpe3bzvPIMazWhX3nStUn1QKI4fzP37yNbQx1RJcIDjeQeNL4Khbrm9xhwde3Gc6C4PxnHE6cd2gtUWtX00vpTo62Ae9jka%2FKfGxRCc88nxduDb6AL%2F0m9WPHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3f91256ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dismaytestimony.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js

192.243.59.13

200 OK

30 kB

URL GET HTTP/1.1
dismaytestimony.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30397 bytes)
Hash
ede8e514e8171037491e1dfdf1a63da8
7692b8f7f74419b001094ec4c7281a7cf8298bcf
0bae85e7d1716aead8c323db9f2ee455aa1d7e7ae694323e1e1614d303c23eab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7843ca7b80b2b3af3e702d627a289b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 352083
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc75cd1b529-OSL
alt-svc: h3=":443"; ma=86400

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d2fb19d8d1ae49388732a3b16cc9a75c
ecc2290ef0f423616396cc6576293403416f41fd
cccc7fc85f18fbd4a8174f986e0af306a9086b6b13045ab286f7ff8ffc3cf818

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=e54da55b-9dea-42ca-ad22-8912f24bb312:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

dismaytestimony.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66&psid=CF-3448_0

192.243.59.13

200 OK

6.1 kB

URL GET HTTP/1.1
dismaytestimony.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66&psid=CF-3448_0
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type
JSON text data
Size
6.1 kB (6089 bytes)
Hash
460569000ba5260045e21151a4dc7f80
4dd9e51778e31b262d463bdd86832b1915c45e0f
4a68bc6905c176b16f7943069710ffc828fe031e05a6002354e51ea846610b79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66&psid=CF-3448_0 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 18:06:29 GMT; secure; SameSite=None
slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]; expires=Sat, 04 May 2024 18:06:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97b724059b92c28dfcd11cbc7251ca91
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

121 kB

URL GET HTTP/2
videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
121 kB (121257 bytes)
Hash
6886c48e623fba1d38b7ee9c6f1b088c
1f38ba1ac588ca5b7edeb0e4193798e7e53413b7
2becc81fb7b82848cb89a0c6e7095bd422dea94141c3315b8e08f5e5579aae67

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-96f9f"
expires: Mon, 03 Jun 2024 18:05:12 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

65 kB

URL GET HTTP/2
videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
65 kB (64719 bytes)
Hash
b0371175f00eaefdd884b58d55fcc4c0
e9cd29fe5b0b8b880aea7cc04fbabebecab3050e
92dcf1eaab5ebc24ac94afa98961e19e15abcba4b43f270dd862bcd957435e4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-26cb6"
expires: Mon, 03 Jun 2024 18:04:22 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

static.addtoany.com/menu/modules/core.BRQnzO8v.js

172.67.39.148

200 OK

26 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25953 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK8gUdgRP8GeYnLNHjDu6u8caDNHdfO2sQNKdIoJNqcMjR7wKzBSRPIzKBAhIZ8GUNx3vYpRT%2B9Wl0bTiXTo1YqoNOdrpxq%2F84ur0eWSRu%2B8ofOTPc9x7M1JwH%2F7P4Z%2FP3le3Hg2mdvhb0ePe1lTNo51"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc2ff2d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dismaytestimony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fs8aTgv96K8KCFBTrZmZ2M7trD8E0jQTTpraKBYXyZt6bzTNv5g3vzdvZ7Ck0ID0uXrxOfps0VEvVkyerbAoKASHrKYfm5sGT0GKvyq6hwQ9mvu97v9%2BD3%2Ff73hfb9pj4sPRo8bLqCynp7FzNrb55w%2FMuVFdEanvVXiu4GTQuVHX33XZQc9%2Bqvs%2BjdTXru57req5XXRKax6o3OwEhsnttr9Z2aw2%2F5s010NP%2F7411YKgD1j0mr0Kw8cxD5wxENEKafLfIzXqusvOXEitprjS6bO%2FjdD1VRYrktIy1gzjdO2FDmcOlB1Dp7lQuVPcZMRRj4vzyAGG6dyISYXdnqjOU4ClC9gKK7ghcjiDoCJHagmCHBIgYrqwiTe5cUbqgG%2F%2BhdIKOyczTJxDFmMw8OoM0ub8gRa96XUmbC5Ua9OISojeC6IyQ2X3k%2FQpEsY8ovwXBfiOzT1eQJjurRioIVk5nF2IEEY8g%2BQDUOLCTTziwsQObOUjYUTXyPK%2Fpsoi6rXYU1VmThwFzPdqMPeq5QQs2msgbIM8GiOQAkd5EpjexLgbQ9meYtRKGOTD5mDgfbqLLShScoDAEBSUoBEGRExTdcpdJ45vyDpPGht5J9k9yvRyqvLNNd1Xe4SkB1QNoVm5nx%2BSViT%2FOGxUf6%2FyoGrOGGwYtn7pzvEFp3Gi1md8OXK8%2B51IaBDDi7sWld%2BqNRuumC2Eq09n7YkzOxT8gE2Py4q8EId2HkfuIxGug9nXQogRdK9FPv02oSGtdwVSf1lKeg6kSWT6DfMPZlsfk7HRbq1sGPDqYf%2FLP%2FbPuo78Q6RKZLvG5eEjQkbeH11RBdq6pwpDvV7NcJKJPJ5u8ntOcP%2F%2F1B3yjUJotL5rB3feiCTAp733ETb5CUybSjiHfLAjGuF5SOuLkx2XzCQ%2BvWrO2YHVqs5WrF5eWk0xzY4RKR6Di8NJXiMSYvPTTZ9Mnev7TPyD0CNqWSOwBOQkItY8o24TJDuYfy7%2FfHuzdglEEWp5ywsxBYcuh9sPTQykIJD%2FtaVjC8IP5P2%2B8HF4eP0bIn9kx1HRym4py29xGR1dA8y2kSYmuLtGVJagcwNjnhnmmD%2BZ%2Fr08DoawMQ6krO6HU8supyZOfhRFH1Wa97tKgPec1m5Q3w4bfigOPUeo3Aj8IaB25GcfBxrl%2FAQAA%2F%2F8BAAD%2F%2F%2FYy0WN8BAAA

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
dismaytestimony.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fs8aTgv96K8KCFBTrZmZ2M7trD8E0jQTTpraKBYXyZt6bzTNv5g3vzdvZ7Ck0ID0uXrxOfps0VEvVkyerbAoKASHrKYfm5sGT0GKvyq6hwQ9mvu97v9%2BD3%2Ff73hfb9pj4sPRo8bLqCynp7FzNrb55w%2FMuVFdEanvVXiu4GTQuVHX33XZQc9%2Bqvs%2BjdTXru57req5XXRKax6o3OwEhsnttr9Z2aw2%2F5s010NP%2F7411YKgD1j0mr0Kw8cxD5wxENEKafLfIzXqusvOXEitprjS6bO%2FjdD1VRYrktIy1gzjdO2FDmcOlB1Dp7lQuVPcZMRRj4vzyAGG6dyISYXdnqjOU4ClC9gKK7ghcjiDoCJHagmCHBIgYrqwiTe5cUbqgG%2F%2BhdIKOyczTJxDFmMw8OoM0ub8gRa96XUmbC5Ua9OISojeC6IyQ2X3k%2FQpEsY8ovwXBfiOzT1eQJjurRioIVk5nF2IEEY8g%2BQDUOLCTTziwsQObOUjYUTXyPK%2Fpsoi6rXYU1VmThwFzPdqMPeq5QQs2msgbIM8GiOQAkd5EpjexLgbQ9meYtRKGOTD5mDgfbqLLShScoDAEBSUoBEGRExTdcpdJ45vyDpPGht5J9k9yvRyqvLNNd1Xe4SkB1QNoVm5nx%2BSViT%2FOGxUf6%2FyoGrOGGwYtn7pzvEFp3Gi1md8OXK8%2B51IaBDDi7sWld%2BqNRuumC2Eq09n7YkzOxT8gE2Py4q8EId2HkfuIxGug9nXQogRdK9FPv02oSGtdwVSf1lKeg6kSWT6DfMPZlsfk7HRbq1sGPDqYf%2FLP%2FbPuo78Q6RKZLvG5eEjQkbeH11RBdq6pwpDvV7NcJKJPJ5u8ntOcP%2F%2F1B3yjUJotL5rB3feiCTAp733ETb5CUybSjiHfLAjGuF5SOuLkx2XzCQ%2BvWrO2YHVqs5WrF5eWk0xzY4RKR6Di8NJXiMSYvPTTZ9Mnev7TPyD0CNqWSOwBOQkItY8o24TJDuYfy7%2FfHuzdglEEWp5ywsxBYcuh9sPTQykIJD%2FtaVjC8IP5P2%2B8HF4eP0bIn9kx1HRym4py29xGR1dA8y2kSYmuLtGVJagcwNjnhnmmD%2BZ%2Fr08DoawMQ6krO6HU8supyZOfhRFH1Wa97tKgPec1m5Q3w4bfigOPUeo3Aj8IaB25GcfBxrl%2FAQAA%2F%2F8BAAD%2F%2F%2FYy0WN8BAAA
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fs8aTgv96K8KCFBTrZmZ2M7trD8E0jQTTpraKBYXyZt6bzTNv5g3vzdvZ7Ck0ID0uXrxOfps0VEvVkyerbAoKASHrKYfm5sGT0GKvyq6hwQ9mvu97v9%2BD3%2Ff73hfb9pj4sPRo8bLqCynp7FzNrb55w%2FMuVFdEanvVXiu4GTQuVHX33XZQc9%2Bqvs%2BjdTXru57req5XXRKax6o3OwEhsnttr9Z2aw2%2F5s010NP%2F7411YKgD1j0mr0Kw8cxD5wxENEKafLfIzXqusvOXEitprjS6bO%2FjdD1VRYrktIy1gzjdO2FDmcOlB1Dp7lQuVPcZMRRj4vzyAGG6dyISYXdnqjOU4ClC9gKK7ghcjiDoCJHagmCHBIgYrqwiTe5cUbqgG%2F%2BhdIKOyczTJxDFmMw8OoM0ub8gRa96XUmbC5Ua9OISojeC6IyQ2X3k%2FQpEsY8ovwXBfiOzT1eQJjurRioIVk5nF2IEEY8g%2BQDUOLCTTziwsQObOUjYUTXyPK%2Fpsoi6rXYU1VmThwFzPdqMPeq5QQs2msgbIM8GiOQAkd5EpjexLgbQ9meYtRKGOTD5mDgfbqLLShScoDAEBSUoBEGRExTdcpdJ45vyDpPGht5J9k9yvRyqvLNNd1Xe4SkB1QNoVm5nx%2BSViT%2FOGxUf6%2FyoGrOGGwYtn7pzvEFp3Gi1md8OXK8%2B51IaBDDi7sWld%2BqNRuumC2Eq09n7YkzOxT8gE2Py4q8EId2HkfuIxGug9nXQogRdK9FPv02oSGtdwVSf1lKeg6kSWT6DfMPZlsfk7HRbq1sGPDqYf%2FLP%2FbPuo78Q6RKZLvG5eEjQkbeH11RBdq6pwpDvV7NcJKJPJ5u8ntOcP%2F%2F1B3yjUJotL5rB3feiCTAp733ETb5CUybSjiHfLAjGuF5SOuLkx2XzCQ%2BvWrO2YHVqs5WrF5eWk0xzY4RKR6Di8NJXiMSYvPTTZ9Mnev7TPyD0CNqWSOwBOQkItY8o24TJDuYfy7%2FfHuzdglEEWp5ywsxBYcuh9sPTQykIJD%2FtaVjC8IP5P2%2B8HF4eP0bIn9kx1HRym4py29xGR1dA8y2kSYmuLtGVJagcwNjnhnmmD%2BZ%2Fr08DoawMQ6krO6HU8supyZOfhRFH1Wa97tKgPec1m5Q3w4bfigOPUeo3Aj8IaB25GcfBxrl%2FAQAA%2F%2F8BAAD%2F%2F%2FYy0WN8BAAA HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d42a71e4f424d3bd5c1f49f5f6644d39
Strict-Transport-Security: max-age=0; includeSubdomains

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843za200&_p=1714845988057&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2195

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843za200&_p=1714845988057&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2195
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843za200&_p=1714845988057&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2195 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Sat, 04 May 2024 18:06:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=53

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=53
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=53 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif

172.67.141.24

200 OK

206 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
GIF image data, version 89a, 480 x 360
Size
206 kB (206291 bytes)
Hash
0b33face774f2203446507ce5f075538
1dd3522529bce7739df0687f47f5bc84356698a0
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 343616
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uxmk9ztGD0pPBGnD2yLnR3mBriKx9Oge6cb6uD549g3FeXXzlfVakZar6531QIVyANpFmqL%2BnrEN5R9MR47dNCDKiVIEIBRIB%2F1Adpni40SQvKDs25QLfg8pLordZoBldSgACPAE8K%2Bl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccd6c1c569a-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4

172.67.141.24

206 Partial Content

34 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
34 kB (34238 bytes)
Hash
69e52ff16a779d8ab66a1156cc50ab23
27f8897a2acc3bcfd319c267d137aaa4650fb3c5
2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Sat, 04 May 2024 18:06:29 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 343607
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MqyiinyG%2FVrATJOQFh27hrLct00hRMYVN17U%2BcXsCvZTy9TWikbuU5Y6He29QZ84vzVd07Y9NTKTmFz7af9cws2NL4gYAvEtyCIomaCIWYB2XTB1NDkw%2B7asYekTI%2F7Yuy3h2e3KMnq2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccd7c1f569a-OSL
alt-svc: h3=":443"; ma=86400

xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570

173.239.53.20

302 Found

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/

bid.bidclickmedia.com/sub/0YDX8OE

172.67.205.77

200 OK

144 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/0YDX8OE
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
144 B (144 bytes)
Hash
f5ed6ce7b82ba2323315254d8ec73268
130f2deb64cffe104ed683e06bb6f60d3755ac1c
fea4d8201695c74087e6b7cdd58df01361f12fcad31870e7d9fbbed7402a2926

HTTP Headers

GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wK0k1ToQzorLgbnFAs2U8BhAJGmDDz7BtyNdvLOcy1RDRowh0HLTef3NXBKPTwA8xA5QiZLLCiOth1lt%2BDYPrMCA9Pi7hy4aLZD6lNc5rhbl9UjLpWDu7PpwpcpxLKfMdqUmTcdzXU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3f90f56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css

172.67.141.24

200 OK

1.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
1.0 kB (1019 bytes)
Hash
af19abbabe1a862a20cb0e0a3ef31c7e
efcc04c4011905e4f013adae56ea928dc47ac7ef
8a72b4d48ce36805c492e3927213e1327c8d924544a595527da9955fd8916e19

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 328175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4S1BQYnwcPyZMYSPUAMD6kLqQmeEX90u7N9%2FgBHNNFdZgQGbkSBObeSnZC54KmEauAORnn2HQY0n4BKSDlyzLXaBPaaZdwa1j6Rx6Q4e3rodNPZ6ELiTo3nX%2BnvLUrVm%2FYrTzq0QKTz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cccdb32b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsSirc3TzkY3%2FA5p184IGKmuasc%2BwBq4ebLDAknHF3idebl10fU1lyYWV4kuxjJK7ZW3XY5l6ASuBDV5tmITYt5Rymxa8CSFGW4lrke%2F9egk5%2BmwQYaHhspZivDWH3%2FGD%2BZQfQgJLUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc75be81bfe-OSL
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iVqfRWTW9U0SzVH6SyKNIlL3dUQAfNuw9DPMDLhfEIqNQfsOXvXX39WFp73Gn0DT4MNEz%2BuZeE3gc%2F5zEBTO0ouPy%2FBQeKBwjHIjdi7iEAF8S8%2BzHOdwP8P9BhYbVD4U39CmXbQkmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc83cbf1bfe-OSL
alt-svc: h3=":443"; ma=86400

dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=55

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=55
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=55 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

717 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
717 B (717 bytes)
Hash
5e48f11f5e65274412215f94f73f8c49
4dd35e5b5136df76bd7ff9da1f119d0ec0e57ff7
40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 18:06:30 GMT
date: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-119774978-7

142.250.74.168

72 kB

URL
www.googletagmanager.com/gtag/js?id=UA-119774978-7
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
72 kB (71590 bytes)
Hash
42f0d9e93e4b188c45d4edf4f394e091
9b59f40609f6e5f973b5e798c64c656e1d8e0d04
ad704719fc2b9cb3439df6d840bcf3b55c5c07644af7aff3388c914f4c9e2e88

HTTP Headers

GET /gtag/js?id=UA-119774978-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK

142.250.74.168

103 kB

URL
www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
103 kB (102757 bytes)
Hash
4a5211aa47347416ee9cd867aae7057c
b4221f12477cdf4ad1bb1b0aef44496718ff7750
a7d45b48cac24327bec8ba928b0398793b10dcaedf99cedfc5cc506b9bee3af3

HTTP Headers

GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tfosrv.com/impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7

216.18.168.29

302 Found

0 B

URL GET HTTP/1.1
tfosrv.com/impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=a485aa4b-4506-4500-a377-2ddb8a23d95c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Sat, 04 May 2024 18:06:30 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f
set-cookie: sppc_uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css

172.67.141.24

200 OK

5.4 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
5.4 kB (5443 bytes)
Hash
49a38187f94418e173e4bcc50c96dc4b
b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293
92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 328175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fN8goGule%2BGQ56IiPOcmW0%2F5NfM%2FdanIAxwjR2%2BXeMAK5V%2FY4FawzxOoQHYsEyB%2FtKk5LOS7ZnpEyYxf1Xxw0lyvLGKa2znRtea%2FvDchkblSqXY3yeJYwoF%2BNAg0S%2FcRBM2Xok5tJWga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cccdb2eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c

142.250.74.168

94 kB

URL
www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
94 kB (93815 bytes)
Hash
f390046d962e105c12f4dbb23e8d7865
5522dc3d15196dfe8b71f59a9729a4c215b43c27
237332e2b314dc0eb1e79d69cbfc36ffd8d04870ac5ebb914c77a4c1c5aa9e5a

HTTP Headers

GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c

142.250.74.168

102 kB

URL
www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101650 bytes)
Hash
5a924abc240e28d0f3d68ab95da3f925
c7c95cd17ffccf12a5b3084a5ec9b190b4795c84
334f66e8b2ec164594f0ecc6261a9ed586c2125c906879c081ef49b46f1d3ce6

HTTP Headers

GET /gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dismaytestimony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Bb4wrBf%2B6K8KAFBTr5L35y4xdBNM0Ekyb2ioWFMr9e5Nr7nv3ce978yazCg1Il4Mbty%2FfJA3VUnXlyiqTgkJAyLjKotm5cCW02K0yY2jwwHvnnPt9F77znfvFdnZMqsjo0eJl01da09lGxS%2B%2FeSMILpRXVJz1yr1W82azfqFsu%2B%2B2mxX%2FrfL7kq%2Bb2aof%2BH7gB%2BUlZWVoerMTECq51w4qbb9Sr1aCRh09%2B%2F%2FeZR4c9SC6x%2BRVKDGeeeidgeIjxNF3i9KtpyY5fynKNE2NRVfsfRyvxyaPEZ2WofUQxnsnbBh3uPQAJt6dyoXpPiMyNSbeLw%2FA4r0TkWDdnalOpiFjMPEC8u4IUo%2Bg6AjcbEGJQwJwgSuriKM7V4zN6cZ%2FKJ2gYzLz9AlUPiYzj84gju4vaNUrXzc6S5WJHXphAdUbQXVGSLJ9pP0SVL4Pnt6CEr%2BR2acriKOdVacNlCimsys1ggpH0HIA6jxkk095yEIPWeIhEkdlHgTBnC849VttzmtiTrKm8AM6FwY08JstZHwib4A0GYDrAbjdRGI3sa4GsNnPcGsFnPDg0jHxPtxEVxTIJUHuCHJKkCuCPCXIu8Wu0K7qijtCu4wFJ7l6kmvF0KSdbbpr0o6MCagdwIpiOzkmr0z88d4oVbEuj8qhqPus2apSvyHrlIb1VltU200%2FqDV8SptNOHX34tI7tXq9ddOHcqXp7H01JufCH5CoMXnxVwJG9%2BH0Prh6DTR7HTQvQNcK9ONvI6riSlcJ06eVWKYQpkCSziDd8Lb1MTk73dbqloPkB%2FNP%2Frl%2F1n%2F0F7gtkNgCn6uHBB19e3jN5GTnmskd%2BX41SVWk%2BnSyyespTeXzX38gN3JjxfKiG9x9j0%2BASXnvI%2BnSFRoLFXcc%2BWZBCSHtkrFckh%2BX3SeSXc3c2kJm4yxZuXpxaTlKrHROmXgEqg4vfQWuxuSlnz6bPtHzn%2F4BZUewWYEoOyAnAWX2wZNNuORg%2FrH%2B%2B%2B3B3i04Q2D1KYclHvKsGNoqOz3UikDL056yAk4ezP9542V2efwYTD6zY2jp5DZVxba7jY4tgaZbiKMCXVugqwtQPYDLnhumiT2Y%2F702DTBdGjJtSztMW%2F3l1OTJL4NTR%2BWaL%2BaYDOUck%2FVGPZRcsEaD%2BTzkrCZaLY7UjcPmxrl%2FAQAA%2F%2F8BAAD%2F%2F3bmBIt8BAAA

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
dismaytestimony.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Bb4wrBf%2B6K8KAFBTr5L35y4xdBNM0Ekyb2ioWFMr9e5Nr7nv3ce978yazCg1Il4Mbty%2FfJA3VUnXlyiqTgkJAyLjKotm5cCW02K0yY2jwwHvnnPt9F77znfvFdnZMqsjo0eJl01da09lGxS%2B%2FeSMILpRXVJz1yr1W82azfqFsu%2B%2B2mxX%2FrfL7kq%2Bb2aof%2BH7gB%2BUlZWVoerMTECq51w4qbb9Sr1aCRh09%2B%2F%2FeZR4c9SC6x%2BRVKDGeeeidgeIjxNF3i9KtpyY5fynKNE2NRVfsfRyvxyaPEZ2WofUQxnsnbBh3uPQAJt6dyoXpPiMyNSbeLw%2FA4r0TkWDdnalOpiFjMPEC8u4IUo%2Bg6AjcbEGJQwJwgSuriKM7V4zN6cZ%2FKJ2gYzLz9AlUPiYzj84gju4vaNUrXzc6S5WJHXphAdUbQXVGSLJ9pP0SVL4Pnt6CEr%2BR2acriKOdVacNlCimsys1ggpH0HIA6jxkk095yEIPWeIhEkdlHgTBnC849VttzmtiTrKm8AM6FwY08JstZHwib4A0GYDrAbjdRGI3sa4GsNnPcGsFnPDg0jHxPtxEVxTIJUHuCHJKkCuCPCXIu8Wu0K7qijtCu4wFJ7l6kmvF0KSdbbpr0o6MCagdwIpiOzkmr0z88d4oVbEuj8qhqPus2apSvyHrlIb1VltU200%2FqDV8SptNOHX34tI7tXq9ddOHcqXp7H01JufCH5CoMXnxVwJG9%2BH0Prh6DTR7HTQvQNcK9ONvI6riSlcJ06eVWKYQpkCSziDd8Lb1MTk73dbqloPkB%2FNP%2Frl%2F1n%2F0F7gtkNgCn6uHBB19e3jN5GTnmskd%2BX41SVWk%2BnSyyespTeXzX38gN3JjxfKiG9x9j0%2BASXnvI%2BnSFRoLFXcc%2BWZBCSHtkrFckh%2BX3SeSXc3c2kJm4yxZuXpxaTlKrHROmXgEqg4vfQWuxuSlnz6bPtHzn%2F4BZUewWYEoOyAnAWX2wZNNuORg%2FrH%2B%2B%2B3B3i04Q2D1KYclHvKsGNoqOz3UikDL056yAk4ezP9542V2efwYTD6zY2jp5DZVxba7jY4tgaZbiKMCXVugqwtQPYDLnhumiT2Y%2F702DTBdGjJtSztMW%2F3l1OTJL4NTR%2BWaL%2BaYDOUck%2FVGPZRcsEaD%2BTzkrCZaLY7UjcPmxrl%2FAQAA%2F%2F8BAAD%2F%2F3bmBIt8BAAA
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2Bb4wrBf%2B6K8KAFBTr5L35y4xdBNM0Ekyb2ioWFMr9e5Nr7nv3ce978yazCg1Il4Mbty%2FfJA3VUnXlyiqTgkJAyLjKotm5cCW02K0yY2jwwHvnnPt9F77znfvFdnZMqsjo0eJl01da09lGxS%2B%2FeSMILpRXVJz1yr1W82azfqFsu%2B%2B2mxX%2FrfL7kq%2Bb2aof%2BH7gB%2BUlZWVoerMTECq51w4qbb9Sr1aCRh09%2B%2F%2FeZR4c9SC6x%2BRVKDGeeeidgeIjxNF3i9KtpyY5fynKNE2NRVfsfRyvxyaPEZ2WofUQxnsnbBh3uPQAJt6dyoXpPiMyNSbeLw%2FA4r0TkWDdnalOpiFjMPEC8u4IUo%2Bg6AjcbEGJQwJwgSuriKM7V4zN6cZ%2FKJ2gYzLz9AlUPiYzj84gju4vaNUrXzc6S5WJHXphAdUbQXVGSLJ9pP0SVL4Pnt6CEr%2BR2acriKOdVacNlCimsys1ggpH0HIA6jxkk095yEIPWeIhEkdlHgTBnC849VttzmtiTrKm8AM6FwY08JstZHwib4A0GYDrAbjdRGI3sa4GsNnPcGsFnPDg0jHxPtxEVxTIJUHuCHJKkCuCPCXIu8Wu0K7qijtCu4wFJ7l6kmvF0KSdbbpr0o6MCagdwIpiOzkmr0z88d4oVbEuj8qhqPus2apSvyHrlIb1VltU200%2FqDV8SptNOHX34tI7tXq9ddOHcqXp7H01JufCH5CoMXnxVwJG9%2BH0Prh6DTR7HTQvQNcK9ONvI6riSlcJ06eVWKYQpkCSziDd8Lb1MTk73dbqloPkB%2FNP%2Frl%2F1n%2F0F7gtkNgCn6uHBB19e3jN5GTnmskd%2BX41SVWk%2BnSyyespTeXzX38gN3JjxfKiG9x9j0%2BASXnvI%2BnSFRoLFXcc%2BWZBCSHtkrFckh%2BX3SeSXc3c2kJm4yxZuXpxaTlKrHROmXgEqg4vfQWuxuSlnz6bPtHzn%2F4BZUewWYEoOyAnAWX2wZNNuORg%2FrH%2B%2B%2B3B3i04Q2D1KYclHvKsGNoqOz3UikDL056yAk4ezP9542V2efwYTD6zY2jp5DZVxba7jY4tgaZbiKMCXVugqwtQPYDLnhumiT2Y%2F702DTBdGjJtSztMW%2F3l1OTJL4NTR%2BWaL%2BaYDOUck%2FVGPZRcsEaD%2BTzkrCZaLY7UjcPmxrl%2FAQAA%2F%2F8BAAD%2F%2F3bmBIt8BAAA HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41036e6bd87a4cd440a53b108face7fa
Strict-Transport-Security: max-age=0; includeSubdomains

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

dismaytestimony.com/pixel/sbs?c=1

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
dismaytestimony.com/pixel/sbs?c=1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

53 kB

URL GET HTTP/2
videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
53 kB (52875 bytes)
Hash
788efc9c3385cbfc4b9a0ba082089335
6cfafdd2715c97df55572f456f220a044a0c9387
648c26b5754e32365150b0ff034da8bf4b76e5b619f472b1a3867997936bb806

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-29645"
expires: Mon, 03 Jun 2024 18:04:45 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 31073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 231090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c

142.250.74.168

71 kB

URL
www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70725 bytes)
Hash
13d57096053c2f89e213d6cb524a5b3b
5396a0f0bdc0aa4d8e4da5b1ac88f4fdd6e2a6c8
e93ac98b5520f17e43691b7e0f636f93e915b7ebf04fcf115058db587db56087

HTTP Headers

GET /gtag/js?id=UA-119774978-8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:30 GMT
expires: Sat, 04 May 2024 18:06:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

505 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
505 B (505 bytes)
Hash
e151e24dc5b354ea8ee36534a8264594
4b5f293d59d009ee46087f164ee86d066e8e83f4
b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9hmKZ1f6agXewnteH8NFhYzgEGmMkwCQOakrhbtmfg5dhGN7sZmBAC4Pgpliefjb3hwBEMfs6veBXvvOP1CXhjSA2r4A%2FXSObguR8R3rXNCya6nxpFinrvZFOb5m3SlaLbhQW6Zm%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc4091c56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

trafforsrv.com/click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f

216.18.168.28

302 Found

0 B

URL GET HTTP/1.1
trafforsrv.com/click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f
IP
216.18.168.28:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.trafforsrv.com
FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00
ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Sat, 04 May 2024 18:06:30 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=fdd65544-ccfa-456d-977c-ca945a009435; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

dog.seetron.net/api/settings/59846

135.181.208.216

200 OK

414 B

URL GET HTTP/2
dog.seetron.net/api/settings/59846
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
gzip compressed data, from Unix
Size
414 B (414 bytes)
Hash
21a0a9ce8be40c1e7a7307a9fb9cfe7a
2f5ecb688e36c55718a866e41c3c37f2ecfb57f5
513be113166f77c78ff345893db75be1ced8468e2c2f14ca106aa13289e02ae1

HTTP Headers

GET /api/settings/59846 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=2030832543.1714845989&gtm=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=413211492

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=2030832543.1714845989&gtm=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=413211492
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=2030832543.1714845989&gtm=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=413211492 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 18:06:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.pemsrv.com/splash.php?idzone=5040978&type=8

95.211.229.247

200 OK

478 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintBA:AA:AB:1F:22:EF:D5:0A:2D:0C:D0:E8:1C:F5:D4:F5:29:2A:0D:5D
ValidityTue, 30 Apr 2024 07:53:35 GMT - Mon, 29 Jul 2024 07:53:34 GMT

File type
HTML document, ASCII text, with very long lines (717)
Size
478 B (478 bytes)
Hash
0a0facbef164c9e58f80ef97a1a0827e
11213522b288f0683c8f640b87b1e4e246ad8030
8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf

HTTP Headers

GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266367926f333e6.761464332405032564%22%3B%7D; expires=Mon, 04 May 2026 18:06:30 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNTk1fX0=

94.130.197.240

302 Found

0 B

URL GET HTTP/2
mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNTk1fX0=
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNTk1fX0= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

104.17.25.14

200 OK

5.1 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17660)
Size
5.1 kB (5117 bytes)
Hash
12dd498bf90c536803c2aad708b66c2b
5f9363d39a405d1c94328cf2303ff4a05c0ad163
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

HTTP Headers

GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 248423
expires: Thu, 24 Apr 2025 18:06:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZ4SJ3eg9v92PrVGaotx63c8RIvTQdhDs5i%2F%2BLVC%2Fd3u7p8n2DbQ0pDIJgQgEbyp6KNZOyyPFVqC7uvP8NyeU4aozUib0tKRpwwGyPGxq4m54hqINvQcKod0xYiqAHv4%2F8cOCi3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea6cd4baee56b5-OSL
alt-svc: h3=":443"; ma=86400

mcpuwpsh.com/popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=

94.130.197.240

302 Found

0 B

URL GET HTTP/2
mcpuwpsh.com/popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder/in/click/?mid=1926688068945733946&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=b3973932a48ce8207b7d64d04092bc20&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2

94.130.197.240

302 Found

0 B

URL GET HTTP/2
mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNjEwfX0=
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI0cWEyYzc2a3I5ZGt3NGoydzhnYnoifSwiZXh0Ijp7ImR0IjoxNzE0ODQ1OTkwNjEwfX0= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2

dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908

135.181.208.216

200 OK

419 B

URL GET HTTP/2
dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
ASCII text, with very long lines (373)
Size
419 B (419 bytes)
Hash
09c2eec970a16ced7d8a45ad8113a599
4732f5268881efe4fbc8d620117b0f1c4a723065
2027ca21356eb30bea2709e0967bda5285765966b478bfde420e34024858774b

HTTP Headers

GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=yJaSZp7sTldXrpgtUf2k; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908

135.181.208.216

200 OK

449 B

URL GET HTTP/2
dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
ASCII text, with very long lines (350)
Size
449 B (449 bytes)
Hash
bb125c0ed3920d4a09b9601b2d6a19a4
89ea2f25f1669ee5708aa0bc501eb80c2b3dfcc8
cbc1f7391bf5b7b99d2f4423f37bce5582f1b674968203d115c9bc6b964cdc34

HTTP Headers

GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&sid=efdb1433-63c7-4dd0-9bdf-bd55bda66515&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=174908 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=1OV557rxBvxm71lIk9lE; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

hoddlegamey.com/itLmTlMrHisAt/67652

23.109.170.77

200 OK

61 B

URL GET HTTP/1.1
hoddlegamey.com/itLmTlMrHisAt/67652
IP
23.109.170.77:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjecthoddlegamey.com
Fingerprint07:BD:B4:24:F4:70:EB:F5:60:F8:9F:61:E8:65:29:7E:9B:54:8C:D2
ValidityMon, 22 Apr 2024 23:02:12 GMT - Sun, 21 Jul 2024 23:02:11 GMT

File type
HTML document, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
86733bb66fb84b851592d733e51f0cbd
42eaf19a5ca195667a9212b0ea3557eee76954a8
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sun, 05-May-2024 18:06:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sun, 05-May-2024 18:06:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

mcpuwpsh.com/popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=

94.130.197.240

302 Found

0 B

URL GET HTTP/2
mcpuwpsh.com/popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92
ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder/in/click/?mid=3025573105402942755&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=862bc590c16a798f8a80493af71555ee&score=373.69868297753857&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D373.69868297753857%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.16.0
date: Sat, 04 May 2024 18:06:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2

ossgogoaton.com/tag.min.js

188.114.96.1

200 OK

26 kB

URL GET HTTP/2
ossgogoaton.com/tag.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectossgogoaton.com
FingerprintDE:B3:2A:B0:2A:4A:C3:F8:A3:3F:5B:C6:96:E6:F1:41:55:B4:87:1E
ValiditySat, 04 May 2024 10:37:16 GMT - Fri, 02 Aug 2024 10:37:15 GMT

File type
JavaScript source, ASCII text, with very long lines (65494)
Size
26 kB (25503 bytes)
Hash
d8fe6d8977be78f78ee48c068b8c8686
e9c96bfc9bcd374f528f73c0441c2358d6d1d135
43423a879e310562ceed423aa563f4fac45713e6f59b0517d897e2c96a42993b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 75f804f095bd203a11970aa4780913d8
cache-control: max-age=86400
last-modified: Fri, 03 May 2024 05:53:49 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 04 May 2024 20:39:18 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 77233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbsw4twmvAf%2F5DbkWL8aFx2KmWby%2F8e60hPaTp9Tzp0GpOlTZFVVrHKntWsX85AcFo1dirlddfQ2DkoaHwWkQuAExFcT27ysrnir3W3Za4aHKZUVY0tM%2F0hqGO9oJkM2SrI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cd56bb11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels=

62.122.173.28

302 Found

0 B

URL GET HTTP/2
popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels=
IP
62.122.173.28:443
ASN
#50245 Serverel Inc.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpopdemission.com
FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE
ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=373.69868297753857&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Cookie: 849.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 849.0=1; expires=Sun, 05 May 2024 18:06:31 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=00805276252d4c5be7dcd3789b43edf6

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=00805276252d4c5be7dcd3789b43edf6
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
481c6e99c22c2dec226b4311569bc8ff
c414baa623c568b3bf32a8431add77573ed7f2e2
b2fa63063e230f2027f6422b29291f5e38ab7a833d1194ba09cdb855d1adf8e7

HTTP Headers

GET /gid.js?userId=00805276252d4c5be7dcd3789b43edf6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00805276252d4c5be7dcd3789b43edf6; expires=Sun, 04 May 2025 18:06:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

porn13.com/thumbs/AA/Do/g4.jpg

188.114.96.1

18 kB

URL
porn13.com/thumbs/AA/Do/g4.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x198, components 3
Size
18 kB (17477 bytes)
Hash
2e3a76e552b73eb352650cf6fabc1eda
9b89d8ad2511127ba533e7bd95296980853fae10
a3790214e3350c87aa73e6052872be9ef3cd4102fa6baead8ced673557cca4b9

HTTP Headers

GET /thumbs/AA/Do/g4.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 17477
last-modified: Fri, 19 Aug 2022 16:09:25 GMT
etag: "62ffb5b5-4445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 343699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJcWmupZeUy14YovOKn30h02PMn2%2B2vB7Up7Yc0P0hWZMimVgJDgh%2B88CSGEyxyfA1NR%2Bx3iaen%2BYggL1FB5fzQzKev1dZfQt1BtWA1Xs4%2B%2BGGjEXH05yoRLCM22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdbcc5eb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

porn13.com/thumbs/AA/Wn/pT.jpg

188.114.96.1

42 kB

URL
porn13.com/thumbs/AA/Wn/pT.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x198, components 3
Size
42 kB (42041 bytes)
Hash
e8c0bf25f08c870fda507e60005e0686
8e4dc80792ebc32bfc74f7e4b0cb5b3ea3e93bb1
3a8b7696257794aaa82ba4245e64a7279d8dc4e2d0df7abe82ca2d719f72611e

HTTP Headers

GET /thumbs/AA/Wn/pT.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 42041
last-modified: Fri, 19 Aug 2022 16:17:24 GMT
etag: "62ffb794-a439"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 347997
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTE6sl2agwWEI3AgDVZfSwhZft9CPPTuCKtNOLAXxN%2F2BzagPbPF3kxWabbv%2FrU9oVl3hy46IlX7FTXyFUs4POpRNXxphfBaRdTJgssbilQfRdikwh7HTC%2FY4nU7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdbfcafb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22bc3076b2c7917caea283ba67514a00
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e54da55b-9dea-42ca-ad22-8912f24bb312&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b7089723dcdc89304f7dc67189fc7b8
Strict-Transport-Security: max-age=0; includeSubdomains

topsites.hadesex.com/js/utm-datasource.js?v=1.90

188.114.96.1

21 kB

URL
topsites.hadesex.com/js/utm-datasource.js?v=1.90
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Generic INItialization configuration []
Size
21 kB (21284 bytes)
Hash
f9eb7bacc6a92d4e5d1ae8299b53a3bb
3fef0ee46b983203be0c4dfb15a90a29526a391b
6fd474fdf1c98b145149e617ee1a24876332690123ff8c4cd43bbcce7c1b7bcf

HTTP Headers

GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 352129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rCJp6u8rRlpnJEutRP67ehWr2%2FUIwm2LuVDf85gygbvhHoX9X0FB0qaNcna7wXBUumJpNHmMPJtjBQQ5dIaEpCUgI4OLGLT0hIvqbPUjxXC6GfbuuJIP7JgsJNF3wXqIY4bU9Ya%2Fxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cdb6e390b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

porn13.com/thumbs/AA/Wn/pT.jpg

188.114.96.1

42 kB

URL
porn13.com/thumbs/AA/Wn/pT.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x198, components 3
Size
42 kB (42041 bytes)
Hash
e8c0bf25f08c870fda507e60005e0686
8e4dc80792ebc32bfc74f7e4b0cb5b3ea3e93bb1
3a8b7696257794aaa82ba4245e64a7279d8dc4e2d0df7abe82ca2d719f72611e

HTTP Headers

GET /thumbs/AA/Wn/pT.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 42041
last-modified: Fri, 19 Aug 2022 16:17:24 GMT
etag: "62ffb794-a439"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 347997
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vR7zXwjVAWUc9e8Wk%2FNNNYtwxxbV3ODYIiWTQsdezVpnFdV4TUHE4%2FrbbBtzebKIBLqYaQs%2FlS9EdhJ5AJHQhx1K1%2FGmVvZXVztlnEN2jVE0zgRC5aEpZ11owGiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cde5cc85696-OSL
alt-svc: h3=":443"; ma=86400

porn13.com/thumbs/AA/Do/g4.jpg

188.114.96.1

18 kB

URL
porn13.com/thumbs/AA/Do/g4.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x198, components 3
Size
18 kB (17477 bytes)
Hash
2e3a76e552b73eb352650cf6fabc1eda
9b89d8ad2511127ba533e7bd95296980853fae10
a3790214e3350c87aa73e6052872be9ef3cd4102fa6baead8ced673557cca4b9

HTTP Headers

GET /thumbs/AA/Do/g4.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 17477
last-modified: Fri, 19 Aug 2022 16:09:25 GMT
etag: "62ffb5b5-4445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 343699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdT%2B9fc5d0KBgWigeCUP3uHSYXE4NI%2FJ7S47we7GU4LrESA8qFODJTF%2Bb%2FXNLbSi0X6f9Sa9c6wNWtg7xupZfAoHxyd0awMKxT95BYHryONzYzzMgLlKeDaZt8j2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cde7cfe5696-OSL
alt-svc: h3=":443"; ma=86400

aistekso.net/401/5708419

139.45.197.244

200 OK

55 kB

URL GET HTTP/2
aistekso.net/401/5708419
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
gzip compressed data, max speed, from Unix
Size
55 kB (55183 bytes)
Hash
806ebb5740a1c80565bbe575639067ed
c38625b5da39ce91071ecb49ed5b049ab54b3fdd
ab43bc9562a59c48dbea2c7f78e422be9c037e3dc0bd9b735ac1d5cfc95a30df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/javascript
x-trace-id: 4712d47a96bfc4d0666891767eb46977
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03005209af654145ff6bba496778a91d; expires=Sun, 04 May 2025 18:06:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

hadesex.com/thumbs/AA/yL/fI.jpg

188.114.96.1

34 kB

URL
hadesex.com/thumbs/AA/yL/fI.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3
Size
34 kB (33521 bytes)
Hash
752cd3e9680d19a92c60ce01cf5fd834
17c182d1ebb07079e4f3ba6bdc4bbd6922c5516f
ab2a559435256e7e3ccb5269b0ab2b0b0c86bbd89d806f1b8dc8bb74aa557a0e

HTTP Headers

GET /thumbs/AA/yL/fI.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 33521
last-modified: Fri, 03 May 2024 00:42:05 GMT
etag: "663432dd-82f1"
expires: Sun, 02 Jun 2024 09:16:40 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 118192
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmcOgvDBzoz9X3ANcvzp3YVQ4WU1W9JCRYjjHo7idWlct5RI1B1%2F1QWskYM4fSgUIhpLR5W%2FS1%2BNeeOB2OOlDt5gOL1GhgM5DSrcsDMXCm%2BYVJEdop5ElOmMVHy0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf1c7e0b3d-OSL
alt-svc: h3=":443"; ma=86400

hadesex.com/thumbs/AA/62/5w.jpg

188.114.96.1

40 kB

URL
hadesex.com/thumbs/AA/62/5w.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3
Size
40 kB (40360 bytes)
Hash
1b417aaaccda6865698de32d8d9c2463
7db57373d18850a5f772a8387b01b162a9837081
4d7e546f8d9cc2e493b91d41d3f86fabd2fb4ab5c9de2b595193f1603c6c43e5

HTTP Headers

GET /thumbs/AA/62/5w.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 40360
last-modified: Wed, 10 Apr 2024 12:20:38 GMT
etag: "66168416-9da8"
expires: Thu, 30 May 2024 20:14:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 337907
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUUmEXZZu86YDHD8k%2BXAgWpznXDbxh3yAx%2B21o9c02wWfR1JnDM65XXvLcMuS0f7gOf8FAQSzcgb%2FOETDMmqYgIwmkWvwWQNlNHKT%2FGzzgrwBix300bF911WFagyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf8d000b3d-OSL
alt-svc: h3=":443"; ma=86400

hadesex.com/thumbs/AA/N2/yJ.jpg

188.114.96.1

42 kB

URL
hadesex.com/thumbs/AA/N2/yJ.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3
Size
42 kB (41906 bytes)
Hash
eff9da53859d748cf29cef84d6314787
e99af0eaa71a209f85787ede261e0611270fb1c1
49ff2362f89478281b5099047cc0f2ddda8abae2fc9ad6914ec307085851763d

HTTP Headers

GET /thumbs/AA/N2/yJ.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 41906
last-modified: Fri, 03 May 2024 00:33:05 GMT
etag: "663430c1-a3b2"
expires: Mon, 03 Jun 2024 10:17:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 28120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQAMvGBdwKUcXO7PjAdmdXYvu0XR6T1laPm9C6PSLZ9WCkv%2BAMaxDtXsHjbNOaMDP2lvcLZrjtUXw5LO7FAIp3Rs5Z3cIw1gF1FJIT6iHQwU4iTK4jMN2IZHWG74KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf8d030b3d-OSL
alt-svc: h3=":443"; ma=86400

myretrocollection.com/thumbs/AA/xl/sZ.jpg

188.114.97.1

61 kB

URL
myretrocollection.com/thumbs/AA/xl/sZ.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 640x480, components 3
Size
61 kB (61171 bytes)
Hash
aef9f3351dd76be26a042267239ac650
a6e5038903c1250b7ba2a3b056d3c0fbcc36e51f
cc4b8a6429318d2001f5ff15e7089c2dcef0cc6985d200c8544ddcddc8dd3483

HTTP Headers

GET /thumbs/AA/xl/sZ.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 61171
last-modified: Sun, 14 Jan 2024 15:43:33 GMT
etag: "65a40125-eef3"
expires: Thu, 30 May 2024 16:17:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9XcYKPc9zRnW6LrwkVC2qLsDL0EFgizi%2BpJnqiDwOTV9KnNUVgmNqoxPDxtHSc0UvgXCk8FfzTmSzHu1Ou%2Fst%2FyUv%2BMAG5cgZhg5tiZzu3Sw5ws7GRBlxFM9Z1YMzG5yLf%2Bm01TFTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdfd86656a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

myretrocollection.com/thumbs/AA/rc/5Q.jpg

188.114.97.1

95 kB

URL
myretrocollection.com/thumbs/AA/rc/5Q.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 960x720, components 3
Size
95 kB (95015 bytes)
Hash
b39c315b9dd966a4ecf1e036d1074354
c2603211054c12e6d4097863c3386cc59ea55b65
30fb123175d97fcd3fedf093d8e46c5c236c966a20e2c530045c18304c38c8c8

HTTP Headers

GET /thumbs/AA/rc/5Q.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 95015
last-modified: Wed, 31 Jan 2024 16:02:30 GMT
etag: "65ba6f16-17327"
expires: Thu, 30 May 2024 20:11:56 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keCTxQOwCb2hvMx0zI5Q8DDf%2FvkxDVYPJHJL3AOH5urr0thFQA%2FLvz1DcHUc1H%2FzrJKcK%2BUN%2FoJiAcwkXfCuWbTTzupput3ZvclRpzU1UnZk3Hd4Xo894qPBP0YC44Cox0T0i6fDikQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdfd86556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hadesex.com/thumbs/AA/5n/k1.jpg

188.114.96.1

33 kB

URL
hadesex.com/thumbs/AA/5n/k1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3
Size
33 kB (33355 bytes)
Hash
1cd11f9aa2bf866b40bd400ebd619d25
ff28b6c6de251812d9cfa4b5cc9a084613a23485
3953372a397118518dd31899c0f55b6bbba84ccd212e4bfe873ebde39d1ef956

HTTP Headers

GET /thumbs/AA/5n/k1.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: image/jpeg
content-length: 33355
last-modified: Wed, 10 Apr 2024 12:27:53 GMT
etag: "661685c9-824b"
expires: Thu, 30 May 2024 16:17:48 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352123
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2uPyeKrQ9AOKCEjwaSBeiln%2FRbwmJHU15Lpy4Kzn7OReSR1YQ23xbBr1D6SnMDTbOlFLdZi8Izq36avu8kFxezQW%2Bo%2F98C9eYekRldzY9Et4KeyN%2BaeBN5TrmNbSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cdf8d090b3d-OSL
alt-svc: h3=":443"; ma=86400

myretrocollection.com/thumbs/AA/NA/Zm.jpg

188.114.97.1

76 kB

URL
myretrocollection.com/thumbs/AA/NA/Zm.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1058x450, components 3
Size
76 kB (75467 bytes)
Hash
d3dcf3026892e9d09e05dfc80a9318a7
8437224a391618d03d6882a9839c37f880c22bac
11e754a2031d93f77c3e1d1400a763e15c69f739f4f584f2e37db3cf99ead39b

HTTP Headers

GET /thumbs/AA/NA/Zm.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 75467
last-modified: Sun, 17 Dec 2023 15:15:36 GMT
etag: "657f1098-126cb"
expires: Thu, 30 May 2024 16:17:57 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352114
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqJy2mUlrLiqL1NaDqWtaoU2HoQ18oyoBcmu9eXGE5jkte9offIB9E9FdF%2FdoeJ3%2BvRHuWUlZm9luRonHHt29PWQGRw4HjTB9hWX4NcwIpz%2FXPZmDNjCavx2wt6Wq7M8XKdj1Rdf%2Fz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0291156a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

femdomqueen.com/thumbs/AA/HB/gz.jpg

104.21.79.209

65 kB

URL
femdomqueen.com/thumbs/AA/HB/gz.jpg
IP
104.21.79.209:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 852x480, components 3
Size
65 kB (64656 bytes)
Hash
b0a71a8fdcf3a8266f5d1b90026e2d45
3be70d85434ed37f81e4b588cb20521fca55a534
4c5877e3e8b8691addfb7ea3f3367de4d9cdaf930be7402f613b55c064150aa2

HTTP Headers

GET /thumbs/AA/HB/gz.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 64656
last-modified: Mon, 22 Jan 2024 11:32:05 GMT
etag: "65ae5235-fc90"
expires: Thu, 30 May 2024 20:11:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJRb5QvwaDBhV67G9nCXeLOBk6aWsdZJbgcVloiIVmX3VGCPwfNPdos3VvdDLk9E8Azf6dH3p5vTAUus2DJdxuTBn3E7iQpEVkD%2BZW6N%2FB3bA2O1XBSURYvstWaRpd5xFR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce048ff568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

femdomqueen.com/thumbs/AA/ef/4k.jpg

104.21.79.209

56 kB

URL
femdomqueen.com/thumbs/AA/ef/4k.jpg
IP
104.21.79.209:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 27395x27382, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 1022x576, components 3
Size
56 kB (56322 bytes)
Hash
e46b33dd7f0931f2593d5526b46b53f4
a7cd1e399e96df40ff0a8745d93da276691f4048
df74f602f6f66c3a84e9839cc00b8a1e3baf05736350f30222d207ccd41db19b

HTTP Headers

GET /thumbs/AA/ef/4k.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 56322
last-modified: Mon, 20 Aug 2018 13:06:51 GMT
etag: "5b7abceb-dc02"
expires: Fri, 31 May 2024 11:29:28 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 283025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Fkg26CFAtNeqS7%2BOhfU2oSm40PkIRASbbUAcV2UjZzuNqQ3vuZNF%2F5kfwpWUgEySFgWdYIV%2FW6gPeQy%2F2X%2BGh5IXJhtY7HwC8VlcGMX71AvarYgv1JXy%2FN5cYSRJK%2F0lOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce04901568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

interracial69.com/thumbs/AA/st/nk.jpg

188.114.96.1

26 kB

URL
interracial69.com/thumbs/AA/st/nk.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 600x450, components 3
Size
26 kB (25721 bytes)
Hash
1b5b85f280d2684d505f0c144771b215
3c9f843b27d4503fd4d41833cd5fbf4704f4e822
32f77ba71cc72c21c710a01e52ed2b6540cd6a8b3e0f49273e997b8af80d0804

HTTP Headers

GET /thumbs/AA/st/nk.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 25721
last-modified: Sat, 30 Jun 2018 09:27:16 GMT
etag: "5b374cf4-6479"
expires: Thu, 30 May 2024 18:38:16 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVIippabUg0a9mHdBy4DJ162tW6Fe1O5g7QLQOuIwbKPvYsbhsEbHad%2Bs5ESontJJPKY4dIoGoi2orRIkMxtTcHzOzF8jdQwOZUq26MTpnf35WIw5UO%2FL%2FPZfhzVtR8tLvCodw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0dfa9b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

interracial69.com/thumbs/AA/df/F_.jpg

188.114.96.1

174 kB

URL
interracial69.com/thumbs/AA/df/F_.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
174 kB (174301 bytes)
Hash
0e2eb4904271c0975d1cc71512a8104c
700fa8b264bddfe438a79d023a7c0670d4a51fef
caab98e273b5f0aa00c3b1e8b8ea5816fb5291b5f51dd5a8cc84dee8a1b48271

HTTP Headers

GET /thumbs/AA/df/F_.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 174301
last-modified: Fri, 01 Mar 2024 03:42:03 GMT
etag: "65e14e8b-2a8dd"
expires: Thu, 30 May 2024 20:11:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338081
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FAu%2BUU%2BL4tWRxzhGx8r0tR3aar5d1pX10%2BVwMV2neNMg0a%2B%2FoUSTYOC6bMD7Kjmyq%2FCEuXhZQzwCOx1DKxeViwNDlnMj6s9YP6sD9OL%2FymLryBYS0%2BOJvZlvVqh8ONE7Df1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0dfa5b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69ebony.com/thumbs/AA/yp/WA.jpg

188.114.97.1

27 kB

URL
69ebony.com/thumbs/AA/yp/WA.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 640x480, components 3
Size
27 kB (26787 bytes)
Hash
f8b721bd78676febb42c6f212b38fb3b
7ca043267191dcacf72ab242c17f98da5c62b0c1
148c99d50d1743dd2f9265328aa7ff2a930065c7a40ec3df8b4637a64c053a69

HTTP Headers

GET /thumbs/AA/yp/WA.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 26787
last-modified: Tue, 14 Nov 2023 08:07:20 GMT
etag: "65532ab8-68a3"
expires: Thu, 30 May 2024 18:38:15 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4I9qWyoNr3FImPjuOXBuZssgGxZI9EF1I6FwW9Alo0YU4Lg3TgXBu%2BBUbzOVKVpaYgh7%2Fl35AVpGpyK%2BdCpdqtDfyLgpIkl9q9FvX%2FGXOOTwproNglRrqf63CzW3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0ecb9b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gftranny.com/thumbs/AA/89/hH.jpg

188.114.97.1

18 kB

URL
gftranny.com/thumbs/AA/89/hH.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3
Size
18 kB (17659 bytes)
Hash
442082d9a9a019d6bb4d6ec6a4e505e1
a5a889db68dab7bb83ad10081f7bf245d2a03c4f
e70f2f20b952be2c2739b0a9976ff797dd66ba824a3cb8a96afd0811fa79d29a

HTTP Headers

GET /thumbs/AA/89/hH.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 17659
last-modified: Wed, 01 May 2024 03:50:09 GMT
etag: "6631bbf1-44fb"
expires: Fri, 31 May 2024 09:54:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 288723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlRDz5V%2BjTIfllMcuv9Sw9DpASIXFpZUSyBOW91%2Bzg3zep5QJgySaAMVwu6wmF0T6tflNk1XFZGQg%2Bxwqpk7j7QN6qAh58QJRKZtzXYmj%2BgHctBywsE0ft6XatX1Rp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0eede56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69ebony.com/thumbs/AA/GZ/qE.jpg

188.114.97.1

16 kB

URL
69ebony.com/thumbs/AA/GZ/qE.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 320x240, components 3
Size
16 kB (15603 bytes)
Hash
8220721fb3597d785802225efa9bda38
c03ed0c5383da0756cd0064a4f0ee7c60bb8c255
ae6ec51a6554cd4567c1de0492ed294aa1c29f9cb496fb81833005e1512968ab

HTTP Headers

GET /thumbs/AA/GZ/qE.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 15603
last-modified: Wed, 28 Feb 2024 16:33:11 GMT
etag: "65df6047-3cf3"
expires: Mon, 03 Jun 2024 07:05:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 39647
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPgDDhi2nvne0dp0NSDqlcapiYdB9DYiVin0AMBLGUN2HBldPp56kx%2B3hUaeHMG7TBeiH%2Beo5xHrLGLkKlKs5sn4gXSPwFKqA81SA1BQYuKWurQTCYOCBv9iq4YMHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0ecbbb51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gftranny.com/thumbs/AA/fw/P0.jpg

188.114.97.1

20 kB

URL
gftranny.com/thumbs/AA/fw/P0.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3
Size
20 kB (19745 bytes)
Hash
98622c7f0c1ceb391999dfd4de2a4a00
6ba980bf9b47980249b59f769859675484a51fc1
e4008e753cd0c50eb38c97c57457d45d5dc9060d951baf341491b872099fbc8e

HTTP Headers

GET /thumbs/AA/fw/P0.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 19745
last-modified: Thu, 14 Mar 2024 14:13:08 GMT
etag: "65f305f4-4d21"
expires: Thu, 30 May 2024 18:38:18 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKQPH%2FChknXCOQlFhHQBEBWCaNjlcE5fRGXkAlLqjq7pe1Me5Atg%2Fwh9foOc5SLPYsrK5fh%2Bifm1T22HWk4qw%2FUM%2BmV5CmmAdhXmjj20wkGmtAygZuWWhm9UxXua7Ic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0eee556c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

interracial69.com/thumbs/AA/7G/Qf.jpg

188.114.96.1

66 kB

URL
interracial69.com/thumbs/AA/7G/Qf.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
66 kB (65524 bytes)
Hash
4aa6a884a95006b07d380f25c49ff514
639a82510172fddaa19edc10ef2e43561521415d
c2b4682841961b07154d92481a375b477c6b3e1ff0aa21d3696759899d6d6440

HTTP Headers

GET /thumbs/AA/7G/Qf.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 65524
last-modified: Fri, 15 Mar 2024 14:25:41 GMT
etag: "65f45a65-fff4"
expires: Mon, 03 Jun 2024 00:25:05 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 63688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFw2%2B41NQnr3MkBA0JXGpadOvcGqJXun8f%2FddnhM%2BFO3NJv%2Bmt43PaBghXnbnWDWs4o0r9VzpEmHejBfSEUj4%2FYIVj3sq4JiDPM%2B6n0KNah3Yf1QhVzM3RMtJllVIlIZI9QOiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0dfaab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69ebony.com/thumbs/AA/1z/_P.jpg

188.114.97.1

288 kB

URL
69ebony.com/thumbs/AA/1z/_P.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
288 kB (288381 bytes)
Hash
03c7a52d867d1821dabbd607b472334c
dfcb156529387624cdfaac36207cd00d055430a6
9e1982c4cf6c7163a07df61029f09b4f588b4722c58389a60919cb6eeb293e45

HTTP Headers

GET /thumbs/AA/1z/_P.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 288381
last-modified: Tue, 14 Nov 2023 08:17:10 GMT
etag: "65532d06-4667d"
expires: Thu, 30 May 2024 20:11:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338078
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0xrmGwpZOvq1NZY%2F8m8Sgsd947kgdVewxmJ03PWqpl%2FXzoqhbTMnrSjZ4kdWuZ9SP0i6Blx%2B4mWxi9YdILCR2jq3lqspU3syyi6%2FXqxq9%2FeA8BZh%2F%2B258F3%2F4LmKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce0ecb8b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69ebony.com/thumbs/AA/Ar/tR.jpg

188.114.97.1

94 kB

URL
69ebony.com/thumbs/AA/Ar/tR.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
94 kB (94022 bytes)
Hash
cae8a97a867412a5d55f7f67b732bd80
28b84e2dcc964892e1bf3f591419ed9814b6b382
3305ebc505be119c037b4e3c7dd7d928d01ab5125068f66363d3de8683fe6125

HTTP Headers

GET /thumbs/AA/Ar/tR.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 94022
last-modified: Tue, 19 Mar 2024 17:11:25 GMT
etag: "65f9c73d-16f46"
expires: Thu, 30 May 2024 20:11:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338079
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NNdBeYgbSLnz%2FkGtxv2oBvqhUno1NCSvrX4dVY6Ma3ZKc14xTIvgmq2aE49Y8Vh8bjWaOGnCnQDYRrv1cp47Ey7KV45Ksq3zIZZPuIiRZhv65UKC2q76MGvSbT9qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce1bdf3b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69lesbi.com/thumbs/AA/n0/m6.jpg

172.67.212.50

49 kB

URL
69lesbi.com/thumbs/AA/n0/m6.jpg
IP
172.67.212.50:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3
Size
49 kB (49025 bytes)
Hash
2bf48be9b4af401bf6150f944d46a6ce
545ced166d8b0c12d92427bf7d2cfe86d5f41e6d
67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e

HTTP Headers

GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRm5Zet3nH%2BLugq8s%2FpJ29a77UdGFqXc%2BEts5%2Bv6wal7y0th%2BWrISJvfEBgDEFp8HIBCuvg3LwR%2FxNXfGLRE%2BAw5Ki2wWKqiFevBkle%2FSvSKK29uJubaYpPezjj3jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22ecd56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lovefootjob.com/thumbs/AA/JE/tE.jpg

188.114.97.1

107 kB

URL
lovefootjob.com/thumbs/AA/JE/tE.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
107 kB (107120 bytes)
Hash
24adcb7e287d8786a0bc83a386ef02d7
c9496020f4cc92442594456e3cc473c57c205b10
f6256a3bdc6fad5b489f0c1d6029992dd2229905d5051e4e6e64aec81124e3d1

HTTP Headers

GET /thumbs/AA/JE/tE.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 107120
last-modified: Wed, 28 Feb 2024 16:15:43 GMT
etag: "65df5c2f-1a270"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 347997
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxVWPmf28CWe4B9zQ9mjtcd6Wra3ddCQDvM5aizXrV1%2FFRdrw4p1ouPVKL00MZucN10rRv06VaH9dguBUo5vH5nAoweBRv9iU%2FlffpIClnq9xcTPrxnzSMXJDDyaWRkQECY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22a5bb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lovefootjob.com/thumbs/AA/9X/4I.jpg

188.114.97.1

25 kB

URL
lovefootjob.com/thumbs/AA/9X/4I.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3
Size
25 kB (25296 bytes)
Hash
73f71341cf4be9aa3dceddd02655661d
392820d89ed970a13af645612eb7404f27aa965f
1a865253447a81e92f47a7b26fcfab9162b9d7bfb50f5b4daf5ff16baa7f9840

HTTP Headers

GET /thumbs/AA/9X/4I.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 25296
last-modified: Wed, 28 Feb 2024 17:02:47 GMT
etag: "65df6737-62d0"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wR3nta7PYKcTum61Y6YRwo%2FIEbnYCDT0h7wyNl98dYiU5kOg4o1NLhFvhEwfuv3wMftOMbD3xrS6Dt3pv0LbLTq5owI2V%2FS1XXaciaSeaTjq4BYCGXS1AWE9jsAxiqTa7Yg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22a5db4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xcumwebcam.com/thumbs/AA/BG/0O.jpg

188.114.97.1

95 kB

URL
xcumwebcam.com/thumbs/AA/BG/0O.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 255x254, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 1268x720, components 3
Size
95 kB (95265 bytes)
Hash
bb595d07212cf0c8a43b6e0827306632
2bb1739de5de9423a4efcdec8c043d5bf05809f7
4936297287cd06aa283eb2fa40abde58eb16146864e99f12c538f2d5c33f9642

HTTP Headers

GET /thumbs/AA/BG/0O.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 95265
last-modified: Wed, 28 Feb 2024 19:52:43 GMT
etag: "65df8f0b-17421"
expires: Sun, 02 Jun 2024 21:57:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 72573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziWp1ieRo5kmtoQUjX1PU6fGS0VOQ9d9a34pCrYkacibwo5J9%2Be69t9uUZprTPGochT8Mn281GJJLX%2BYoS1G56ZAIpuQefLWoCT%2Bd3fsE4sXKEsIt4Aqo2dwM%2B%2BoXDru9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce239da56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69lesbi.com/thumbs/AA/Uk/cQ.jpg

172.67.212.50

203 kB

URL
69lesbi.com/thumbs/AA/Uk/cQ.jpg
IP
172.67.212.50:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1784x1004, components 3
Size
203 kB (203147 bytes)
Hash
2cc8cce560d29995243fc2aa48c17ee3
a91c085a839bea85fb1b4cee92d4246280f6c72f
77b4defc6e00089ca8aad82935d59460f401d15c4a382c910cd60849bcc1f298

HTTP Headers

GET /thumbs/AA/Uk/cQ.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 203147
last-modified: Tue, 05 Dec 2023 09:53:08 GMT
etag: "656ef304-3198b"
expires: Thu, 30 May 2024 16:17:38 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5XAlQDzP8EIIl6wdYDvr8NbLDjntAlPY0zZ2HkNwcYg5PorfGEjbdf%2FAtMeBvKUK6G4RIWyyk%2BdAQnXMoznpvIvFO4GuixODqQTaYxDbybLqW0%2ByBscsgTFwopyOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22ece56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lovefootjob.com/thumbs/AA/17/LH.jpg

188.114.97.1

178 kB

URL
lovefootjob.com/thumbs/AA/17/LH.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 852x480, components 3
Size
178 kB (178203 bytes)
Hash
c1b5eeca4725f5c0ed8ca6a82097a0de
424b70e2c133449badacf11b32b3e4a145c69137
5ba32bf15cbe9cbb2bd8c99b35314073ca6ca5ba38f3882467f275c677ac7469

HTTP Headers

GET /thumbs/AA/17/LH.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 178203
last-modified: Mon, 09 May 2016 00:25:07 GMT
etag: "572fd8e3-2b81b"
expires: Thu, 30 May 2024 20:11:48 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338085
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=op1WQJDW2KMGzZuLsOXpbUsj6m87uJlxh%2FwtIABmHG1feo9gqr5s8NTnPc2F16p2U7%2B32Em9emVikac7C2UAp24%2B%2B0m2O04Rq8Mg9yTO3jLmrlCTwD8T1NR8A55IKBwu%2Bzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22a60b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

groupsexxx.com/thumbs/AA/17/Iu.jpg

172.67.188.32

89 kB

URL
groupsexxx.com/thumbs/AA/17/Iu.jpg
IP
172.67.188.32:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 1280x720, components 3
Size
89 kB (89035 bytes)
Hash
bd8bd08d73c81a141d6de394d7fa0481
dd4516afcdfa9c3f45f9d554a587523c790f0f6d
b185952d445bf6252ca80a6511a571f78b29935f6dd9d67478c0a10f5367faee

HTTP Headers

GET /thumbs/AA/17/Iu.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 89035
last-modified: Tue, 14 Nov 2023 08:13:52 GMT
etag: "65532c40-15bcb"
expires: Thu, 30 May 2024 16:17:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UB2sKK1uqqilgyDniLUDW7pvZhSiOSAdkU7ulqGdVLYtMCkkT9H6P%2BUuqRkEpiYkR%2FeH1nf6uxTOKtD88Y8%2FNKptnu5pQ%2FxKpQSd4EXLQKLspmCJO5VqfM9DsPnsqvtAIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22fd85699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

groupsexxx.com/thumbs/AA/Fp/LQ.jpg

172.67.188.32

299 kB

URL
groupsexxx.com/thumbs/AA/Fp/LQ.jpg
IP
172.67.188.32:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
299 kB (299241 bytes)
Hash
bfef495de2a253234039f69a0b5d433a
38a4db2a3d7259b1b068ba8e978acfb29b37f7b0
20decf461c72462f775c094d5ac989a5af760278aa58d70ca76455b59fab5e23

HTTP Headers

GET /thumbs/AA/Fp/LQ.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 299241
last-modified: Sat, 16 Mar 2024 17:10:03 GMT
etag: "65f5d26b-490e9"
expires: Thu, 30 May 2024 20:11:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 338082
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FI%2B4EPGDef%2B1r4rhBitUPZZxLdqAlZhfxbqGkmIMWmZJU6kE1KPrkL39bsSSFU62yvvsZ45Nho6suK25SSNL5k%2FjqAWPpwQ8yeqg1MlL6ZfAi7FeQgCYTDidoXtLThjXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22fd15699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

groupsexxx.com/thumbs/AA/qx/4M.jpg

172.67.188.32

98 kB

URL
groupsexxx.com/thumbs/AA/qx/4M.jpg
IP
172.67.188.32:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
98 kB (97802 bytes)
Hash
59b268faf407fff82b94b9bd7f9ea8e3
423ebe432d1edebbd161444f6cd1e98950d9a835
0c2d7666623f67566b0177f03b7caaeb44289026cb0f71ad0339880c56d4d5c3

HTTP Headers

GET /thumbs/AA/qx/4M.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 97802
last-modified: Wed, 01 May 2024 00:31:18 GMT
etag: "66318d56-17e0a"
expires: Sat, 01 Jun 2024 01:07:34 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 233939
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=somDIGvdd2V4%2F6QrToBzTJKvw9VJptJKReohvDG9c1P3OYtPU7M%2BOXJyq2l1O13xNqZ%2BfjS9fDRO1BMr7D1a7OhE3R%2FJ6b2q4t2Ha5aFVr8i7w33NraMbmGfaab7Wojd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce22fdb5699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

myretrocollection.com/thumbs/AA/NA/Zm.jpg

188.114.97.1

76 kB

URL
myretrocollection.com/thumbs/AA/NA/Zm.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1058x450, components 3
Size
76 kB (75467 bytes)
Hash
d3dcf3026892e9d09e05dfc80a9318a7
8437224a391618d03d6882a9839c37f880c22bac
11e754a2031d93f77c3e1d1400a763e15c69f739f4f584f2e37db3cf99ead39b

HTTP Headers

GET /thumbs/AA/NA/Zm.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 75467
last-modified: Sun, 17 Dec 2023 15:15:36 GMT
etag: "657f1098-126cb"
expires: Thu, 30 May 2024 16:17:57 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352115
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtkXshpYS1%2FYyxUlF0HndLOX1oto15VzXMFUSYemX6BoHlMAwRclaqQFDzwd%2BozKxWaWsTR%2B0bOQ5lpIsjrQhsP7KOQY2k59DwRju1yYsRx43Or2lbaif5QPzSDD9cujX%2F88KA5B1V4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3aec556a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gftranny.com/thumbs/AA/1u/zp.jpg

188.114.97.1

15 kB

URL
gftranny.com/thumbs/AA/1u/zp.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3
Size
15 kB (14796 bytes)
Hash
9e33c9c0a5f7224720c1f5991d006b32
371ebc9f3d6b1636119b9820d5a4a5604132f63f
4b3e1b1a2d400081915796037dc76718796b1195810f10da1ee5fa57be89de72

HTTP Headers

GET /thumbs/AA/1u/zp.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 14796
last-modified: Sun, 11 Feb 2024 06:58:44 GMT
etag: "65c87024-39cc"
expires: Thu, 30 May 2024 16:17:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352121
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RfcfV0MRoLxwTE2Y8oaBtKFwFZf7XoucimXUp%2BX7KJswLj9C0hTwuC9FMRYtwsOjxKTQhoqA6471FXiOzGY%2FiidX7N6Vurpv6eAmft9pw5mv7CiNdSjF%2F3PFudpv9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3ab2756c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

topsites.hadesex.com/js/utm-datasource.js?v=1.90

188.114.96.1

96 kB

URL
topsites.hadesex.com/js/utm-datasource.js?v=1.90
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
Generic INItialization configuration []
Size
96 kB (96365 bytes)
Hash
f9eb7bacc6a92d4e5d1ae8299b53a3bb
3fef0ee46b983203be0c4dfb15a90a29526a391b
6fd474fdf1c98b145149e617ee1a24876332690123ff8c4cd43bbcce7c1b7bcf

HTTP Headers

GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 352129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rupcNs8vFR3Rk2NmJZTBtukDGd89pVXM%2FylukzClc7hKC6FK0rZRC50cW%2Bp3GLZgl2ObIwX3spdj8noG626p7wOXJ9VBpkcUwqfw9XSdCbulz0r2nWkkJYdaH5F5MT7bXy9WCaRFjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cdb5e110b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

interracial69.com/thumbs/AA/7G/Qf.jpg

188.114.96.1

66 kB

URL
interracial69.com/thumbs/AA/7G/Qf.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
66 kB (65524 bytes)
Hash
4aa6a884a95006b07d380f25c49ff514
639a82510172fddaa19edc10ef2e43561521415d
c2b4682841961b07154d92481a375b477c6b3e1ff0aa21d3696759899d6d6440

HTTP Headers

GET /thumbs/AA/7G/Qf.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 65524
last-modified: Fri, 15 Mar 2024 14:25:41 GMT
etag: "65f45a65-fff4"
expires: Mon, 03 Jun 2024 00:25:05 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 63688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZH86veC3l1B0WULloAZeax6et5opGDnzit85quxV%2BLylRQHCdl5ImTIlqoRX1TFjC7tVIpBYrBGQjMV6obQf8wyEpguZv6eiapXmUygkMT4j0puma1gPqded1Dfft9UlW9v1Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3fe33b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

69lesbi.com/thumbs/AA/n0/m6.jpg

172.67.212.50

49 kB

URL
69lesbi.com/thumbs/AA/n0/m6.jpg
IP
172.67.212.50:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3
Size
49 kB (49025 bytes)
Hash
2bf48be9b4af401bf6150f944d46a6ce
545ced166d8b0c12d92427bf7d2cfe86d5f41e6d
67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e

HTTP Headers

GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 343693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvdjUi37JPPm5UGoq9YNOLLwLY3d4SeAbe5ZmvCUG%2BGONnHPEbbLTq%2BhzdpnJE%2FZzNnx3YdUjiQHVupvFvfek5wspo6E%2FIhsfuhlJhoqKmkWWEo16OXaMy3y2b7Reg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3a92e56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

femdomqueen.com/thumbs/AA/ef/4k.jpg

104.21.79.209

56 kB

URL
femdomqueen.com/thumbs/AA/ef/4k.jpg
IP
104.21.79.209:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 27395x27382, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 1022x576, components 3
Size
56 kB (56322 bytes)
Hash
e46b33dd7f0931f2593d5526b46b53f4
a7cd1e399e96df40ff0a8745d93da276691f4048
df74f602f6f66c3a84e9839cc00b8a1e3baf05736350f30222d207ccd41db19b

HTTP Headers

GET /thumbs/AA/ef/4k.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: image/jpeg
content-length: 56322
last-modified: Mon, 20 Aug 2018 13:06:51 GMT
etag: "5b7abceb-dc02"
expires: Fri, 31 May 2024 11:29:28 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 283025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMzmqZizViCQR0hPAB860WA08vxhPmXAurodv7Dkm9blrcVTa8dA9FFKElVViBrJ2LbovlnoHBGGFevOuqY0dXFiTJE3J6ULXSBwKOMcqEAzVpvksBnwV70%2F90%2Fueh5lwy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce3ad0d568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1502ae11-521d-457a-ada1-b49ddee32e81

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1502ae11-521d-457a-ada1-b49ddee32e81
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1502ae11-521d-457a-ada1-b49ddee32e81 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1403
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 18:06:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

aistekso.net/500/5708419?excludes=&oaid=00805276252d4c5be7dcd3789b43edf6&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0

139.45.197.244

200 OK

0 B

URL GET HTTP/2
aistekso.net/500/5708419?excludes=&oaid=00805276252d4c5be7dcd3789b43edf6&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/5708419?excludes=&oaid=00805276252d4c5be7dcd3789b43edf6&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:34 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://videzz.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg

104.22.33.172

200 OK

12 kB

URL GET HTTP/2
offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
12 kB (11455 bytes)
Hash
59d005e99dabed8d7a753617b9dfe4d6
5b4b05e20f8496be4f1f8d9e93adc1e1ccfbe383
d09719c31f8376e40f2a23e1e9833214527ec837e61e2e715752d58a1154bd31

HTTP Headers

GET /www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:34 GMT
content-type: image/jpeg
content-length: 11455
cache-control: max-age=86400
cf-bgj: h2pri
etag: "631844d9-2cbf"
expires: Sun, 05 May 2024 15:49:27 GMT
last-modified: Wed, 07 Sep 2022 07:14:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 8227
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ceb189e92c8-CPH
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843z8832020053za200&_p=1714845988057&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=error_network&tfd=7493

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843z8832020053za200&_p=1714845988057&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=error_network&tfd=7493
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843z8832020053za200&_p=1714845988057&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2030832543.1714845989&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714845989&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&dt=Vidoza&en=error_network&tfd=7493 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Sat, 04 May 2024 18:06:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

42 kB

URL GET HTTP/2
videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (42324), with no line terminators
Size
42 kB (42324 bytes)
Hash
764aafd976dd9cd9f33279bfafa02908
e9ad856ec00bccfdcbe17b79113681685c943b8d
2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:37 GMT
vary: Accept-Encoding
etag: W/"662ca99d-a554"
expires: Mon, 03 Jun 2024 17:59:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/embed-c32aq2yhm77r.html

78.142.18.54

200 OK

32 kB

URL User Request GET HTTP/2
videzz.net/embed-c32aq2yhm77r.html
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
HTML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators
Size
32 kB (31671 bytes)
Hash
a33d4dd7f6e7ce0837d2d3ec5d0bb1a2
ca63dd7e729953180ac46191884f645c9c5ef88d
1c33fa45220a17c232c1bd8f9e8b4433c6a2c3bcb9ded1b25a2b14c98b4ba452

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /embed-c32aq2yhm77r.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Fri, 03 May 2024 18:06:27 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Fri, 05-May-2023 18:06:27 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1

95.211.229.247

302 Found

961 kB

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintBA:AA:AB:1F:22:EF:D5:0A:2D:0C:D0:E8:1C:F5:D4:F5:29:2A:0D:5D
ValidityTue, 30 Apr 2024 07:53:35 GMT - Mon, 29 Jul 2024 07:53:34 GMT

File type

Size
961 kB (960672 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266367926f333e6.761464332405032564%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2266367926f333e6.761464332405032564%22%3B%7D; expires=Mon, 04 May 2026 18:06:31 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C66367926f333e6.761464332405032564%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714845991%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cc7c78eaf8b1648f55b0664813f37121e%7Cok%22%7D; expires=Fri, 02 Aug 2024 18:06:31 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A
Accept-CH: 
X-Robots-Tag: noindex, follow

videzz.net/favicon.ico?v=2

78.142.18.54

200 OK

1.2 kB

URL GET HTTP/2
videzz.net/favicon.ico?v=2
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
07075ddac650ad1577e310576f4ac231
1c8f551262fac5a047a268b82fa932c405ab13ff
c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1; file_id=38018298; aff=174908; _ga_HEX1BG8H46=GS1.1.1714845989.1.0.1714845989.60.0.0; _ga=GA1.1.2030832543.1714845989; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; dom3ic8zudi28v8lr6fgphwffqoz0j6c=e54da55b-9dea-42ca-ad22-8912f24bb312%3A1%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=dismaytestimony.com; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:30 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:27 GMT
vary: Accept-Encoding
etag: W/"662ca993-47e"
expires: Mon, 03 Jun 2024 18:02:24 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=65

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=65
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=65 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

myliveforyoudreder.com/vidozza.js

172.67.151.245

200 OK

1.6 kB

URL GET HTTP/2
myliveforyoudreder.com/vidozza.js
IP
172.67.151.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectmyliveforyoudreder.com
FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7
ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1742), with no line terminators
Size
1.6 kB (1615 bytes)
Hash
1b10623dcc365c3e40aa543ee9be6c3d
ee99261cffbbf896eba3c60d867480042fbaadc5
54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f

HTTP Headers

GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2U7w5DrL%2FhBtkWWfl%2FhjMvnX5z%2Fj7HnyGPOOUoGyjA3%2BJMR847J3DWQmy4p2Sk6FGhytV3vnYysY8Vak2QH5IefUvB9iaRO8vWdvy7wv0z8jD5XCnx2JfKi3RMva8jHC5SuM%2FcMVk7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cc4d810b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A

66.254.114.234

200 OK

961 kB

URL GET HTTP/2
tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type

Size
961 kB (960672 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrorsunr4ooo3rjsrmprpoonplqlonqrpdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU201XXTOc6V0rpXSuldK6V0rpXSu1s1st3z4t0mrpt4qq0lrrptmo4osmnm3cH2A HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2BBAC8801A06E4C00328FB6E417D184F1A0AA0A5436329F934B198C27E00
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 281681
x_ats_instance_type: tour
etag: W/"ea8a0-rxqvTtPVpxi8A8DuFlp2YZjPDuo"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE0OTUzNjAwLCJpZCI6MjgxNjgxLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.ZK4G2GiLhQDQk6ci34J39Qilaxyb7U7C7sZZwUNsCe4; Max-Age=86400; Path=/; Expires=Sun, 05 May 2024 18:06:31 GMT
__s=66367927-42FE72EA01BB7E0DD-574F5;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/whatsapp.js

172.67.39.148

200 OK

1.1 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
d822c46f36a55fdbfcc5029e62e19937
c575da68fa99eeb33863f281395755cbf20004d4
062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSU96ixWaD28Nb8I9Aj5jZKa%2BNYvW5VNkLrER1jYJS3ugzz7lGmzEIqiV3kXv434fWEdsYyUJ20xzAKnVVSufqyGQTOoBYND5UVCAwOpt8%2F%2B06wSA2ntzjWDOs%2FtjtYxzfNBdlx7"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24896
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc4c96c1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

140 kB

URL GET HTTP/2
videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type

Size
140 kB (140132 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-22364"
expires: Mon, 03 Jun 2024 18:04:33 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOa2Fvf3FektXtO%2FGW7q9tO9imUoyDwB%2BiC1DDPUT%2FnJxjM5wXmiiPQU21oz%2Fv0lfeyn%2FJERbmQIhdJqEtduUBRiJ9eDzOkLn8fnKPrMUufhw0FlcM5YsZEQHwAkP0is6cIb4uePD1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3483956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

allvideometrika.com/f.php?sid=212515

188.114.96.1

200 OK

0 B

URL GET HTTP/2
allvideometrika.com/f.php?sid=212515
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectallvideometrika.com
Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13
ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0uJJniO0RVrPMAbKVMTA2BE%2FRgY5tNCs%2F%2Fl24Qi1tVSk40Hk6lJgUcwPv4OheaHJGS3NG4LpSHVsnsLjMcjfuBImLEgmqSenwmzAaTRdLcuZ4yuogTJuD581H15OpBZecXcrBQs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc72fb80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c

142.250.74.168

200 OK

275 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
275 kB (274624 bytes)
Hash
52cb8aaa7bd47e65fd8537712e19e2d3
bad2016be7f852ccf0285ec4333380c87f52158a
0310dec94b61c898c72be346862713b01d87e94229117b7f0e81613be4aabb35

HTTP Headers

GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 18:06:28 GMT
expires: Sat, 04 May 2024 18:06:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94573
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bid.bidclickmedia.com/sub/Zj8D76R

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Zj8D76R
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
aa39ce14ee4ef59a81b3b1ccc7c20cfb
4037f87db53a18212b896cbe7dc03404833bd9f4
5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68

HTTP Headers

GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lk8XBSa04GF4U8zH%2BK6cg27y0jsS65G9rimor%2F4onk8g7CTMCEaV9CTtR%2BnSWaQKOr8K99Vgg3tgFKQyIqHfhhLDnZpXAzShTMt8iqH303sH2CKtJuvCos4kM1VtZyA%2FtZQahO0GNEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3585056ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419

139.45.197.236

200 OK

94 kB

URL GET HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
94 kB (93621 bytes)
Hash
3c6c086a886c82bc63923629afb19046
ad359eb06090823bda8ebbb2d0f4302816b44112
3b5dc02a498450ede4c084917209ba2931f0fdb949992d180c1259ab8136a703

HTTP Headers

GET /apu.php?zoneid=5902452&var=5708419 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:34 GMT
content-type: application/javascript
x-trace-id: c5864c57c1228b0bd54eb94e0a089f3e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080524e145e4229e0fb89de93524e4e; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
oaidts=1714845994; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/telegram.js

172.67.39.148

200 OK

360 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/telegram.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (370), with no line terminators
Size
360 B (360 bytes)
Hash
d455b7099e753a3680d5e481a7b56a9d
146fdec3f2e51dabdd15fc8acda6d73823b0d44d
4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a

HTTP Headers

GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMJGe1UEbwEs5HbBF8m%2BObmMrUHG3OMVxSIiGFVJ0SBsWQtY4ktOVYoKCkEfNMvA2hFAWUXImpgCZn%2FIPhH%2BmAGHYgiMjn5Ua2dPP6e4%2FusvRjDnGR%2Bq0snIiikFzrjU%2FXCNvb6W8C6UnsFjYJvUV0rv"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc499281c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465

109.206.181.2

200 OK

5.5 kB

URL GET HTTP/2
meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
IP
109.206.181.2:443
ASN
#50245 Serverel Inc.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectmeetbenjen.com
Fingerprint6F:0E:74:E5:CA:A4:DB:42:D9:1B:66:1B:AB:A6:18:A4:80:FA:E1:32
ValidityTue, 09 Apr 2024 22:46:15 GMT - Mon, 08 Jul 2024 22:46:14 GMT

File type
HTML document, ASCII text, with very long lines (5565), with no line terminators
Size
5.5 kB (5467 bytes)
Hash
a18bc7768222cb1f76ae5bb9c3580ff5
0e0881c0a9b97612a5aff67cd85ac42fc1b3489b
ecfdb09b230aabfe691fa772dfeaa7d4335e3bbecc9aa31413e46f9c0abaf48d

HTTP Headers

GET /in/p/?spot_id=560254&cat=25&sub_id=761082465 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:30 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Sun, 05 May 2024 18:06:30 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

veepteero.com/88/104

139.45.197.242

200 OK

3.0 kB

URL GET HTTP/2
veepteero.com/88/104
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3232), with no line terminators
Size
3.0 kB (2974 bytes)
Hash
ddc5e30ff5d5b7221ffb387a6e54d946
40c6be50cdc1cb229766a9d5a3cd9e8fbdc117c0
7e7e808f90adf8cd57703a702dd1a9e9e245bc857a8e84d5884ded455a1fb456

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:31 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

4.5 kB

URL GET HTTP/2
videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (4724), with no line terminators
Size
4.5 kB (4483 bytes)
Hash
f3ccae55608834d0e7acfde8a7235903
16cd94840b9d0105558c5f8b26ac51845d84bb2e
8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-1183"
expires: Mon, 03 Jun 2024 17:56:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e1f1bd0352b48c123f04825a8055f09f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 18:06:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxp05B6kHsxgUCWDNlB%2BSH5kirByZtWywf0W2kpe4e4hzY%2B98WsbY6csynpCBHDEKeqqadcaMisYyoda5%2BsssNFFdV%2B5tpK7NyD0U38nG8O2yVLjj4ZyNrjsUv8cmgAp8RRlrIbkMVk0SJliqwi8kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cc8ad980b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lavendertyre.com/pixel/purst?dl=0&th=0&sc=0&rs=2224&rd=2224&fd=720&bv=24.5.6485&tmpl=136

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
lavendertyre.com/pixel/purst?dl=0&th=0&sc=0&rs=2224&rd=2224&fd=720&bv=24.5.6485&tmpl=136
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectlavendertyre.com
FingerprintB4:92:8C:C7:AA:1D:22:5D:74:7B:4B:55:10:CE:60:FF:C4:BD:D6:7F
ValidityMon, 29 Apr 2024 12:53:26 GMT - Sun, 28 Jul 2024 12:53:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2224&rd=2224&fd=720&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: lavendertyre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 18:06:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg

172.67.141.24

200 OK

1.3 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
24937fd159a21f2e91207d5788e86c70
1b07e0334cc16c5cd659de56314bd2188e3a82f9
b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 347973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nei2kJWWPJCaa5I%2BZ%2B9QHqPJROoy2u%2FLrc4R9F1pXvk092pEy5DelYiHMVyiTVYWUFNULOFTqipNlQsNIzVR7NwlIqtHsouLHDzcw0AH2T9kiEHvVmQC8d88FqLYYg2MmShauFtVufmr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccd6c18569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465

109.206.181.2

200 OK

5.5 kB

URL GET HTTP/2
meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465
IP
109.206.181.2:443
ASN
#50245 Serverel Inc.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectmeetbenjen.com
Fingerprint6F:0E:74:E5:CA:A4:DB:42:D9:1B:66:1B:AB:A6:18:A4:80:FA:E1:32
ValidityTue, 09 Apr 2024 22:46:15 GMT - Mon, 08 Jul 2024 22:46:14 GMT

File type
HTML document, ASCII text, with very long lines (5565), with no line terminators
Size
5.5 kB (5467 bytes)
Hash
a18bc7768222cb1f76ae5bb9c3580ff5
0e0881c0a9b97612a5aff67cd85ac42fc1b3489b
ecfdb09b230aabfe691fa772dfeaa7d4335e3bbecc9aa31413e46f9c0abaf48d

HTTP Headers

GET /in/p/?spot_id=560254&cat=25&sub_id=761082465 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:30 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Sun, 05 May 2024 18:06:30 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/js/videojs.stm.5.min.js?0.533320839847953

78.142.18.54

200 OK

7.2 kB

URL GET HTTP/2
videzz.net/js/videojs.stm.5.min.js?0.533320839847953
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (7493), with no line terminators
Size
7.2 kB (7205 bytes)
Hash
559fdbbfb2f700ef277f69b35a097d54
df1d4bf430b37e066e4e3187d621c954d581c160
d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.stm.5.min.js?0.533320839847953 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-1c25"
expires: Mon, 03 Jun 2024 18:06:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2

topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254

188.114.96.1

200 OK

35 kB

URL GET HTTP/2
topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjecthadesex.com
Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A
ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
35 kB (34934 bytes)
Hash
43ec678415c61f890d9681a720878538
20053769f7a0be4a625d753d50f86c24f2dd7298
3a94327f87bc09522b7333e3bb2d75a3c6023d58d7112b45d84d0750514dccca

HTTP Headers

GET /?source=761082465&site_id=560254&spot_id=560254 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 0dc162375b8133a2efcd45b983255e71
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SAGxuhNK2GD7SAS%2Bh3KFXUONLBQSJzH9faohL1Szvv4A6lS6q%2Fab9398Psh%2BueaggBK8OcYSgwRgZt%2B8alekzUUSUsPx2CEO19FNs82TviM%2BJGaApnFkxWRbzY9JHUZfzsNCtTgkRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cd72a2556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.11.245

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:33 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOs2L21jtb3eGSQCVmLKz21k%2BTtd7F%2Bo6qhITfRBDmwH194Qip8dbHfCJTqSecdV6rd5IljXDMxWHsfJfnIb5tsOAMDRaEoxRL%2B1tVCXB2YwxpGs7RejZFkjZgJgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ce4adf9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/twitter.js

172.67.39.148

200 OK

645 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (655), with no line terminators
Size
645 B (645 bytes)
Hash
671b3272826b2e03f7f5ecc6846a4f83
bcd620154cd6381ddf84b4e17e53ad716f3acbea
b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggiKokhYH%2FRwG5kRNsQxxkES41zx0pRhTrFCFihLqsTSZDy5P6xBR0gPdEzsNoj600eU8miSvk2pNojpOEm0ToV01dZ%2BWv9rYzF%2F0crLCtKrUyFE67PnrnzZvkmGvUV%2BiiVGrF6naj2jHKv3CePNqH%2B%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc4b9561c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4

0.0.0.0

0 B

URL GET
cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 HTTP/1.1
Host: cache62.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:28 GMT
content-type: video/mp4
content-length: 244385842
last-modified: Fri, 03 May 2024 17:15:43 GMT
etag: "66351bbf-e910832"
content-range: bytes 0-244385841/244385842
X-Firefox-Spdy: h2

videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

416 kB

URL GET HTTP/2
videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type

Size
416 kB (416358 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-65a66"
expires: Mon, 03 Jun 2024 18:04:37 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

cache62.vidoza.net/i/01/07603/c32aq2yhm77r.jpg?v=1714845987

51.15.39.180

200 OK

36 kB

URL GET HTTP/2
cache62.vidoza.net/i/01/07603/c32aq2yhm77r.jpg?v=1714845987
IP
51.15.39.180:443
ASN
#12876 Scaleway S.a.s.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3
Size
36 kB (35823 bytes)
Hash
652f67398228ff401593710828614869
b1c7f35719088a75eb4280a814f01fc94d156be2
3b9020e047ed68d008ad755669dba2e8458305c2883a4659a5719f84a811b009

HTTP Headers

GET /i/01/07603/c32aq2yhm77r.jpg?v=1714845987 HTTP/1.1
Host: cache62.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:28 GMT
content-type: image/jpeg
content-length: 35823
last-modified: Fri, 03 May 2024 17:15:37 GMT
etag: "66351bb9-8bef"
expires: Sat, 18 May 2024 18:06:28 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

static.addtoany.com/menu/locale/ru.js

172.67.39.148

200 OK

2.1 kB

URL GET HTTP/3
static.addtoany.com/menu/locale/ru.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (2170), with no line terminators
Size
2.1 kB (2130 bytes)
Hash
7581051e137324f383ce692c383a90ac
7c66ac218fd109304436e9588d602c7aaab63b82
428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c

HTTP Headers

GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Pns6TtwvXJrabXBg5qD34U9tGeMGrEdyUXo1Ifn5UQb5j%2FCb0kNzo4kU4t%2BwBPaHA8Py5yVUYqQOtvtjiUJeOTkgqF2%2B8WrkfDd3KIvQdWwPMR2W2eJHhLs1mdCyT2pxQI6S5LuakxUHp8hEEzVcw4J"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21050
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc468ff1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254

188.114.96.1

200 OK

35 kB

URL GET HTTP/2
topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjecthadesex.com
Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A
ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
35 kB (34934 bytes)
Hash
646ac673029a4d9fa991a3e55337f323
5dc4c42e4a0757f30a912b00b7e1c80054732192
6a218668c299be4694f00b8b364198c5eb206d030f57d956d2a12a441665d2bf

HTTP Headers

GET /?source=761082465&site_id=560254&spot_id=560254 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: ea514bfb956331d589101809b88b9c50
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5yd70stWnkvEAJWDl1%2FOkZPxD%2FIkm3jCzCITNCM2R89dvb3zFttDZqDXEd7cNrQYd5L1vshaetEqKiYeDPxBYVTkULQIIX3Cxiz7IbHNLRRz5ldA0%2Fp6FI3dM3QgCmd1x92pLA9Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cd709f556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/reddit.js

172.67.39.148

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjHweqxafNQq1n%2FESzRf2k9F%2FrYlbdwvbqiAi31q1bs4dxVMeUPA7nKp8T0F58E7TOkAh%2FfYESagksyAdIk6odC8nuIMY%2Fii8dgMTHCakMh4qso5JAISV52DVvEx%2FDl%2BX8CDPGH228RHXIBwZtZJQppE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3793
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc499271c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/sub/31bV2Jy

172.67.205.77

200 OK

239 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31bV2Jy
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FuQjpQdJiJ7Vkxg%2Fi%2FwgBbJJPICI8hWuHSWRS9zskQxNY%2Bwn%2FLPtcbItVS%2FWg%2BBmcBBF%2BDF0jsC6vG%2BIRb5HvAUuDL%2FC%2Fxz11%2Fg3EvSclBW4arXeH86am7a23nn6mEd170d09UusEhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc4092456ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

veepteero.com/?rb=1aSuW-j_ASfUqGOWZlS7b5KcdGuRKj0YbkMKoPFMT5eogPxwJcrn1fMmhAyCI0FRHqEyyq7cdUZ6r2hs2hGDnkRlO95tOm4U4-pNBHjsIMB5JQMbVzAMeuzq6-V98Mkl-bocq7YEisypzTZx02F2q6cy-9W6Jw28XGh9-uvQSpeoSmz6x9EvmLfpXwSf6-KKMVlB5jqbatHFq6YLGzJU4aLh3sozcXsED2VPApwheOJdXiwkIqz-37M7Nim6-Xj0EiY_7w%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=ba0bf9da-7c82-48c8-9104-f474f645b55b&wasm=1&userId=00805276252d4c5be7dcd3789b43edf6&m=link

139.45.197.242

200 OK

2.3 kB

URL GET HTTP/2
veepteero.com/?rb=1aSuW-j_ASfUqGOWZlS7b5KcdGuRKj0YbkMKoPFMT5eogPxwJcrn1fMmhAyCI0FRHqEyyq7cdUZ6r2hs2hGDnkRlO95tOm4U4-pNBHjsIMB5JQMbVzAMeuzq6-V98Mkl-bocq7YEisypzTZx02F2q6cy-9W6Jw28XGh9-uvQSpeoSmz6x9EvmLfpXwSf6-KKMVlB5jqbatHFq6YLGzJU4aLh3sozcXsED2VPApwheOJdXiwkIqz-37M7Nim6-Xj0EiY_7w%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=ba0bf9da-7c82-48c8-9104-f474f645b55b&wasm=1&userId=00805276252d4c5be7dcd3789b43edf6&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2337), with no line terminators
Size
2.3 kB (2314 bytes)
Hash
7cdd235e77aebf4667f0693c47b4fd4e
1fd90cf1d384e7959f51d464e2d22a8f4db48dd8
6d1ca6033cf6ea6fd807cf53da9f14321e445316010e988ed99602a5db90afd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=1aSuW-j_ASfUqGOWZlS7b5KcdGuRKj0YbkMKoPFMT5eogPxwJcrn1fMmhAyCI0FRHqEyyq7cdUZ6r2hs2hGDnkRlO95tOm4U4-pNBHjsIMB5JQMbVzAMeuzq6-V98Mkl-bocq7YEisypzTZx02F2q6cy-9W6Jw28XGh9-uvQSpeoSmz6x9EvmLfpXwSf6-KKMVlB5jqbatHFq6YLGzJU4aLh3sozcXsED2VPApwheOJdXiwkIqz-37M7Nim6-Xj0EiY_7w%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=ba0bf9da-7c82-48c8-9104-f474f645b55b&wasm=1&userId=00805276252d4c5be7dcd3789b43edf6&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:32 GMT
content-type: application/json
x-trace-id: 59a790795bf8b787664236e53ee91443
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805276252d4c5be7dcd3789b43edf6; expires=Sun, 04 May 2025 18:06:32 GMT; path=/; secure; SameSite=None
oaidts=1714845992; expires=Sun, 04 May 2025 18:06:32 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 18:06:32 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:27 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 352081
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cbe08d7b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.itskiddien.club/?rb=izZb07LKnjcnY0n7trEg1YgKszdQ_6yLWQ4R50VQMCKW7thJRoRZr7gpoxJtBj0lUi8sVP9cFV9N2kJFE19BmPawse7SKfP5Dm3W00vYfXdDGOgOB7JikD2L5LLRNQJ1YY7PJRW1DpKSDZse1E2b6TSx155yKB4UTDrtpwWiWZN_Z7IiHQW-IzBeTPairJvxIG0WoPy-FMWqls6LMlfmT7_elK8Ju3GAyeMBE0jN7NeXT1dCpxiD4C9TCk_IuzqI2_f2nVRXZb0g0MfX&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.7-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.7-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3abb9d7a-53e3-4db3-9916-83e945ad6853&userId=00805276252d4c5be7dcd3789b43edf6&m=link

139.45.197.236

200 OK

2.4 kB

URL GET HTTP/2
cdn.itskiddien.club/?rb=izZb07LKnjcnY0n7trEg1YgKszdQ_6yLWQ4R50VQMCKW7thJRoRZr7gpoxJtBj0lUi8sVP9cFV9N2kJFE19BmPawse7SKfP5Dm3W00vYfXdDGOgOB7JikD2L5LLRNQJ1YY7PJRW1DpKSDZse1E2b6TSx155yKB4UTDrtpwWiWZN_Z7IiHQW-IzBeTPairJvxIG0WoPy-FMWqls6LMlfmT7_elK8Ju3GAyeMBE0jN7NeXT1dCpxiD4C9TCk_IuzqI2_f2nVRXZb0g0MfX&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.7-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.7-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3abb9d7a-53e3-4db3-9916-83e945ad6853&userId=00805276252d4c5be7dcd3789b43edf6&m=link
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2387), with no line terminators
Size
2.4 kB (2364 bytes)
Hash
c98fba903c8bbbfc6345647307db481a
c266609d55d2fae3689051e4010b44cb0ee359ff
51fda6b6d7b65d2b4f6d2ba69e2e4987f39c983468286d788919100e3a103f6f

HTTP Headers

GET /?rb=izZb07LKnjcnY0n7trEg1YgKszdQ_6yLWQ4R50VQMCKW7thJRoRZr7gpoxJtBj0lUi8sVP9cFV9N2kJFE19BmPawse7SKfP5Dm3W00vYfXdDGOgOB7JikD2L5LLRNQJ1YY7PJRW1DpKSDZse1E2b6TSx155yKB4UTDrtpwWiWZN_Z7IiHQW-IzBeTPairJvxIG0WoPy-FMWqls6LMlfmT7_elK8Ju3GAyeMBE0jN7NeXT1dCpxiD4C9TCk_IuzqI2_f2nVRXZb0g0MfX&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.7-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fvidezz.net%2Fembed-c32aq2yhm77r.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.7-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3abb9d7a-53e3-4db3-9916-83e945ad6853&userId=00805276252d4c5be7dcd3789b43edf6&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=0080524e145e4229e0fb89de93524e4e; oaidts=1714845994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 18:06:34 GMT
content-type: application/json
x-trace-id: e1429157d8322b9e4a86ca02b40fa2cb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805276252d4c5be7dcd3789b43edf6; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
oaidts=1714845994; expires=Sun, 04 May 2025 18:06:34 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 18:06:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=54

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
dismaytestimony.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=54
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdismaytestimony.com
Fingerprint0C:AA:51:7C:B5:7D:1A:53:D1:E3:23:EB:6F:15:42:F9:A5:4B:F8:E6
ValidityMon, 29 Apr 2024 08:06:26 GMT - Sun, 28 Jul 2024 08:06:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=54 HTTP/1.1
Host: dismaytestimony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js

172.67.141.24

200 OK

9.5 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
Unicode text, UTF-8 text, with very long lines (8821), with no line terminators
Size
9.5 kB (9466 bytes)
Hash
d0707ac5d95047febbb8f131cc7a9af4
65021f149e99900eeaf7d298d2303160872b43f3
3e2e7ab351d401339df520fbd7ce4f177643dca01cad22bf59dd4b3e14853810

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 170610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKTPJN1nIfUlgzrJq2D5y4bg5zcsW8B9RjjCrId6k5pyfExY8JY3aT16yNVF7PeOFlQxAoNwaO%2FR6crdtogSndIX3t6JvPQKV7W46m%2FmMgmC%2BtmUvs2t7V%2B2SBuY8dU994KgSSVcg1HS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cccdb3cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTp9EadXRRpoQgwMgiWqgmLS5FqrigbxIXZNk002eWRHpIycuZdNzSPZfDZd7Rd3jcVUJRX9rvRqmjZjFqCmSgkqSsiL6Dpw5DCjwMGgiPH4uobXGebYVDIkgChkTvee0dsjDjmBtlE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea6cc3483556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/facebook.js

172.67.39.148

200 OK

429 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
429 B (429 bytes)
Hash
874e1638740e061f9fa55eda3180724c
108a7e30fa0f7d50b961845ec970a2745f3c821f
d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6B%2FV6ADt517psBnU6gY21U1Bic9HzuXd7VQoHHzOpIzDwZJWTz9ICNXIC3sHbp8LbOg8q2%2FF%2BORds3rmW9O1Ls0y6Q7edGN6XzyiY6nnZTscstDrjHgjuWo%2BViAul%2B3fVrY3dDtWjAtHYik3CIlkPl%2B8"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3793
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc469011c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183

174.137.133.17

302 Found

5.5 kB

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
5.5 kB (5467 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465

videzz.net/js/jquery.min.js

78.142.18.54

200 OK

96 kB

URL GET HTTP/2
videzz.net/js/jquery.min.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-c32aq2yhm77r.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 May 2024 18:06:27 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-1762a"
expires: Mon, 03 Jun 2024 18:04:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 18:06:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

static.addtoany.com/menu/svg/icons/viber.js

172.67.39.148

200 OK

1.0 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/viber.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1027), with no line terminators
Size
1.0 kB (1003 bytes)
Hash
b216786a6e2822572e4c78284416fd02
b3a072140d798b6734431ff6a890da7cb8c701ce
265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370

HTTP Headers

GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GF6l98r1SQYqjDtri4QPzTS5LMOpdVchUnK6BVf%2BlLdjgGTOroVtLoEgBZGV4DnC%2F8H50pBgMuYKNEVy7bN4602BG8Zh2ixMmsk5rDi0fS%2FzgSJQkky1xyzinR9KyteZiB1mtIVLwxRzIrwIJnPctQZD"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 281
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc4b9591c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b3976ef452896f784a283221178f42a9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 18:06:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FI2j0m7tDPG%2BrHuDOuLaGRK6mKSGEtZ5clqrpNNnMt08CEb40Kva5qsXSU8pYeApfp0Y2I32zaBlq4O3SFJPKbFkdsh1OEv5H1sJhE3L%2BK8cgxbdVc1PmfeqepMSXWkTyaXR6uTJF5uMKjkJmLufDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cc38df20b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4

51.15.39.180

206 Partial Content

1.7 MB

URL GET HTTP/2
cache62.vidoza.net/nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4
IP
51.15.39.180:443
ASN
#12876 Scaleway S.a.s.

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type

Size
1.7 MB (1671132 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4cinlpmfeieno3ukancp5hxyezwk6zz2geqlfgsr62hqb4j43evfocdqa/v.mp4 HTTP/1.1
Host: cache62.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Sat, 04 May 2024 18:06:28 GMT
content-type: video/mp4
content-length: 244385842
last-modified: Fri, 03 May 2024 17:15:43 GMT
etag: "66351bbf-e910832"
content-range: bytes 0-244385841/244385842
X-Firefox-Spdy: h2

animewatch.onionlive.workers.dev/

172.67.141.108

200 OK

1.8 kB

URL GET HTTP/2
animewatch.onionlive.workers.dev/
IP
172.67.141.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerGoogle Trust Services LLC
Subjectonionlive.workers.dev
Fingerprint47:76:5D:C5:12:3C:C2:68:72:9E:1E:79:C9:B5:09:72:24:11:B4:C0
ValidityThu, 02 May 2024 00:33:08 GMT - Wed, 31 Jul 2024 00:33:07 GMT

File type
HTML document, ASCII text, with very long lines (1795), with no line terminators
Size
1.8 kB (1769 bytes)
Hash
9dc1e04cc7affd8cf80ad5feefa89210
4c11c71a6f83138bd24602a1c996ad82364573b1
654082713403f7d1acc1d1fdfb9fca90222fd0a411be1fb02f64e973cdf054b5

HTTP Headers

GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:30 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4M2mue6OmkuXoCWZtM2BFRJXQjnJzchYLaCOO27Hai9PX%2BBuqNDx%2F06KiloZM%2BdvOP6GTtRjEdG%2FzsMzSK9Ycf1Dq3EzXjy%2BrScyodKOKwxS7z%2FcCDic%2FFNhZNzOk343W2Ans3rvIgY6MR%2F4D0lOW9xCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6cce5cd5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html

104.26.7.19

200 OK

1.4 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html
IP
104.26.7.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1528), with no line terminators
Size
1.4 kB (1444 bytes)
Hash
e0adf77c0018ca4bbdea4d444a33c1e4
0eb2ec58424d9b07a49a0edf0a0efcf44ee8df13
0cfe04bb8227ac43f186cfc30dbfed963b8043e83704779f1f5ec744ed57d876

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 18:06:29 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 96977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2BVQtkIY6g9eS24rNm%2F2QVfzcZQ7duPj2nSmVPSbJAomWmzmEDeF%2BCkZqh4J4jMXbqY82%2BeVxtMSB0sKwbV1V%2F3j4MqrVQCWnrqGV8LRbASZlYxm9MJIacWIbfwVmiq%2FCir29U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea6ccbda8eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true

216.18.168.29

302 Found

1.2 kB

URL GET HTTP/1.1
tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
1.2 kB (1161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /show_std.php?id_site=13111&id_channel=60781&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Sat, 04 May 2024 18:06:30 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=60781&id=ef4c2fce-9715-408d-8483-a1fc1648215d%3A34c51f68-9f52-4641-933c-0427521e8c7f&site_id=13111&uuid=bf22f92c-d6ec-4e98-81df-c2f187ee35f7
set-cookie: sppc_uuid=a485aa4b-4506-4500-a377-2ddb8a23d95c; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

cdn.o333o.com/vast-im.js

143.204.55.31

200 OK

310 kB

URL GET HTTP/2
cdn.o333o.com/vast-im.js
IP
143.204.55.31:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type

Size
310 kB (310487 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:31 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZmcCFFz79RHTAUZ0It2nL-d8cOJl7O98jh78cvXJgHsf-_n6DC6Lfg==
age: 2018096
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

172.67.39.148

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-c32aq2yhm77r.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 18:06:28 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDW4diA%2BEdy8OJCA%2BpLQ3gmSCi7vKsIXChBvTfZhzGq8tW7aSgoBp4ko5y0Wfi66JNOUEgnNTCRlGyJjb1nGdgevGDDRtPFAHoY%2BbgJySZ8EQL4gSUts1vSKtTOhLXaOnaC5J7u8rg4y8pfyPKUkaxP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 26872
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea6cc2ef1f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (72)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML