Report - videzz.net/1257pc8b3t79.html?asgtbndr=1

Report Overview

Submitted URL
videzz.net/1257pc8b3t79.html?asgtbndr=1
IP
78.142.18.54
ASN
#208046 ColocationX Ltd.
Submitted
2024-04-24 18:05:29
Access
public
Website Title
Watch 69484 mp4
Final URL
videzz.net/1257pc8b3t79.html?asgtbndr=1
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-23	814 B	173 kB	104.21.35.227
myliveforyoudreder.com	unknown	2023-07-27	2023-07-27	2024-03-08	404 B	2.3 kB	172.67.151.245
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2024-03-08	1.7 kB	1.7 kB	174.137.133.17
trafforsrv.com	101761	2017-12-28	2018-01-12	2024-04-18	596 B	415 B	216.18.168.28
s.pemsrv.com	unknown	2023-08-01	2023-08-04	2024-04-23	1.3 kB	2.5 kB	95.211.229.246
zv.7vid.net	unknown	2018-07-27	2023-07-29	2024-04-18	566 B	1.3 kB	135.181.208.216
xmlclick.adokutrtb.com	unknown	2019-01-21	2022-05-23	2023-07-04	1.2 kB	536 B	23.226.122.79
assets.strpst.com	unknown	2021-05-31	2023-06-08	2024-04-20	5.6 kB	359 kB	104.17.10.106
waterfallchequeomnipotent.com	unknown	2024-04-23	2024-04-23	2024-04-23	914 B	33 kB	192.243.61.227
xml.cachegorilla.com	unknown	2021-07-23	2023-11-27	2024-03-08	2.2 kB	596 B	173.239.53.20
go.krkstrk.com	unknown	2022-07-05	2023-07-31	2024-03-26	700 B	997 B	104.18.40.50
xml-v4.adcannyxml.com	unknown	2020-03-23	2023-05-19	2024-02-21	536 B	137 B	174.137.133.18
videzz.net	unknown	2024-02-28	2024-03-04	2024-04-18	12 kB	2.4 MB	78.142.18.54
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	2.5 kB	92 kB	104.17.24.14
kr.cafenehkikki.com	unknown	2024-02-08	2024-02-22	2024-04-18	400 B	1.2 kB	23.109.170.198
bid.bidclickmedia.com	unknown	2022-09-19	2023-03-09	2024-03-08	5.3 kB	8.7 kB	172.67.205.77
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-23	1.5 kB	846 B	192.243.61.227
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2024-04-20	1.1 kB	62 kB	174.137.133.17
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-23	2.2 kB	196 kB	142.250.74.99
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-24	1.0 kB	110 kB	104.18.10.207
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-04-23	4.5 kB	89 kB	104.22.70.197
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-24	1.2 kB	76 kB	142.250.74.106
track.jajaloop.com	unknown	2024-03-28	2024-03-31	2024-04-22	629 B	0 B	0.0.0.0
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-23	1.5 kB	862 B	216.239.34.36
tfosrv.com	65142	2020-11-17	2020-11-18	2024-03-08	1.3 kB	1.0 kB	216.18.168.29
allvideometrika.com	unknown	2022-05-16	2022-05-16	2024-04-18	518 B	1.1 kB	104.21.83.61
impactserving.com	20466	2019-06-21	2019-07-07	2024-03-31	1.7 kB	95 kB	104.16.79.217
cambaddies.com	218217	2017-07-06	2018-12-19	2024-04-22	802 B	144 kB	185.98.55.81
img.strpst.com	12993	2021-05-31	2021-06-03	2024-04-23	13 kB	85 kB	104.17.11.106
vz.7vid.net	unknown	2018-07-27	2022-03-29	2024-03-08	391 B	77 kB	135.181.208.216
profitablegatecpm.com	unknown	2024-02-05	2024-02-06	2024-04-18	435 B	17 kB	192.243.59.12
evaluateuncanny.com	unknown	unknown	No data	No data	481 B	467 B	172.240.108.76
tgp1.brazzersnetwork.com	143376	2006-12-23	2019-05-08	2024-03-24	1.8 kB	980 kB	66.254.114.234
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-24	2.7 kB	538 kB	142.250.74.168
tr.7vid.net	unknown	2018-07-27	2023-12-16	2024-03-08	3.6 kB	172 kB	135.181.208.216
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-23	1.9 kB	1.3 kB	18.185.247.192
hoddlegamey.com	unknown	2023-07-20	2023-07-20	2024-04-13	539 B	1.2 kB	23.109.170.77
camsofa.net	unknown	unknown	No data	No data	514 B	1.1 kB	172.67.202.186
s.o333o.com	unknown	2015-02-16	2015-03-05	2024-04-23	389 B	1.2 kB	85.10.205.45
str37.vidoza.net	unknown	unknown	No data	No data	997 B	7.5 MB	109.202.99.55
www.google.no	25607	2001-02-26	2016-04-05	2024-04-24	574 B	578 B	142.250.74.163
animewatch.onionlive.workers.dev	unknown	2019-02-08	2023-07-29	2024-03-08	526 B	71 kB	104.21.9.35
xml-v4.onemediawork.com	unknown	2023-10-18	2024-01-18	2024-03-23	538 B	294 B	173.239.53.20
cdn.o333o.com	158144	2015-02-16	2015-05-28	2024-03-08	395 B	311 kB	143.204.55.120

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	cafenehkikki.com	Sinkholed
2024-04-24	medium	profitablegatecpm.com	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	unseenreport.com	Sinkholed
2024-04-24	medium	unseenreport.com	Sinkholed
2024-04-24	medium	hoddlegamey.com	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed
2024-04-24	medium	videzz.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (73)

	URL	Size	First Seen	Last Seen
	videzz.net/js/pop.js?v=1.0	35 B	2023-03-07	2024-05-05
Pretty URL videzz.net/js/pop.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-05 15:02:58 Times Seen201 Hash da4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	162 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:47 Times Seen104 Hash 035c117549bb95ad0992ae461d89e44e 2f45bc18613030f169e7c8ef25553df24e7003b6 0d89ce1d538634aeb6d56fa061bb107311c5daaa1c59aed01cb4e18c48081a96 Loading...

	unknown	727 B	2023-07-09	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-05-03 22:13:33 Times Seen11 Hash cba6684c3c5985b704a43d362b9948e6 b1861c71c7984380b0f863610fe6418d2f7146a2 11fc883efdb1519b0569055e521c4175c49fe2aabbbef893d9dba9003684dd3d Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	357 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:47 Times Seen104 Hash 824c86e507e4c27bb34b991feedb5820 06bd36505ef9492db28ebb53c740d5c17d4516b4 0c45ee272e41a3a37bb7d5a0881665e4d54b762e20921cdb145bf5539fe4f551 Loading...

	www.googletagmanager.com/gtag/js?id=UA-158623850-1	203 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:39 Last Seen2024-04-24 20:05:41 Times Seen2 Hash f0cfd151772617c77790aa3ed881f6d0 5df4ed710fab74ecaa9671e68877314841e73267 8a33b54d62359caf5abdb9197802de2e5c19ebcc3e8bc0c96bd19d11782bde1a Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	2.0 kB	2024-04-24	2024-04-24
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 20:05:39 Last Seen2024-04-24 20:05:39 Times Seen1 Hash 045da51e3c2f4a98e8da15b045b27a28 eca8438cf4b889ce7a2febdaafe65b2c5d0e75e6 d61ef087196d417326db6e4f12a91291107b6b07127e497c6fc9f7fb8964ef57 Loading...

	videzz.net/js/videojs.stm.5.min.js?0.823362850306037	7.2 kB	2024-03-08	2024-05-05
Pretty URL videzz.net/js/videojs.stm.5.min.js?0.823362850306037 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-05 15:02:58 Times Seen65 Hash 4630f52d883cdd6dc5b7e0aee209fe40 ae08102d07ab32e76d5dbd12fa7db315e6f51f4e b74ebfdefad877a934b2e7d38afb3a56ad4db4ebbd88a72b7ae4a44fad74c0d3 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	475 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:47 Times Seen33 Hash 7019cbe0012d5199f2f496e930f3bf61 5d1696302b432ac66a71a81f8899876ddcd019b8 092b3dfb5e9bb66a05ea11eb25003bc70f3d1ebe6cd384f274e1b17eeb9b4ae7 Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-06
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-06 02:14:53 Times Seen1059 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

	tr.7vid.net/henYKwb.js	310 kB	2024-03-22	2024-05-05
Pretty URL tr.7vid.net/henYKwb.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-05 19:14:48 Times Seen239 Hash 04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	88 B	2023-03-07	2024-05-03
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-03 22:13:33 Times Seen25 Hash 07b30612e7898526d72c8ce77c650c47 d6f554e4eb7ad6deb003a0541c0bbe264563059a 5d764749f6b3215245da9aa4db9e35df149910d9e5d69bbd108ddf7fbe5957df Loading...

	kr.cafenehkikki.com/1clkn/14903	6 B	2023-03-07	2024-05-06
Pretty URL kr.cafenehkikki.com/1clkn/14903 IP 23.109.170.198 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-06 00:51:45 Times Seen14294 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-06
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 02:21:32 Times Seen37371990 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.addtoany.com/menu/svg/icons/viber.js	1.0 kB	2024-04-12	2024-05-05
Pretty URL static.addtoany.com/menu/svg/icons/viber.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-05 19:14:47 Times Seen104 Hash aeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee Loading...

	unknown	731 B	2023-07-09	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-05-03 22:13:33 Times Seen15 Hash 899ffd6924a090dfa639b2692e4f3cf7 bfbedb6f11d2cfcb2cfd342e6516c40e7b32783c 3084dab3a2dd5383ab8bf9ad8a6dbeffe715389883af4a2701c74fa31c893b49 Loading...

	unknown	809 B	2023-10-15	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 03:21:25 Last Seen2024-05-03 04:50:43 Times Seen9 Hash 99fcebb4e7afbb634b7a199af8add137 303cb82ddf45424df5adefa3927ec9a27b0b26d2 6968637dc57a40f593f1f6b9d02813c9ad381488e689872e9b90fa6486e2aa29 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-06
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-06 00:51:44 Times Seen2302 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.9 kB	2023-03-26	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-05 19:14:47 Times Seen85 Hash 82e1ab0f6fb26e1a626e1ad6812a2e50 ff89302fd6c7736cfe3c0ce1bea0da569a763ced c1133cdc2ae23220a521a156d0edc736cea501341435673899a05f4d54597373 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-56DK3TH	204 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:40 Last Seen2024-04-24 20:05:41 Times Seen2 Hash c74d357a6ac461d773657104c79359ba 97c84bfb44238beabdda4f0e4c67d9786885eecf c5ae70c126cf47947439e3a209e6b9e28dd88eff89ad73cdcbe802865d159ee5 Loading...

	vz.7vid.net/Sb7AkA7.js	239 kB	2024-03-22	2024-05-05
Pretty URL vz.7vid.net/Sb7AkA7.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-05 19:14:48 Times Seen421 Hash a6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.9 kB	2023-05-14	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-05 19:14:47 Times Seen84 Hash a692b14c46b795baddef6cde7925aec0 83421ee7434ca7916a53f711c1a207c04e264e3c 0a136fef0aef4b2b4d90057c95c48e84618ecebe376ad324594150d0b8588f90 Loading...

	videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	416 kB	2023-03-07	2024-05-05
Pretty URL videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:48 Times Seen105 Hash 9721700ae4b3d8e0e81f9c6c1c8d511b 1c987ebb7fac787eaa3b2190c9b53bb685d5b8ea d4098ce7457b5191970d2df49c8b8f6c2ffc0d8510673777a08910f0b68d5c2f Loading...

	videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	140 kB	2023-03-08	2024-05-05
Pretty URL videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:59 Last Seen2024-05-05 19:14:48 Times Seen105 Hash 8986804e792bac03d992cfa0d65281de 4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44 e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295 Loading...

	waterfallchequeomnipotent.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js	84 kB	2024-04-24	2024-04-24
Pretty URL waterfallchequeomnipotent.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:40 Last Seen2024-04-24 20:05:41 Times Seen2 Hash 3f08114695268c191948708824125731 618b9a613f5a1497a2fce3ef6b780d537a6a1f04 907a853601c0416e4c00babb552bf94eddd46133072c04b13ca89a3110d163f9 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	82 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-05 19:14:47 Times Seen100 Hash 67b70174cc2854586ec824f84b79d825 c9bde16aa4e39ab912e1a20fe298b028a3432596 a979d312087118fa753a8ed59077b51936c9595eb2a37cd369a6b4f579eebafd Loading...

	videzz.net/js/ads.js?v=1.0	211 B	2023-03-07	2024-05-05
Pretty URL videzz.net/js/ads.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 15:02:58 Times Seen185 Hash 09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	488 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:47 Times Seen100 Hash c88a098ddb34ae8eb653079349e1eb71 c273d06595b90b3f3eadde95865d4fd88a2cdc4a f8be9aff934fb09a35261e76d411268402098e38f3c1468679a0ffddf96cb8cd Loading...

	unknown	813 B	2023-10-15	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 03:21:25 Last Seen2024-05-03 04:50:43 Times Seen10 Hash d458b9da5545ce101414ee4dd03b7456 6f6291287f946714d9303ab5722e19b0f5c704cb a5f3b5d4998f77ea2789a615989a813522c4bac49346fa484b78da4fe6131a9d Loading...

	unknown	729 B	2023-07-09	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-05-03 22:13:33 Times Seen13 Hash 8b9caf322dc087ac4a7ead0a2ac35741 256a95350057596038880e672b77dc7feff104ca 900b56e1419fc696fc2a74f5f4983724e2667ec390e175c3f8411b04efecfa0e Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	221 B	2024-04-24	2024-04-24
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 20:05:40 Last Seen2024-04-24 20:05:40 Times Seen1 Hash 8bf7e6ff49a750ca577026c019e5dd38 9cc5c3fb81753eb393e99bb44d6271a24c109fe0 34a114c644dc513a4ac4d22d6f9e72472a426b301bb5fdcebe06fd30b568fcc7 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	192 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:47 Times Seen40 Hash b8f0c68374a03493550ed139cdba6d40 5110312d4ba0f330fc777c10b64eda8a6d824060 e13cba8c7a352718d08b4c32ad450223b86e74f0fc355cbce943e18dbe3720fb Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.9 kB	2023-09-20	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-05 19:14:47 Times Seen73 Hash ea18635ebabe6012d41f9fe215f59b54 4bb7351c02f51a2d10b55eb8daecf0862aec3db7 4e69daf6970b0700406f701311ff61bf0623749d951327a09de054a9906c8056 Loading...

	myliveforyoudreder.com/vidozza.js	1.6 kB	2023-03-08	2024-05-05
Pretty URL myliveforyoudreder.com/vidozza.js IP 172.67.151.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-05 19:14:48 Times Seen126 Hash b340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000 Loading...

	static.addtoany.com/menu/svg/icons/telegram.js	360 B	2023-03-08	2024-05-05
Pretty URL static.addtoany.com/menu/svg/icons/telegram.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2024-05-05 19:14:48 Times Seen844 Hash 48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.9 kB	2023-09-20	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-05 19:14:47 Times Seen73 Hash af6177bd7ff00168d56dcbb2dfad8aad b0565c811d5bc5e2b4923cc1194a81126512010c 68848e296ab0993815dd2ae9efbb9b41e1bddf7d57aafd1ce37fcb6588b09901 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.9 kB	2023-12-02	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-05 19:14:47 Times Seen26 Hash d97a5b73f9ff75b17385b7097312ac45 7ce245822b9fb070760c11c3cce3bf7aec04aa23 16b7b6c3ab170e3bd3a657fb65cc1a1afbb462e4cbc6af4a73db06f86fbdd931 Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2024-04-12	2024-05-05
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-05 19:14:47 Times Seen112 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	videzz.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-06
Pretty URL videzz.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-06 02:19:07 Times Seen345065 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	11 kB	2023-03-07	2024-05-05
Pretty URL videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:49 Times Seen63 Hash f2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb Loading...

	videzz.net/sw.js	42 kB	2023-03-07	2024-05-05
Pretty URL videzz.net/sw.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:49 Times Seen164 Hash 764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	645 B	2024-04-12	2024-05-05
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:45 Last Seen2024-05-05 19:14:47 Times Seen119 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	unknown	821 B	2024-03-08	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:52 Last Seen2024-04-27 18:32:35 Times Seen6 Hash 6f34371b351716579f2045af747f4261 6cf4c6c5d4062883192c453d269c25d3ac8de3b0 aa96bc657e965489f0c6540488364a43c5e123a6b8a37d226a174978cedba808 Loading...

	unknown	54 B	2023-04-11	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:34:44 Last Seen2024-05-05 19:14:47 Times Seen869 Hash 21ad6a5e027895d7fef5bee4de0a6c02 1997f8ca0f217c1001a42318dc5976a0d5a56469 6e97ed48cf9a0f9bf4e5199bc5546e24c1067a10e7a582b886143be40f479bb5 Loading...

	unknown	823 B	2024-03-08	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:52 Last Seen2024-04-25 08:27:36 Times Seen5 Hash 94b1f3f0cca87976ce3fa29d678b22eb 91ec46aae980ba83b40a619d73879f0e41d1a4e4 00f44087c973f1e16a23ec0c2ac84b092a611b71645d740ef1e9a03b7a6e9023 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-06
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-06 02:19:07 Times Seen344558 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.9 kB	2023-12-02	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-05 19:14:48 Times Seen64 Hash 861dcaf645aae37b6316256c150d9dfb 3a9f80b6a4bf4c7807b354238ee1092098ef0592 8580955f289133f8987846865a71337744c9e2f39defb5c7bad0df0752a47ae7 Loading...

	videzz.net/js/jquery.min.js	96 kB	2023-03-07	2024-05-05
Pretty URL videzz.net/js/jquery.min.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-05 22:36:05 Times Seen47039 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	416 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:48 Times Seen104 Hash 7b2ab585a733a8e54eb7117dbe673331 38ba49b934ea93104d43c095a34cbebabee2416b 161196e2eb45160ec056dcf19476aaf0a8694cd099ce5ddb43f53f58fa86d0d8 Loading...

	static.addtoany.com/menu/locale/ru.js	2.1 kB	2023-03-07	2024-05-05
Pretty URL static.addtoany.com/menu/locale/ru.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2024-05-05 19:14:48 Times Seen127 Hash c0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	429 B	2024-04-12	2024-05-05
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:44 Last Seen2024-05-05 19:14:47 Times Seen123 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	604 B	2023-03-07	2024-05-05
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:48 Times Seen103 Hash 3f51f1dc48435128b95bc2f1354a7a17 1baedda0ccf0cdaaa29bf441fcfe0c5fb2f8d4d4 9a3b5d51bd26f5549b2a1ca571835e3c1f0beede7826fd81566bdbc1dad656e9 Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-06
Pretty URL static.addtoany.com/menu/page.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-06 02:14:51 Times Seen711 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	unknown	817 B	2024-03-08	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:52 Last Seen2024-04-27 18:32:34 Times Seen6 Hash fa2aa7f34704cd8bf6cd2cf3898a74c9 4073a4e793982e168647f0cf101214767c10e445 5ac86016bb96c4a0255f0ce14087d40c04e33d3fde8ed269b21100537204b67a Loading...

	videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	159 kB	2023-03-07	2024-05-05
Pretty URL videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-05 19:14:48 Times Seen180 Hash 7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02 Loading...

	unknown	819 B	2024-03-08	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:52 Last Seen2024-04-27 18:32:35 Times Seen6 Hash ecfba591886a09c4d3a25057b012799c a4ab27e8bffaf73f05de7a6a100e286dd5fd2eba ce686f911d5c4b53b27c2ddbbfdf088d220d3b1f76ff1dea258ee5c99e93a881 Loading...

	www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c	271 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:40 Last Seen2024-04-24 20:05:41 Times Seen2 Hash fc5448c23e45852842578773bca5ba97 b247549cbb92f0bbe90f580c91a2cfff37d69df6 cddce53f6a947d55a2d33192ab0d43547680ad2bdf3c109d0bf34846bd8130a9 Loading...

	tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079	915 B	2024-04-24	2024-04-24
Pretty URL tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:41 Last Seen2024-04-24 20:05:41 Times Seen1 Hash e3832ba7b1302a31448242f7bf0ee035 5292a47afdff641577c7e74c99a798f36b4ea0d7 97dcf860f61a6c9574dc217ed83504f857c3413220ff59f2a7732b23d2e71fab Loading...

	profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js	44 kB	2024-04-24	2024-04-24
Pretty URL profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:41 Last Seen2024-04-24 20:05:41 Times Seen2 Hash 8d8d79d450e9ec58871e2bc344904343 6b4182bbc8e5fb63b64fb658239c95cdcccdda0f 1b2f69f2f300ad40caed84aeaf6d36de88dec6cbf589cfbe8515097081f69d74 Loading...

	tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079	655 B	2024-04-24	2024-04-24
Pretty URL tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:05:41 Last Seen2024-04-24 20:05:41 Times Seen1 Hash f1ee660be8c18992de692419507887bf a2ad95d5e645cda47153fe8b45e4504d255c599d bece5285034b9ed3a60feb5b05857c63f074eb20e8a85df802c4c5abb25b491a Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	1.3 kB	2024-04-18	2024-04-24
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:38:32 Last Seen2024-04-24 20:05:41 Times Seen2 Hash 0bf05dac607443da249fb24ea8e7f261 93fade8433e7f0b38c58b3530ecfa76d79471f3d 56aee49e0a7e96900fff9b8f1e74575348c5c679b6b5229a18e5f9bfe3f97ef0 Loading...

	unknown	811 B	2023-10-15	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 03:21:25 Last Seen2024-05-03 04:50:43 Times Seen10 Hash c3a503938235b6b2126c751cdf09e740 17e4aa5e1ffe476f754b9e22fc15fb4f7d36e595 2fef3a968458c78cf5c059240c455df4077ea6bce73754759de87e326a5de67f Loading...

	unknown	815 B	2024-03-08	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-03 04:50:43 Times Seen8 Hash a1d508561173286a0b0ad3869a70847d 3d4897f157c71610b6872811e9c1eff23d06be81 2467986ca11b3750dc668e7683426518de6e13e74409dafc171875ca69c0b0fb Loading...

	videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	111 kB	2023-03-07	2024-05-05
Pretty URL videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-05 19:14:49 Times Seen66 Hash 6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca Loading...

	videzz.net/1257pc8b3t79.html?asgtbndr=1	0 B	2023-03-07	2024-05-06
Pretty URL videzz.net/1257pc8b3t79.html?asgtbndr=1 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 02:21:32 Times Seen37371990 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s.o333o.com/adgpt.js	2.0 kB	2024-03-22	2024-05-05
Pretty URL s.o333o.com/adgpt.js IP 85.10.205.45 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:49 Last Seen2024-05-05 19:14:48 Times Seen226 Hash 55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	893 B	2024-04-16	2024-05-05
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 104.22.70.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58:32 Last Seen2024-05-05 19:14:48 Times Seen98 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7464088d4933eb38977bd2a0273a265b	61 B	2023-07-22	2024-05-05
Pretty Observations First Seen2023-07-22 13:01:51 Last Seen2024-05-05 20:20:18 Times Seen952 Hash 7464088d4933eb38977bd2a0273a265b 81fe49787f478964fc2b55b9dfe64102365e0162 9f72754a7ecd6f8eb8ddcba2d59883c96b8a8fed2a833dc0e0b653d876b385b1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 7aea427efe0ebb35cac7f6c65074feaa	613 B	2023-03-26	2024-05-05
Pretty Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-05 19:14:48 Times Seen85 Hash 7aea427efe0ebb35cac7f6c65074feaa 7f7025ff75b6c305cf0f7258c68dcc5c3b787ea6 d72f60419e2549dc6934524845bed150c6aa5e1541b5eac18dd5c145f40d2857 Loading...

	#2 Write - 43449de866396eb0131d8111f4fa3895	613 B	2023-05-14	2024-05-05
Pretty Observations First Seen2023-05-14 23:54:06 Last Seen2024-05-05 19:14:48 Times Seen84 Hash 43449de866396eb0131d8111f4fa3895 d74126ea9f2c40f8395c79b3e7f69760f91702fc a67ffe15bbd54d8f4cc64a1e458fc3b742f73783efb009b827b9cf3e9b502add Loading...

	#3 Write - c661bb9a7cc33ed4849427e94a91858c	614 B	2023-09-20	2024-05-05
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-05 15:28:52 Times Seen72 Hash c661bb9a7cc33ed4849427e94a91858c 4be38292beb83aa1b58a668283dfe08ed97d7a42 e56ca9ad4497b40fd4b7c14e2c5e6c5b58563af9cb588188992d2189d22dc477 Loading...

	#4 Write - bf6e0ef92ae84c6ac72a2e33e3bd0ba5	614 B	2023-09-20	2024-05-05
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-05 19:14:48 Times Seen73 Hash bf6e0ef92ae84c6ac72a2e33e3bd0ba5 dd276e9188ea2de2da9b957adbb91c7e2b08d4ec 5f5f7af99db9aecf63f1ae5480d2b95a82e350abcdd3a765f5537235d12a4744 Loading...

	#5 Write - f348cfcd6825805261a572a9a433f9ea	614 B	2023-12-02	2024-05-05
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-05 19:14:48 Times Seen26 Hash f348cfcd6825805261a572a9a433f9ea 36052244d36163566fe8c9a22c9cb71dfb100ab2 db712552bc64b28538ae35e3789df84670b0163d76f5310515ae273cede251cf Loading...

	#6 Write - ab34ea7c979c46402352a8ce4c7b87cf	614 B	2023-12-02	2024-05-05
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-05 19:14:48 Times Seen64 Hash ab34ea7c979c46402352a8ce4c7b87cf 4ec90223aeea83fe3850db77b92c11eed50c99d3 fd21c10a5b8c554e00e76da6ce58475053e414d4280741ed032a857cf9876978 Loading...

HTTP Transactions (163)

URL IP Response Size

videzz.net/js/pop.js?v=1.0

78.142.18.54

200 OK

35 B

URL GET HTTP/2
videzz.net/js/pop.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
ASCII text
Size
35 B (35 bytes)
Hash
da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-23"
expires: Fri, 24 May 2024 18:01:34 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/ads.js?v=1.0

78.142.18.54

200 OK

211 B

URL GET HTTP/2
videzz.net/js/ads.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
Unicode text, UTF-8 text
Size
211 B (211 bytes)
Hash
09f34de71e8853387dd398fbb263af69
4ccb7007fcebcffe64eaa80f2991509fdbac55d5
6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-d3"
expires: Fri, 24 May 2024 18:01:40 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/adb_logo.png

78.142.18.54

200 OK

8.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/adb_logo.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
etag: "66163909-2074"
expires: Fri, 24 May 2024 18:01:46 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/attention.png

78.142.18.54

200 OK

6.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/attention.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6377 bytes)
Hash
d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-18e9"
expires: Fri, 24 May 2024 18:01:58 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.24.14

200 OK

1.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
1.8 kB (1761 bytes)
Hash
dcb0ac787e2b120c8aeec195cd6decb9
7cdd385b4fbdfd0801af64d9209e7ede132dd954
f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82

HTTP Headers

GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1088860
expires: Mon, 14 Apr 2025 18:04:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWA27ehbDIN%2F7f5Ok0ttYLei0IE%2FL9k7NeaLk0ckUOcIUPVbRkTORW9q%2Bv1ZqXag3pLvIH0PIGbiwDwU%2FpmA3yXugNwKQ5ctRKfhXAPLGnuX0QUtjx7x0P4UP545eOBxhfCxP5Wx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879804d31b205691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.24.14

200 OK

2.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7172), with no line terminators
Size
2.1 kB (2141 bytes)
Hash
a99386c14c1250b20b42dd0db3df1741
cc8562d8ee2c39a2adea8d09eec3c4096571dd18
de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672

HTTP Headers

GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1249170
expires: Mon, 14 Apr 2025 18:04:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3vz490YngH2kD17o0mrWqaBzezYisMy9fbfsdlDWEQcnCstz0Xg4w0r3lyRDTkT3zRgbA7j4ShHgmxpt%2F5qGcqb4daNSjU1cNXUbfeAxE7XgawKXKjEEwFTRiraz8r0olnZlD7d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879804d32b295691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 775383
expires: Mon, 14 Apr 2025 18:04:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znOYCNwc2Qb1N7OmmsGG0vC4OLkRzzEDGcY4ATIUxcBZhj%2Fb%2BoqnCYko2zF48AeRXLu3CHpD9rjhnE0H5GaxSkdueGgLlv8XniSsqb2d4HQ%2F4Ryt30lNkkSteZZNqnubwdlqE47a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879804d31b245691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158623850-1

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
74 kB (73501 bytes)
Hash
f0cfd151772617c77790aa3ed881f6d0
5df4ed710fab74ecaa9671e68877314841e73267
8a33b54d62359caf5abdb9197802de2e5c19ebcc3e8bc0c96bd19d11782bde1a

HTTP Headers

GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 18:04:58 GMT
expires: Wed, 24 Apr 2024 18:04:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.24.14

200 OK

867 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4034)
Size
867 B (867 bytes)
Hash
0680879d9be8b73e90cf1ed3de2724e1
e338268ddd73ef607dbbca2ff375867972f66353
5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857

HTTP Headers

GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4817471
expires: Mon, 14 Apr 2025 18:04:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E022033MinLQ1nQGkkmFeJ2Yf9vYwGwgTMx4s%2BNVA998Xe%2BJMZj8bJ98Zs0RIJslArv4exLXoL07iXgPPsRbWinBF%2FHdgzRYeYju2N4ei0fZp%2FDI7oy0i%2Fnj6NsModrgDhzmGb9Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879804d33b555691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tr.7vid.net/Sb7AkA7.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
tr.7vid.net/Sb7AkA7.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /Sb7AkA7.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

tr.7vid.net/henYKwb.js

135.181.208.216

200 OK

88 kB

URL GET HTTP/2
tr.7vid.net/henYKwb.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
88 kB (87996 bytes)
Hash
04bdb2fd7797c33d38ad8a6a0997b389
a69a0999b9106aa1e49a6728c84b3e82b899276d
3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286

HTTP Headers

GET /henYKwb.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

vz.7vid.net/Sb7AkA7.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
vz.7vid.net/Sb7AkA7.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.cpbj8ddae04d.shop
Fingerprint05:51:C2:15:91:D1:D4:BC:15:B2:36:C5:1A:40:61:CC:74:87:18:53
ValidityTue, 23 Apr 2024 10:27:07 GMT - Mon, 22 Jul 2024 10:27:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

kr.cafenehkikki.com/1clkn/14903

23.109.170.198

200 OK

26 B

URL GET HTTP/1.1
kr.cafenehkikki.com/1clkn/14903
IP
23.109.170.198:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectkr.cafenehkikki.com
Fingerprint50:EE:4F:95:B6:16:97:F3:4B:CE:8F:41:22:EB:63:02:F2:48:7A:F2
ValidityThu, 18 Apr 2024 00:50:14 GMT - Wed, 17 Jul 2024 00:50:13 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/14903 HTTP/1.1
Host: kr.cafenehkikki.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:04:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 18:04:59 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 18:04:59 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js

192.243.59.12

200 OK

16 kB

URL GET HTTP/1.1
profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectprofitablegatecpm.com
Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30
ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT

File type
JavaScript source, ASCII text, with very long lines (44120), with no line terminators
Size
16 kB (15839 bytes)
Hash
8d8d79d450e9ec58871e2bc344904343
6b4182bbc8e5fb63b64fb658239c95cdcccdda0f
1b2f69f2f300ad40caed84aeaf6d36de88dec6cbf589cfbe8515097081f69d74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 18:04:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f57fe7294714e9e467361567f91d1144
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

videzz.net/images-newtheme/logo_60.png

78.142.18.54

200 OK

14 kB

URL GET HTTP/2
videzz.net/images-newtheme/logo_60.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced
Size
14 kB (14101 bytes)
Hash
650a7f14495bcd9ed2140ed51d8b9fef
47cb64b0bc23739e4e25e7c1bea6d63e438ebee0
aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 14101
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-3715"
expires: Fri, 24 May 2024 17:55:14 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/ico_signup.png

78.142.18.54

200 OK

1.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/ico_signup.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1094 bytes)
Hash
eb2e533fce6d10e6f1231e3c07aa7e7a
194f55dab0899b59605972b6a0edd85bfd975488
6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 1094
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-446"
expires: Fri, 24 May 2024 17:56:02 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-56DK3TH

142.250.74.168

200 OK

72 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (3287)
Size
72 kB (72232 bytes)
Hash
c74d357a6ac461d773657104c79359ba
97c84bfb44238beabdda4f0e4c67d9786885eecf
c5ae70c126cf47947439e3a209e6b9e28dd88eff89ad73cdcbe802865d159ee5

HTTP Headers

GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 18:04:59 GMT
expires: Wed, 24 Apr 2024 18:04:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

43 kB

URL GET HTTP/2
videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
43 kB (42878 bytes)
Hash
03facc5f5d79c136efb160ebb6947997
08eaceac6159f41201bf3d081ebf6a8110eee6fc
4ea79a7470f1f2560424b0681338c8dcbdd86860f85e4e251539c20a60443f06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1b31b"
expires: Fri, 24 May 2024 17:56:59 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.24.14

200 OK

77 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4841115
expires: Mon, 14 Apr 2025 18:04:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwpxUkXq0Wppt%2FKjWh1R1d0LOJBRXWgK379FooK1K2JkEZlnIBVWt7S14w0QoI9BnWxio1bD12xPF4%2FKUZJhhy5NC0WvsL9LFhH7EbwKIG9YSi001KOOUFvGkWTpELphxUl4z37M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879804d6de9256a8-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 122427
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:41:26 GMT
expires: Fri, 18 Apr 2025 02:41:26 GMT
cache-control: public, max-age=31536000
age: 573813
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.o333o.com/adgpt.js

85.10.205.45

200 OK

820 B

URL GET HTTP/2
s.o333o.com/adgpt.js
IP
85.10.205.45:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subjects.o333o.com
FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46
ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2040), with no line terminators
Size
820 B (820 bytes)
Hash
55f8db8e0ec58b646f0b5425b405fdd0
0c79af1239cafc7ec4783f20b0b886a61daccc09
3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2

tr.7vid.net/api/spots/190873?p=1&s1=202079

135.181.208.216

200 OK

3.4 kB

URL GET HTTP/2
tr.7vid.net/api/spots/190873?p=1&s1=202079
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
gzip compressed data, from Unix
Size
3.4 kB (3389 bytes)
Hash
ed4d8c4582ca0a7cb47260cc08858470
ae8205750db946caa69bc4640a12816de398fb8f
8d37ce673fe7cde2d5ac3e20e94af73521d52312cbb5b7930c500739aba7c5e3

HTTP Headers

GET /api/spots/190873?p=1&s1=202079 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=mdDmRFdPyrwFCq7Cqoji; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/reddit_button.png

78.142.18.54

200 OK

5.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/reddit_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
5.6 kB (5639 bytes)
Hash
e81d26d1620449624337a4d43f931daa
f03bec039b900b6668f56c295b6152f206614347
a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 5639
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-1607"
expires: Fri, 24 May 2024 17:57:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/telergram_button.png

78.142.18.54

200 OK

7.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/telergram_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.1 kB (7130 bytes)
Hash
30c0202bb8d66d562c2f6f74e04cecf5
330d3cb6d6e12800458fb4e711f5ad2669ed6418
5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 7130
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-1bda"
expires: Fri, 24 May 2024 17:58:51 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

60 kB

URL GET HTTP/2
videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
60 kB (59485 bytes)
Hash
0815816e25f140e76f33bc6591cfc34f
f799333192f107a1d8901531a6b1973140ded01f
340d4bcc03249991dcd3c2218e9a71025465aed27dcca91a8398e10f684650bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-29645"
expires: Fri, 24 May 2024 18:04:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

64 kB

URL GET HTTP/2
videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
64 kB (64434 bytes)
Hash
15dcc4d58cd73a8090ded4eff197294d
e9c6f8237bb53dbfe8ddc7f6cc8dae4d37fa8076
4e827a6017534ee4dbcc07cb0ca1ee9ee9a9ccebb88a058c486cbd81dd30c015

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-26cb6"
expires: Fri, 24 May 2024 18:02:05 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/whatsapp_button.png

78.142.18.54

200 OK

9.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/whatsapp_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
9.4 kB (9402 bytes)
Hash
093cb56d9d65dd0ccb57f24eb7444cba
3d862fe04fc38402dfb6e8afcfb9adc526907d54
9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 9402
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-24ba"
expires: Fri, 24 May 2024 18:00:40 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/videojs.stm.5.min.js?0.823362850306037

78.142.18.54

200 OK

9.5 kB

URL GET HTTP/2
videzz.net/js/videojs.stm.5.min.js?0.823362850306037
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
9.5 kB (9515 bytes)
Hash
3c3742424525f2dcd2996c7387f1729e
8fbea52dccbe8c78948240b7320d674c87b53908
b7aac2ab034f1bb93c70169a5146577d9ff7ad29f17f1da9deefb93fedfb6240

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.stm.5.min.js?0.823362850306037 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-1c25"
expires: Fri, 24 May 2024 18:04:58 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2

videzz.net/images-newtheme/locale/spritesheet_25.png

78.142.18.54

200 OK

3.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/locale/spritesheet_25.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3355 bytes)
Hash
f114e74e1fb82ce234e7a2503506e2ac
5adb3ddc13861aa417471710f1ceaca66ef71c74
e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1; file_id=37896572; aff=202079
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 3355
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-d1b"
expires: Fri, 24 May 2024 17:57:17 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 122427
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 122427
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.247.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.247.192:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9bf102268421c57eca2469921df74ac2
b61dae326033b3f13342d25c69e4c98d9d820aad
050bc61bb0d3543ae6a0c79476e15a9255d2bdd2e4d6e3c45e6369cff093dcfd

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=47e6a411-2b7f-4ce7-870d-aeb390970019:2:1; expires=Sat, 22 Apr 2034 18:04:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

200 OK

77 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1862908
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804da6d450b41-OSL
alt-svc: h3=":443"; ma=86400

str37.vidoza.net/i/03/07579/1257pc8b3t79.jpg?v=1713981898

109.202.99.55

200 OK

26 kB

URL GET HTTP/2
str37.vidoza.net/i/03/07579/1257pc8b3t79.jpg?v=1713981898
IP
109.202.99.55:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
JPEG image data, baseline, precision 8, 720x405, components 3
Size
26 kB (25935 bytes)
Hash
9ff3171138168942480b3a6f705bb7e9
340b8676755d3d9e37829d6d35f54b0718b1af7a
310388a08c2377bb608a8cacc79107839122874407f51197f4de7ba91109309c

HTTP Headers

GET /i/03/07579/1257pc8b3t79.jpg?v=1713981898 HTTP/1.1
Host: str37.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: image/jpeg
content-length: 25935
last-modified: Mon, 08 Apr 2024 02:29:24 GMT
etag: "66135684-654f"
expires: Wed, 08 May 2024 18:05:00 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c

142.250.74.168

200 OK

94 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
94 kB (93618 bytes)
Hash
fc5448c23e45852842578773bca5ba97
b247549cbb92f0bbe90f580c91a2cfff37d69df6
cddce53f6a947d55a2d33192ab0d43547680ad2bdf3c109d0bf34846bd8130a9

HTTP Headers

GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 18:05:00 GMT
expires: Wed, 24 Apr 2024 18:05:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

waterfallchequeomnipotent.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js

192.243.61.227

200 OK

31 kB

URL GET HTTP/1.1
waterfallchequeomnipotent.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectwaterfallchequeomnipotent.com
Fingerprint10:02:FD:E1:42:43:0C:C7:37:B0:94:C6:F9:9A:80:1F:38:80:C0:6E
ValidityTue, 23 Apr 2024 10:44:53 GMT - Mon, 22 Jul 2024 10:44:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31060 bytes)
Hash
3f08114695268c191948708824125731
618b9a613f5a1497a2fce3ef6b780d537a6a1f04
907a853601c0416e4c00babb552bf94eddd46133072c04b13ca89a3110d163f9

HTTP Headers

GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: waterfallchequeomnipotent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 18:05:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_new=0; expires=Sat, 27 Apr 2024 18:05:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80995d8253515c83750bf279327bb5a0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.185.247.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.247.192:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9bf102268421c57eca2469921df74ac2
b61dae326033b3f13342d25c69e4c98d9d820aad
050bc61bb0d3543ae6a0c79476e15a9255d2bdd2e4d6e3c45e6369cff093dcfd

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=47e6a411-2b7f-4ce7-870d-aeb390970019:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

104.22.70.197

200 OK

1.5 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3003), with no line terminators
Size
1.5 kB (1453 bytes)
Hash
5f984fdd1d3384220c67422c1f544a95
79c8a48b5fab47972dd69ce7dfd08cee895006b5
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9SlRo17%2FEYYEY7TY5VUBa2G0luclF%2Fi9mKP9JIoxaGyg9HDTkx2QKGyXUgtsqVrmCpVypdr9QFZX1ju19YZtHnDUhdiuj6G3zHqk6iKvpR1qlQKK8BqoVYJrA9%2B5qfHIQrYZfty"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10249
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804d3ecec92ce-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=19970008.1713981900&gtm=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1776495774

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=19970008.1713981900&gtm=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1776495774
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D
ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=19970008.1713981900&gtm=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1776495774 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 18:05:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

evaluateuncanny.com/pixel/purst?dl=0&th=0&sc=0&rs=2239&rd=2239&fd=821&bv=24.4.4887&tmpl=136

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
evaluateuncanny.com/pixel/purst?dl=0&th=0&sc=0&rs=2239&rd=2239&fd=821&bv=24.4.4887&tmpl=136
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectevaluateuncanny.com
FingerprintFA:C8:EC:09:73:C4:B6:E0:EA:76:F1:B4:A3:6D:0D:97:11:91:64:CC
ValidityTue, 23 Apr 2024 10:54:45 GMT - Mon, 22 Jul 2024 10:54:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2239&rd=2239&fd=821&bv=24.4.4887&tmpl=136 HTTP/1.1
Host: evaluateuncanny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 18:05:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44m0v9104348843za200&_p=1713981899150&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=19970008.1713981900&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713981900&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&dt=Watch%2069484%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2290

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44m0v9104348843za200&_p=1713981899150&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=19970008.1713981900&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713981900&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&dt=Watch%2069484%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2290
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44m0v9104348843za200&_p=1713981899150&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=19970008.1713981900&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713981900&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&dt=Watch%2069484%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2290 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 24 Apr 2024 18:05:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.247.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.247.192:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9bf102268421c57eca2469921df74ac2
b61dae326033b3f13342d25c69e4c98d9d820aad
050bc61bb0d3543ae6a0c79476e15a9255d2bdd2e4d6e3c45e6369cff093dcfd

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=47e6a411-2b7f-4ce7-870d-aeb390970019:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.247.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.247.192:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9bf102268421c57eca2469921df74ac2
b61dae326033b3f13342d25c69e4c98d9d820aad
050bc61bb0d3543ae6a0c79476e15a9255d2bdd2e4d6e3c45e6369cff093dcfd

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=47e6a411-2b7f-4ce7-870d-aeb390970019:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

146 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
146 B (146 bytes)
Hash
f43a9f52bdd16907856bcccdc018b8c9
260324361bf19dc2ea4982f6fd312f9c8d5039cc
0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhGwx%2F%2FhqLHC9XWOd7xyvSmW2bUJJ1uwPpEuq2W%2BrZD%2BGPoX3MVQfvoLWJBgROCsNB6CBWGRTclFiE5JCr5%2F28FB%2Fg%2FySfKoubtvni64ZnlsxIJpd5UrqsbG0iX4XuxlKZzYzek5mJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d7ae795694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

bid.bidclickmedia.com/sub/e6yMnW6

172.67.205.77

200 OK

782 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/e6yMnW6
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
782 B (782 bytes)
Hash
3e4f8d950f382330e0d32f9aa59bb11b
0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d
25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958

HTTP Headers

GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEz%2BwQmnQBx%2FX1G8BeSzpFV%2FyCYIpxncHyQVP2ZXl%2Fkl41Djm%2BqFvIJD8fp3N2M3GNzsclOeAXUip3ufhnerR2OKlX9LPREY5C8G9ry3j1e9Cb%2FDK1uG8I9pr1dVm1XjexdAs7Bvers%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d8c8c45694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tfosrv.com/show_std.php?id_site=13101&id_channel=60771&uf=true

216.18.168.29

302 Found

0 B

URL GET HTTP/1.1
tfosrv.com/show_std.php?id_site=13101&id_channel=60771&uf=true
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /show_std.php?id_site=13101&id_channel=60771&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Wed, 24 Apr 2024 18:05:01 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=60771&id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5&site_id=13101&uuid=38064470-f17e-4c0b-b02d-6c648d1ba58f
set-cookie: sppc_uuid=f81830e5-28d7-4ecb-8f58-cb4191ca5e84; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

tfosrv.com/impression.php?channel_id=60771&id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5&site_id=13101&uuid=38064470-f17e-4c0b-b02d-6c648d1ba58f

216.18.168.29

302 Found

0 B

URL GET HTTP/1.1
tfosrv.com/impression.php?channel_id=60771&id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5&site_id=13101&uuid=38064470-f17e-4c0b-b02d-6c648d1ba58f
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impression.php?channel_id=60771&id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5&site_id=13101&uuid=38064470-f17e-4c0b-b02d-6c648d1ba58f HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=f81830e5-28d7-4ecb-8f58-cb4191ca5e84
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Wed, 24 Apr 2024 18:05:01 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5
set-cookie: sppc_uuid=38064470-f17e-4c0b-b02d-6c648d1ba58f; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

trafforsrv.com/click.php?id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5

216.18.168.28

302 Found

0 B

URL GET HTTP/1.1
trafforsrv.com/click.php?id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5
IP
216.18.168.28:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.trafforsrv.com
FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00
ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?id=b0496dda-931d-4b24-aa35-95b99ffa07d7%3A1fdeb6b2-918d-4806-88ec-4ea9f78901c5 HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Wed, 24 Apr 2024 18:05:01 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=a45f1c19-0680-4cff-b64a-6a900b27bd60; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

s.pemsrv.com/splash.php?idzone=5040978&type=8

95.211.229.246

200 OK

478 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F
ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT

File type
HTML document, ASCII text, with very long lines (717)
Size
478 B (478 bytes)
Hash
0a0facbef164c9e58f80ef97a1a0827e
11213522b288f0683c8f640b87b1e4e246ad8030
8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf

HTTP Headers

GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662949cd9339d4.430091723981808543%22%3B%7D; expires=Fri, 24 Apr 2026 18:05:01 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

unseenreport.com/pxf.gif?uuid=47e6a411-2b7f-4ce7-870d-aeb390970019&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=47e6a411-2b7f-4ce7-870d-aeb390970019&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=47e6a411-2b7f-4ce7-870d-aeb390970019&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90594fdc52420d13d20cf7bf376e61c0
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=47e6a411-2b7f-4ce7-870d-aeb390970019&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=47e6a411-2b7f-4ce7-870d-aeb390970019&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=47e6a411-2b7f-4ce7-870d-aeb390970019&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 04b6e6a06c801a046ebff75bbacc1e6e
Strict-Transport-Security: max-age=0; includeSubdomains

static.addtoany.com/menu/svg/icons/whatsapp.js

104.22.70.197

200 OK

965 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1108), with no line terminators
Size
965 B (965 bytes)
Hash
0e8b3ac6bda5451ff39c5ecd6d7b3873
fb477a11167000a30e45369e686ec43dd62d026b
c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYrsgubd1QERqKDZJSE7ywoyVEYDX%2FUfqwie1zhk5KCK0AsBFZbUIonNn3S9IyOwGLwQWgaN%2Fd9OWmOzJ%2FaVsfev%2BWgkpeYn4BgDHXkT06Lv0gWn%2BR631l%2Bb6sp5koPXRKLYRTPm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db4aaa92fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1362x764&iframe=1

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1362x764&iframe=1
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F
ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1362x764&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662949cd9339d4.430091723981808543%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662949cd9339d4.430091723981808543%22%3B%7D; expires=Fri, 24 Apr 2026 18:05:01 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C662949cd9339d4.430091723981808543%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1713981901%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C3988b023888651c449ac98b46d8b90c4%7Cok%22%7D; expires=Tue, 23 Jul 2024 18:05:01 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnupu12uoou2pjpollumsnoutmtltqpodrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUXWzXSzOc6V0rpXSuldK6V0rpXSuoutt0lnotttrqm1ppuz1ut0pr2t0ul1pcH2A
Accept-CH: 
X-Robots-Tag: noindex, follow

xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

static.addtoany.com/menu/svg/icons/viber.js

104.22.70.197

200 OK

1.2 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/viber.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1003), with no line terminators
Size
1.2 kB (1240 bytes)
Hash
aeffbbeba6dd343b89fdc22cdf23f8c8
7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7
c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee

HTTP Headers

GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CohOZeOb1xMSZ%2BHTUsfImZLbvEqa4vkKVJ1bSdKkcq99if2hWa%2FX%2B2IKUGa0Khmu1oNHn55RePDGaGgk7mtdV7niwHMHX40wQicF7lQ%2FDVFidd4m1GM%2F8gZ2ykiP33rwQNp%2BvyvW"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db4aa292fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

allvideometrika.com/f.php?sid=212515

104.21.83.61

200 OK

372 B

URL GET HTTP/2
allvideometrika.com/f.php?sid=212515
IP
104.21.83.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectallvideometrika.com
Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13
ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT

File type
HTML document, ASCII text
Size
372 B (372 bytes)
Hash
5bfc14a49c32037cbd65d1e913481db6
ff636c9f0bf7e4c1630b13e7b47c7288ff8a27b3
594bc701da230119241ffee60b7e36e4096f95cd54fc7e0ab0b4b8bfb9153a41

HTTP Headers

GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJihPtf3MDEORaeQyn4EPx85zSVqGFTNxCWHxyRMaOPnw0URoaQmXTheb6xOmS2QZn1p85rMzYfspNAEp26nxDePquNr58K8AIcfaQCoxiJX1UIddvE65YcDStw27bXJ%2FLgn%2FpjW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804dc2f53b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 18:05:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/

bid.bidclickmedia.com/sub/e6yMnW6

172.67.205.77

200 OK

148 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/e6yMnW6
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
148 B (148 bytes)
Hash
3e4f8d950f382330e0d32f9aa59bb11b
0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d
25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958

HTTP Headers

GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZyDQPvdpfTF%2FUY2Yj9Ol0scRzuhQbQIA6wERcsLpHpn6Ns8lNB8uL9dLXi7R8cw1Lh%2F2%2BeVwXLUG4lG%2BX4YgoEVZuXx5NqMKROETVWit4Xj%2BRDvzWR46SUxcn8pDgHLTL5A%2FokupVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d86fec5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

animewatch.onionlive.workers.dev/

104.21.9.35

200 OK

71 kB

URL GET HTTP/2
animewatch.onionlive.workers.dev/
IP
104.21.9.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectonionlive.workers.dev
Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F
ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT

File type
HTML document, ASCII text, with very long lines (1024)
Size
71 kB (70771 bytes)
Hash
c1cf85ad1b6580cae5442d258a41bae7
ad01dec3f302168d9588375fc9b4185dc45c4625
439248132cde8803370dcb8e3bf0fa5737032e4e5dffe7812d911d32735eacee

HTTP Headers

GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:02 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jekLk8MGag256JoW8rBRE0jC9s9NBXW6KGMR0YR4Cerzlnb0A52ym6TlpUx7eBkb9fQTmYe8%2FiyGIwX1JaKUzUoNUYsN1PUOmAXqCG6xwxOAcTnDtkbEdap1DqtcOA0D07Xu8t9zAnGXOk0kSe3XKp2xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804e83b2eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK

142.250.74.168

102 kB

URL
www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
102 kB (101573 bytes)
Hash
464c17ba3f7b98a135d86e002ca98b19
9bd4ff801a84472b45a3d2fd5487b451f91f7f5e
1f0b3f076f965c3df0a9746094d93e9bd385c5ec48eeafe838789ae733262456

HTTP Headers

GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 18:05:02 GMT
expires: Wed, 24 Apr 2024 18:05:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101573
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

zv.7vid.net/api/spots/70101?s1=202079&v2=1&fill=0&kw=69484%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e

135.181.208.216

200 OK

806 B

URL GET HTTP/2
zv.7vid.net/api/spots/70101?s1=202079&v2=1&fill=0&kw=69484%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subject1111.spinna.online
FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED
ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT

File type
gzip compressed data, from Unix
Size
806 B (806 bytes)
Hash
e771b570b1ebfc6469f9f161e1d66006
3a581c162c7deb9754da5838c35a4d9a7fbc87d9
c0e6cdf46894768b18a35ff8f895eb3cdb6e7c53849f4c1f62515f521b7e2ae9

HTTP Headers

GET /api/spots/70101?s1=202079&v2=1&fill=0&kw=69484%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=VU8F4ecAlGTKMNAHTw5w; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

xmlclick.adokutrtb.com/nrtb/click?bid=m4xuHUghvUPzRoqLxXhTml8VE-ecZiXjYBiy6f4uWHTIbI-yw_iyIlxRYEz58Mou_0_5

23.226.122.79

302 Found

74 B

URL GET HTTP/2
xmlclick.adokutrtb.com/nrtb/click?bid=m4xuHUghvUPzRoqLxXhTml8VE-ecZiXjYBiy6f4uWHTIbI-yw_iyIlxRYEz58Mou_0_5
IP
23.226.122.79:443
ASN
#29802 HVC-AS

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerUnizeto Technologies S.A.
Subject*.adokutrtb.com
FingerprintFE:8D:59:6C:AC:C6:8C:40:28:AE:A4:B8:B8:6C:4B:B0:1F:1D:1E:AC
ValidityTue, 19 Mar 2024 12:12:32 GMT - Wed, 19 Mar 2025 12:12:31 GMT

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
a7e52d1f9dbaf87528ae682de62b9b40
2977874f5574f17ecaf5135ac15dc19782a60d68
2f290c9ac5d94c1b37172debad3b15c2eb1cbe5648fa6bfba464a5245884d16e

HTTP Headers

GET /nrtb/click?bid=m4xuHUghvUPzRoqLxXhTml8VE-ecZiXjYBiy6f4uWHTIbI-yw_iyIlxRYEz58Mou_0_5 HTTP/1.1
Host: xmlclick.adokutrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:05:02 GMT
content-type: text/html; charset=utf-8
content-length: 74
location: https://xml-v4.adcannyxml.com/click?i=6aY*oj21si8_0
X-Firefox-Spdy: h2

tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079

135.181.208.216

200 OK

565 B

URL GET HTTP/2
tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
gzip compressed data, from Unix
Size
565 B (565 bytes)
Hash
b6e86378ad226a129420b2f51f5eb092
893f955c8e65ff6072fbe40863ed2bc091dccc65
e418bf285109453a624fdf38553c6de1a7203b33c7638c2c0acc3c13722c3008

HTTP Headers

GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=mdDmRFdPyrwFCq7Cqoji
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:05:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c

142.250.74.168

93 kB

URL
www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
93 kB (92942 bytes)
Hash
176ca445cd43cda305d549d2af1112e8
900981a466258e883c38558a51a0ead72f8839a2
4005f47c716bc5e32ee9b57b3e298c6de800ddf30d5a08813500d9601a785a16

HTTP Headers

GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 18:05:02 GMT
expires: Wed, 24 Apr 2024 18:05:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92942
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c

142.250.74.168

100 kB

URL
www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
100 kB (100486 bytes)
Hash
b7499a488aff4778775689f1a08bd6ca
fffdd7b0d827d2692eeaa9a9fcdf446b9d80eae3
b0f42a6f487c5f0d1c9c992480a4647bf2be47fd74f5bb3a6b284925ac07111a

HTTP Headers

GET /gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 18:05:02 GMT
expires: Wed, 24 Apr 2024 18:05:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100486
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

impactserving.com/Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_41bc995f-4efc-45a3-8020-ae89b44bc7a7&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=xoMiqaVIhNfViNoAzbb7BoVSNqN6yb2gzWUfrrcbZk1i3aJYRGfBqkb1rsF41OY1NkQ2ojM2WCmajKajgXcJzB4rGPQ5vL43T4MCx0rtsFItMOV6PY9-MFkxAdpBGIyV0I-mafZ8rBoHcUz16658UIng-WUW42oi0t_ZWFQb5aQiWez0eU13QrvBifmMI4qKTgmU5JA8l2kv8ZhzY_oYvh7hosBjfMrpMKMT4haEOW-A0DE93I1Hz6X1wA49XD-x5Evdr4yvQJTXzuW7j9wvj79gn09dXQbC8A4D3HJNcOZnbRGcLkAawLWFD6gQl8RSo5qGEw2Am73T1q0e3SnXlIAqSUt0XeQc1SuSvep0HuHb6MnU4RabPWxclwjeNKnx0rGylrbdNtEQBX0okLTqXnyPaAoXOLBAoGV1tMAQ18nLqKlBuo21JtWBpER4Mboi0p4lI0NeUKuKnku-L94dAlOgdoaJ9UaWuJyLC2iPk2SAwq8zoQUqIcB3TkkOyxN6Fggu48MKtKMFmhQwtMfbB4rBUk7VBImOUzBykYj216UMrfQdiRLrq02wPXb_9sG8HXJ4HNzsbStgu5iRBlQlslZqpf0KzKOGPHCkYVMQj1HeJ-JIVdwdkztc9lhENfFitRfrtrkZcwJbZUGeFG1ZByfa2djYQ-XFGtkkYcGskgrgIE90NVGFkpZMYh6ORQvoIigGAPzO26VkengRk41AYN9WNNAk1BH1vajFWwYgcaOf6jSjOsvgetHkYBCfdNc36Sz3oWhaEWn4ALDCs85EhHaZ5lop5sTJh4hXli_cIqZ-spt68DPnXZc40BXMTTuJVL-AxLYzcpisTXnJDPi0hGUUpt__N-_X_VCa8pvmh7LbKz_1Q7hp5t7EBYKqQv8yzSBVX96xUOkgb9gfvDlGEaSqVVhYAVM288mAnOgfWQSBUaWnTAMyQD7sXlYcK_PKueVSzUlksT3pHXzkOPKwG_4Fa48cCaI6KwmWrh0MJKM1&kw=&mw=1024&mh=768&xml=1&at=

104.16.79.217

200 OK

91 kB

URL GET HTTP/2
impactserving.com/Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_41bc995f-4efc-45a3-8020-ae89b44bc7a7&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=xoMiqaVIhNfViNoAzbb7BoVSNqN6yb2gzWUfrrcbZk1i3aJYRGfBqkb1rsF41OY1NkQ2ojM2WCmajKajgXcJzB4rGPQ5vL43T4MCx0rtsFItMOV6PY9-MFkxAdpBGIyV0I-mafZ8rBoHcUz16658UIng-WUW42oi0t_ZWFQb5aQiWez0eU13QrvBifmMI4qKTgmU5JA8l2kv8ZhzY_oYvh7hosBjfMrpMKMT4haEOW-A0DE93I1Hz6X1wA49XD-x5Evdr4yvQJTXzuW7j9wvj79gn09dXQbC8A4D3HJNcOZnbRGcLkAawLWFD6gQl8RSo5qGEw2Am73T1q0e3SnXlIAqSUt0XeQc1SuSvep0HuHb6MnU4RabPWxclwjeNKnx0rGylrbdNtEQBX0okLTqXnyPaAoXOLBAoGV1tMAQ18nLqKlBuo21JtWBpER4Mboi0p4lI0NeUKuKnku-L94dAlOgdoaJ9UaWuJyLC2iPk2SAwq8zoQUqIcB3TkkOyxN6Fggu48MKtKMFmhQwtMfbB4rBUk7VBImOUzBykYj216UMrfQdiRLrq02wPXb_9sG8HXJ4HNzsbStgu5iRBlQlslZqpf0KzKOGPHCkYVMQj1HeJ-JIVdwdkztc9lhENfFitRfrtrkZcwJbZUGeFG1ZByfa2djYQ-XFGtkkYcGskgrgIE90NVGFkpZMYh6ORQvoIigGAPzO26VkengRk41AYN9WNNAk1BH1vajFWwYgcaOf6jSjOsvgetHkYBCfdNc36Sz3oWhaEWn4ALDCs85EhHaZ5lop5sTJh4hXli_cIqZ-spt68DPnXZc40BXMTTuJVL-AxLYzcpisTXnJDPi0hGUUpt__N-_X_VCa8pvmh7LbKz_1Q7hp5t7EBYKqQv8yzSBVX96xUOkgb9gfvDlGEaSqVVhYAVM288mAnOgfWQSBUaWnTAMyQD7sXlYcK_PKueVSzUlksT3pHXzkOPKwG_4Fa48cCaI6KwmWrh0MJKM1&kw=&mw=1024&mh=768&xml=1&at=
IP
104.16.79.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectimpactserving.com
FingerprintD9:04:86:A2:90:A6:8B:E0:A8:02:17:F0:5F:E9:A4:20:80:AB:F4:F8
ValiditySun, 10 Mar 2024 00:37:12 GMT - Sat, 08 Jun 2024 00:37:11 GMT

File type
gzip compressed data, from Unix
Size
91 kB (91240 bytes)
Hash
cc4a008fcbca27c547e2d51a8c7dd73a
a2549433fce9af9a0204e41f13ada5e4112688b0
f455a2c035c6abf687a13ae8dd9e95ea1cd5592803180120d7e7c38665b1fb9b

HTTP Headers

GET /Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_41bc995f-4efc-45a3-8020-ae89b44bc7a7&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=xoMiqaVIhNfViNoAzbb7BoVSNqN6yb2gzWUfrrcbZk1i3aJYRGfBqkb1rsF41OY1NkQ2ojM2WCmajKajgXcJzB4rGPQ5vL43T4MCx0rtsFItMOV6PY9-MFkxAdpBGIyV0I-mafZ8rBoHcUz16658UIng-WUW42oi0t_ZWFQb5aQiWez0eU13QrvBifmMI4qKTgmU5JA8l2kv8ZhzY_oYvh7hosBjfMrpMKMT4haEOW-A0DE93I1Hz6X1wA49XD-x5Evdr4yvQJTXzuW7j9wvj79gn09dXQbC8A4D3HJNcOZnbRGcLkAawLWFD6gQl8RSo5qGEw2Am73T1q0e3SnXlIAqSUt0XeQc1SuSvep0HuHb6MnU4RabPWxclwjeNKnx0rGylrbdNtEQBX0okLTqXnyPaAoXOLBAoGV1tMAQ18nLqKlBuo21JtWBpER4Mboi0p4lI0NeUKuKnku-L94dAlOgdoaJ9UaWuJyLC2iPk2SAwq8zoQUqIcB3TkkOyxN6Fggu48MKtKMFmhQwtMfbB4rBUk7VBImOUzBykYj216UMrfQdiRLrq02wPXb_9sG8HXJ4HNzsbStgu5iRBlQlslZqpf0KzKOGPHCkYVMQj1HeJ-JIVdwdkztc9lhENfFitRfrtrkZcwJbZUGeFG1ZByfa2djYQ-XFGtkkYcGskgrgIE90NVGFkpZMYh6ORQvoIigGAPzO26VkengRk41AYN9WNNAk1BH1vajFWwYgcaOf6jSjOsvgetHkYBCfdNc36Sz3oWhaEWn4ALDCs85EhHaZ5lop5sTJh4hXli_cIqZ-spt68DPnXZc40BXMTTuJVL-AxLYzcpisTXnJDPi0hGUUpt__N-_X_VCa8pvmh7LbKz_1Q7hp5t7EBYKqQv8yzSBVX96xUOkgb9gfvDlGEaSqVVhYAVM288mAnOgfWQSBUaWnTAMyQD7sXlYcK_PKueVSzUlksT3pHXzkOPKwG_4Fa48cCaI6KwmWrh0MJKM1&kw=&mw=1024&mh=768&xml=1&at= HTTP/1.1
Host: impactserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=2f467166-7310-4284-a0e4-5338a3459895; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure
ISSH=72DC79; path=/; SameSite=None; secure
VMI=2fccffa5-1da7-4c5a-b9e5-84adb9826e88; path=/; SameSite=None; secure
IPLH=#{"64257":[{"SId":"72DC79","D":"24/4/24T11:5:2"}]}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[64257]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Wed, 24-Apr-2024 22:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#1/1/0001 12:00:00 AM; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure
IOPT=#[]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"60545":[{"SId":"72DC79","D":"24/4/24T11:5:2"}]}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[60545]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"83447":[{"SId":"72DC79","D":"24/4/24T11:5:2"}]}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[83447]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"14866":[{"SId":"72DC79","D":"24/4/24T11:5:2"}]}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[14866]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"36016":[{"SId":"72DC79","D":"24/4/24T11:5:2"}]}; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[36016]; expires=Mon, 24-Apr-2034 18:05:02 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879804e66b0ab4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.krkstrk.com/?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&targetDomain=cambaddies.com&memberId=a9545359-6036-4e08-b8cb-6d59bc2083eb&sourceId=14866&p1=64257&p2=83447&p3=36016&no_bb=1

104.18.40.50

302 Found

0 B

URL GET HTTP/2
go.krkstrk.com/?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&targetDomain=cambaddies.com&memberId=a9545359-6036-4e08-b8cb-6d59bc2083eb&sourceId=14866&p1=64257&p2=83447&p3=36016&no_bb=1
IP
104.18.40.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectkrkstrk.com
FingerprintC9:DC:BE:3E:9E:88:AA:F1:DF:82:1D:2D:E9:89:A7:11:6B:B4:64:65
ValidityMon, 25 Mar 2024 16:51:34 GMT - Sun, 23 Jun 2024 16:51:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&targetDomain=cambaddies.com&memberId=a9545359-6036-4e08-b8cb-6d59bc2083eb&sourceId=14866&p1=64257&p2=83447&p3=36016&no_bb=1 HTTP/1.1
Host: go.krkstrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://impactserving.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 24 Apr 2024 18:05:02 GMT
content-length: 0
location: https://cambaddies.com/?affiliateId=240424ycghzg305h0cjyvctmwftnh90qd9rvi5bf26u6kaejoijw3j61sntnm5eo&no_bb=1&p1=64257&p2=83447&p3=36016&realDomain=go.krkstrk.com&referrer=https%3A%2F%2Fimpactserving.com%2F&sourceId=14866&stripbotVariation=NullWidget&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: stripbotVariationName-StripcashTest16=NullWidget; Path=/; Domain=go.krkstrk.com; Expires=Fri, 24 May 2024 18:05:02 GMT; Max-Age=2592000; Secure; SameSite=None
__cflb=02DiuDFRFiBZBvMSLtrth8k2gcTaYMvv7JKZynQUHTetL; SameSite=None; Secure; path=/; expires=Thu, 25-Apr-24 18:05:02 GMT; HttpOnly
server: cloudflare
cf-ray: 879804eac97b569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

172.67.205.77

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2OcX53Mf2vYmIzHQjNVxpKiGgkXz4bZvvb9ZguyJ692G02aIBwpoJJko%2FPpT%2F8CggRiv5tcuvxNXBriuZnLDz6lhfC1%2FkLeTmBi0eomQiw1F3Zr%2BqTLdX%2BrfDuEwHYWx0QhNLza5%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804dd1c501c0a-OSL
alt-svc: h3=":443"; ma=86400

xml-v4.adcannyxml.com/click?i=6aY*oj21si8_0

174.137.133.18

200 OK

0 B

URL GET HTTP/1.1
xml-v4.adcannyxml.com/click?i=6aY*oj21si8_0
IP
174.137.133.18:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerUnizeto Technologies S.A.
Subject*.adcannyxml.com
Fingerprint94:3C:B1:37:BD:FA:9C:E1:1E:F4:57:BB:30:0F:66:33:53:31:41:24
ValidityMon, 18 Mar 2024 07:29:56 GMT - Tue, 18 Mar 2025 07:29:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=6aY*oj21si8_0 HTTP/1.1
Host: xml-v4.adcannyxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

assets.strpst.com/assets/icons/headerlogo_cambaddies.com.png?v=c354189e

104.17.10.106

3.0 kB

URL
assets.strpst.com/assets/icons/headerlogo_cambaddies.com.png?v=c354189e
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 64, 8-bit gray+alpha, non-interlaced
Size
3.0 kB (3006 bytes)
Hash
c354189e2b3e32845629f590d0b281ab
ae2ac05927969608847c0e9d4c3b5223a434f4ae
0f76673d8253aa5f70b2a698106f7c327d8b525d735b4ce7b33c46ec3587ef0e

HTTP Headers

GET /assets/icons/headerlogo_cambaddies.com.png?v=c354189e HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/png
content-length: 3006
last-modified: Wed, 17 Apr 2024 14:45:24 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 130561
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804eddd0f712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.strpst.com/assets/icons/footerlogo_cambaddies.com.png?v=c354189e

104.17.10.106

3.0 kB

URL
assets.strpst.com/assets/icons/footerlogo_cambaddies.com.png?v=c354189e
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 64, 8-bit gray+alpha, non-interlaced
Size
3.0 kB (3006 bytes)
Hash
c354189e2b3e32845629f590d0b281ab
ae2ac05927969608847c0e9d4c3b5223a434f4ae
0f76673d8253aa5f70b2a698106f7c327d8b525d735b4ce7b33c46ec3587ef0e

HTTP Headers

GET /assets/icons/footerlogo_cambaddies.com.png?v=c354189e HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/png
content-length: 3006
last-modified: Wed, 17 Apr 2024 14:38:12 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 307412
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804ee0d4f712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.strpst.com/assets/common/images/static-icons/asacp.png

104.17.10.106

4.4 kB

URL
assets.strpst.com/assets/common/images/static-icons/asacp.png
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 194, 8-bit colormap, non-interlaced
Size
4.4 kB (4423 bytes)
Hash
477ecd73f289c3de76dbb0fc3d878c2a
69fec0b1ab15259a5f545c2d40a81ea92670a6b1
20e704f9482dfc41800402f2ff98624e838dac164eccb118e89b3a02e6bc0eee

HTTP Headers

GET /assets/common/images/static-icons/asacp.png HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/png
content-length: 4423
last-modified: Wed, 17 Apr 2024 14:36:37 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 198529
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804ee1d59712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cambaddies.com/?affiliateId=240424ycghzg305h0cjyvctmwftnh90qd9rvi5bf26u6kaejoijw3j61sntnm5eo&no_bb=1&p1=64257&p2=83447&p3=36016&realDomain=go.krkstrk.com&referrer=https%3A%2F%2Fimpactserving.com%2F&sourceId=14866&stripbotVariation=NullWidget&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d

185.98.55.81

200 OK

144 kB

URL GET HTTP/2
cambaddies.com/?affiliateId=240424ycghzg305h0cjyvctmwftnh90qd9rvi5bf26u6kaejoijw3j61sntnm5eo&no_bb=1&p1=64257&p2=83447&p3=36016&realDomain=go.krkstrk.com&referrer=https%3A%2F%2Fimpactserving.com%2F&sourceId=14866&stripbotVariation=NullWidget&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d
IP
185.98.55.81:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectcambaddies.com
Fingerprint73:1B:2D:D7:C4:F8:D6:1F:6D:16:B4:91:DC:16:02:A2:6F:CE:0C:7A
ValidityWed, 17 Apr 2024 06:52:14 GMT - Tue, 16 Jul 2024 06:52:13 GMT

File type
gzip compressed data, max speed, from Unix
Size
144 kB (143455 bytes)
Hash
f5ae1daadc050efd52b66331192390e3
db9d5c9598d09a9845f7bda087d841cb494f32f3
252fb721281b3844b3908466bb7d109ec7eda05d0b7745924de9ed577eed7943

HTTP Headers

GET /?affiliateId=240424ycghzg305h0cjyvctmwftnh90qd9rvi5bf26u6kaejoijw3j61sntnm5eo&no_bb=1&p1=64257&p2=83447&p3=36016&realDomain=go.krkstrk.com&referrer=https%3A%2F%2Fimpactserving.com%2F&sourceId=14866&stripbotVariation=NullWidget&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d HTTP/1.1
Host: cambaddies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://impactserving.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
alt-svc: h3=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 18:05:02 GMT
rate-limit: enabled-site-config
set-cookie: ABTest_ab_top_free_pick_v2_key=A_179; path=/; domain=cambaddies.com; expires=Thu, 24 Apr 2025 00:00:00 GMT
ABTest_ab_ultimate_packages_on_buy_tokens_key=C_179; path=/; domain=cambaddies.com; expires=Thu, 24 Apr 2025 00:00:00 GMT
ABTest_ab_wiz_id_v4_key=A_179; path=/; domain=cambaddies.com; expires=Thu, 24 Apr 2025 00:00:00 GMT
x-backend: juliett-wl-ssr-application-66f75776cd-h6kwp, sc-wl-fw
x-branch: master
x-cache-status: MISS
x-ssr-cache-status: HIT
X-Firefox-Spdy: h2

assets.strpst.com/assets/common/images/static-icons/rta-logo.png

104.17.10.106

3.8 kB

URL
assets.strpst.com/assets/common/images/static-icons/rta-logo.png
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 233, 4-bit colormap, non-interlaced
Size
3.8 kB (3837 bytes)
Hash
0c93b514475809d2298991cc32188c6e
353b648b5f454b529ab9c65932771b9e2426ac3e
d73adf0bc30f1b5a2d00f8c690f51df4219c585b26f97ce4360d9dceebf8feb6

HTTP Headers

GET /assets/common/images/static-icons/rta-logo.png HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/png
content-length: 3837
last-modified: Wed, 17 Apr 2024 14:36:37 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 134136
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804ee1d53712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.strpst.com/assets/common/images/static-icons/pineapple-support.png

104.17.10.106

7.5 kB

URL
assets.strpst.com/assets/common/images/static-icons/pineapple-support.png
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced
Size
7.5 kB (7502 bytes)
Hash
f73b457829f581ebc0354b46384db241
127d15cd0ed9e3d362f3b8d293aeb47a859a8c15
eee223f89d84efe2dead1f95924cfb85daf12d30a9952a73123e4f110d3b8088

HTTP Headers

GET /assets/common/images/static-icons/pineapple-support.png HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/png
content-length: 7502
last-modified: Wed, 17 Apr 2024 14:36:37 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 479967
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804ee2d61712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml-v4.onemediawork.com/click?i=IMdutEHwvtY_0

173.239.53.20

302 Found

0 B

URL GET HTTP/1.1
xml-v4.onemediawork.com/click?i=IMdutEHwvtY_0
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectonemediawork.com
Fingerprint66:01:8B:AA:C3:B8:76:8F:0A:00:4A:E2:91:90:E8:06:29:B2:08:FD
ValidityFri, 23 Feb 2024 07:39:53 GMT - Thu, 23 May 2024 07:39:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=IMdutEHwvtY_0 HTTP/1.1
Host: xml-v4.onemediawork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 18:05:03 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568190&siteid=639576&cost=0.0006&conversion=2UwmO3T7tY0

img.strpst.com/thumbs/1713981720/71421307_webp

104.17.11.106

7.1 kB

URL
img.strpst.com/thumbs/1713981720/71421307_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.1 kB (7136 bytes)
Hash
2f8a6856380da39c2bf4c58ef44ce475
25ef6888a29c01e543b017b8637c3c0c61b16635
ddf889d79ab48242e3b419f03401d5505a0bba29589b08809b43744747781cc9

HTTP Headers

GET /thumbs/1713981720/71421307_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/webp
content-length: 7136
etag: "2f8a6856380da39c2bf4c58ef44ce475"
last-modified: Wed, 24 Apr 2024 18:01:44 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 166
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804ee58bf569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.strpst.com/assets/common/images/static-icons/agreement.png

104.17.10.106

1.5 kB

URL
assets.strpst.com/assets/common/images/static-icons/agreement.png
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Size
1.5 kB (1466 bytes)
Hash
222ef114224a0757669c2a6cb946db00
7da33c2d96d2ba802fedb2e0153bee06904738fb
788b57b39ff8ed7fd1f1b4983f21c6f73267b537e711e21a73bcfdf112b643b9

HTTP Headers

GET /assets/common/images/static-icons/agreement.png HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/png
content-length: 1466
last-modified: Wed, 17 Apr 2024 14:36:37 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 57462
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804ee9aed5694-OSL
alt-svc: h3=":443"; ma=86400

hoddlegamey.com/itLmTlMrHisAt/67652

23.109.170.77

200 OK

61 B

URL GET HTTP/1.1
hoddlegamey.com/itLmTlMrHisAt/67652
IP
23.109.170.77:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecthoddlegamey.com
Fingerprint07:BD:B4:24:F4:70:EB:F5:60:F8:9F:61:E8:65:29:7E:9B:54:8C:D2
ValidityMon, 22 Apr 2024 23:02:12 GMT - Sun, 21 Jul 2024 23:02:11 GMT

File type
HTML document, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
86733bb66fb84b851592d733e51f0cbd
42eaf19a5ca195667a9212b0ea3557eee76954a8
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 18:05:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 18:05:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

img.strpst.com/blurred/1713981720/71421307_webp

104.17.11.106

1.9 kB

URL
img.strpst.com/blurred/1713981720/71421307_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.9 kB (1914 bytes)
Hash
63b2ddc710ca4e157320376f1262f8ee
0ae20b188bba5469ff4ef81f43c5a59783cd88f9
3d06b5a0f9daba1dc28235b796b5cd406bb150d93a3c2f9f1f091f602e8e716d

HTTP Headers

GET /blurred/1713981720/71421307_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/webp
content-length: 1914
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:02:03 GMT
vary: Accept, Accept-Encoding
x-request-id: A_gvwyFjOERvWFzsuNgAN
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:02:02 GMT
cf-cache-status: HIT
age: 166
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f3ce580b55-OSL
alt-svc: h3=":443"; ma=86400

assets.strpst.com/assets/svg-icons/bunny-mask.json?53f7e7f2

104.17.10.106

664 B

URL
assets.strpst.com/assets/svg-icons/bunny-mask.json?53f7e7f2
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
664 B (664 bytes)
Hash
612b7c029b80770a0b9f3cd945a91b5b
80a1535a114435ae567dc366d847d9cc3dfa7798
833561e0ed1dce6e410cb24ea4598ba36346301c38272725e31a5830d5566a9b

HTTP Headers

GET /assets/svg-icons/bunny-mask.json?53f7e7f2 HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cambaddies.com/
Origin: https://cambaddies.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: application/json
last-modified: Wed, 24 Apr 2024 14:07:16 GMT
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879804efaca65694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tgp1.brazzersnetwork.com/_p1cdn/tour/atlaslib-js.6f2e1c48.js

66.254.114.234

17 kB

URL
tgp1.brazzersnetwork.com/_p1cdn/tour/atlaslib-js.6f2e1c48.js
IP
66.254.114.234:0
ASN
#29789 REFLECTED

File type
gzip compressed data, max speed, from Unix
Size
17 kB (17212 bytes)
Hash
a9b0e8b85536b7a3f367174f05bec16d
1484ff1166f29135e65f6b9557c037681c608dd3
51e6e33ccd70774d5443628a3fbb5b7a647c8e2475ec17c3ab16d20d8ab7a2fd

HTTP Headers

GET /_p1cdn/tour/atlaslib-js.6f2e1c48.js HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnupu12uoou2pjpollumsnoutmtltqpodrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUXWzXSzOc6V0rpXSuldK6V0rpXSuoutt0lnotttrqm1ppuz1ut0pr2t0ul1pcH2A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 19 Apr 2024 16:04:23 GMT
etag: W/"3ac93c13f-9d5b-616753dbc4fc0"
expires: Mon, 19 Aug 2024 02:57:09 GMT
cache-control: max-age=10486975
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: dfw1-15011-1-12721-h-0-0---;15026-124-3810460----0-0-1
set-cookie: __s=662949CE-42FE72EA01BB24C9EE-5690A;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

img.strpst.com/blurred/1713981690/152387773_webp

104.17.11.106

2.3 kB

URL
img.strpst.com/blurred/1713981690/152387773_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.3 kB (2282 bytes)
Hash
1baf9691bb9eb5a25f9bb6e381b0ed29
b03a856a89f95d4b0f43b8fa0248052c26f32cd2
a2a6594e8d9ae248464cd13b01ad0050c3a62052cbb884a5fe7f5cd8ca906cbe

HTTP Headers

GET /blurred/1713981690/152387773_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/webp
content-length: 2282
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:01:18 GMT
vary: Accept, Accept-Encoding
x-request-id: fa-ej8_Ym9p5zpNOiYYhv
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:01:17 GMT
cf-cache-status: HIT
age: 203
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f3ee7e0b55-OSL
alt-svc: h3=":443"; ma=86400

assets.strpst.com/assets/vendor-corejs.3ce6091a857b1962e190.js

104.17.10.106

20 kB

URL
assets.strpst.com/assets/vendor-corejs.3ce6091a857b1962e190.js
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (46976), with no line terminators
Size
20 kB (19532 bytes)
Hash
ea92c2df8a54f3a8c39776db8d51ffcd
04c9525299af99bf59bb87da83a3e1aa451e077d
02f02cf25cd118556b1974e5c49ba984118e29728872cfc89132a1523f5318a3

HTTP Headers

GET /assets/vendor-corejs.3ce6091a857b1962e190.js HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 24 Apr 2024 08:16:21 GMT
vary: Accept-Encoding
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 16468
server: cloudflare
cf-ray: 879804eeeb555694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981330/149838202_webp

104.17.11.106

2.1 kB

URL
img.strpst.com/blurred/1713981330/149838202_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2114 bytes)
Hash
77eacb00ad0076fd81134a3e1f10c720
90fd101fc98acedcc361f40c34fb8f642374206b
e7d2249644731f724cb0164a7f03324f36eedb10e28f1c0f844020b9d352764a

HTTP Headers

GET /blurred/1713981330/149838202_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/webp
content-length: 2114
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:55:21 GMT
vary: Accept, Accept-Encoding
x-request-id: rtL4AH4ipLyVt0KliHzIk
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:55:20 GMT
cf-cache-status: HIT
age: 563
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f3ee850b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981300/38910849_webp

104.17.11.106

2.5 kB

URL
img.strpst.com/blurred/1713981300/38910849_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.5 kB (2454 bytes)
Hash
0ae492123626460836535fc780e0c922
97726d0739886516c67bed4536c9a017ec8edd96
ab7e57bd7c3d07b032fa8b414a7efce6a5bce3a8527496802a89ad5bea8345e3

HTTP Headers

GET /blurred/1713981300/38910849_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/webp
content-length: 2454
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:55:00 GMT
vary: Accept, Accept-Encoding
x-request-id: spmy6kng7-J31r_r1EkHu
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:54:59 GMT
cf-cache-status: HIT
age: 591
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f3ee8a0b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981780/147742945_webp

104.17.11.106

1.5 kB

URL
img.strpst.com/blurred/1713981780/147742945_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.5 kB (1514 bytes)
Hash
b3a97f22dbd820365dc66c73f41a7000
b712ad7f6c3fea7bf5e8534d937a7504ad75ce2b
782e0fcfc3e094bf98d078b8a480a669cabb0aafc34cd92ba73e3336bdd05d91

HTTP Headers

GET /blurred/1713981780/147742945_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: image/webp
content-length: 1514
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:02:57 GMT
vary: Accept, Accept-Encoding
x-request-id: 2ccygL-6UWn1ilNncFg1c
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:02:56 GMT
cf-cache-status: HIT
age: 111
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f3ee880b55-OSL
alt-svc: h3=":443"; ma=86400

assets.strpst.com/assets/vendor-react.306570b89cdd182ca0fc.js

104.17.10.106

66 kB

URL
assets.strpst.com/assets/vendor-react.306570b89cdd182ca0fc.js
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (52160)
Size
66 kB (66471 bytes)
Hash
0f9c2df119cd907a7a44276380fcd833
bb2ba6812fc14c98644eaa316ff26e787a83392b
bf7a1366512445b4b0f2da839b7b365596112ab9126af5619795f25092643f63

HTTP Headers

GET /assets/vendor-react.306570b89cdd182ca0fc.js HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 24 Apr 2024 08:16:21 GMT
vary: Accept-Encoding
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 16468
server: cloudflare
cf-ray: 879804eeeb585694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981810/61085928_webp

104.17.11.106

3.1 kB

URL
img.strpst.com/blurred/1713981810/61085928_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
3.1 kB (3098 bytes)
Hash
78ce3d80f6aed4f8511ed44f3dc81048
273b11aade394bb706c42db77b679b67c41594ac
2e929f756c48691da1b0ab667f31c1dad48d671fc8faceda10d9dddac91fe38a

HTTP Headers

GET /blurred/1713981810/61085928_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 3098
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:03:28 GMT
vary: Accept, Accept-Encoding
x-request-id: CgAEG4kVKxPA83e5zLEdJ
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:03:27 GMT
cf-cache-status: HIT
age: 85
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f40ea30b55-OSL
alt-svc: h3=":443"; ma=86400

assets.strpst.com/assets/shared.9a044f5061de6d53d16f.js

104.17.10.106

218 kB

URL
assets.strpst.com/assets/shared.9a044f5061de6d53d16f.js
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
218 kB (218362 bytes)
Hash
f0e87a9097c20e0e70a856a55daa6236
c84aa814c1953f210016459072d90ef55ff4c46e
fd056b0a8fafd809694ade8acde30af259e06a5647e6a4d7b0ab6b234fe25a31

HTTP Headers

GET /assets/shared.9a044f5061de6d53d16f.js HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 24 Apr 2024 08:16:21 GMT
vary: Accept-Encoding
expires: Wed, 01 May 2024 18:05:03 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 16468
server: cloudflare
cf-ray: 879804eefb615694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981090/152546016_webp

104.17.11.106

2.3 kB

URL
img.strpst.com/blurred/1713981090/152546016_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.3 kB (2296 bytes)
Hash
24d309ac9f8a0757509ca404848c3084
054c72cd7b9fc61415feac5cf1fa4c8b2f830d29
18ec56f16b93d3ad70fdfc3a5bea5c3b42dbbbe0b2f5dee6f7b012e61abf5b36

HTTP Headers

GET /blurred/1713981090/152546016_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2296
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:51:21 GMT
vary: Accept, Accept-Encoding
x-request-id: InesABPtHUaWIXkn2c2UA
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:51:20 GMT
cf-cache-status: HIT
age: 793
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f40ead0b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981900/154519592_webp

104.17.11.106

2.1 kB

URL
img.strpst.com/blurred/1713981900/154519592_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2110 bytes)
Hash
72b0bf0601fde921ddbb7ef0291c42b7
5f9e6ecc15726dbc44ede85cb4e54cb7737f61b2
76b66a97d16ff7e0b3ffbefb0077230ba4b0fab10144d22ac0a00d3990a3aeba

HTTP Headers

GET /blurred/1713981900/154519592_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2110
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:04:56 GMT
vary: Accept, Accept-Encoding
x-request-id: CP5cpwovrrSvmePdAWt-Y
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:04:55 GMT
cf-cache-status: HIT
age: 7
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f47f360b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981120/154039715_webp

104.17.11.106

1.7 kB

URL
img.strpst.com/blurred/1713981120/154039715_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.7 kB (1716 bytes)
Hash
4330d561f1bbed6d63f23971b3595ee9
4764cc344f39317e818f4919ac8ba94081bdce91
f8407749dda8334bc8803e7d4d4abe3dc2e51595eb9d42e9fe4bfa969d1e56e5

HTTP Headers

GET /blurred/1713981120/154039715_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 1716
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:51:59 GMT
vary: Accept, Accept-Encoding
x-request-id: UYlzsUvgzeUJTkQrPVpC7
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:51:58 GMT
cf-cache-status: HIT
age: 692
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f47f380b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981360/154311705_webp

104.17.11.106

2.2 kB

URL
img.strpst.com/blurred/1713981360/154311705_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2242 bytes)
Hash
73e352415dcd51e7181e1bcc2aded661
8d6cdea14fbf99eff10f70bca0fcbe27014196b3
c6208d02f9b414cc4546d866f40971f663a100f3c6b520418c19dd2b62163b28

HTTP Headers

GET /blurred/1713981360/154311705_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2242
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:56:02 GMT
vary: Accept, Accept-Encoding
x-request-id: KY-nfjriLLi7HY7VcnA0q
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:56:01 GMT
cf-cache-status: HIT
age: 122
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f47f390b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981660/113778902_webp

104.17.11.106

2.2 kB

URL
img.strpst.com/blurred/1713981660/113778902_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2170 bytes)
Hash
03e324536aecdeed52d4a8f1c7bf8754
359449e91ce68329c4b104920c636c718874693e
e39df685854209d5391f0ac5dce39f3de8dc8aa406a8dd2e5ce5d31377f21db2

HTTP Headers

GET /blurred/1713981660/113778902_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2170
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:00:57 GMT
vary: Accept, Accept-Encoding
x-request-id: HEm24q0hmTmPKFvyfk5gN
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:00:57 GMT
cf-cache-status: HIT
age: 237
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f47f3a0b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981210/38907106_webp

104.17.11.106

2.4 kB

URL
img.strpst.com/blurred/1713981210/38907106_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.4 kB (2392 bytes)
Hash
a3b89fba8936b80fa9a89c4e0cebc208
4dea0a6dcaf0c44eac084767e9ed8eb242f3a26e
668f3e8c614d989f898932dccc2dec5cdd641587c98dab55f566b50de6b6dfd1

HTTP Headers

GET /blurred/1713981210/38907106_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2392
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:53:32 GMT
vary: Accept, Accept-Encoding
x-request-id: oqHUKK295vP-gGbZS6b7j
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:53:31 GMT
cf-cache-status: HIT
age: 687
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f47f3d0b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981810/57255263_webp

104.17.11.106

1.8 kB

URL
img.strpst.com/blurred/1713981810/57255263_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.8 kB (1826 bytes)
Hash
2b035fbf3cf3096129d0f9ae056d8183
cd17c794732a9bee34acc26b2dca34e45840cf8a
3d2cdd3f99a79461261b6ad9aa7ea6a471381ac3c0fd49a5d55be404511061a7

HTTP Headers

GET /blurred/1713981810/57255263_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 1826
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:03:29 GMT
vary: Accept, Accept-Encoding
x-request-id: pDclvtRpULtm4L522gmKk
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:03:28 GMT
cf-cache-status: HIT
age: 89
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f530b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981450/141632148_webp

104.17.11.106

1.8 kB

URL
img.strpst.com/blurred/1713981450/141632148_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.8 kB (1794 bytes)
Hash
09dd1d9561ce2f29918165149e55875e
76122db51d2f7390b5a1fd0d9c965aa90e62049e
2f5c0090c9603cbc62a7525923fd1c79c10a4df29c1dd9234694e1fd1dca38f4

HTTP Headers

GET /blurred/1713981450/141632148_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 1794
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:57:27 GMT
vary: Accept, Accept-Encoding
x-request-id: V0GBruMuTAbUkXlHobyh7
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:57:26 GMT
cf-cache-status: HIT
age: 435
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f5c0b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981720/148378115_webp

104.17.11.106

2.6 kB

URL
img.strpst.com/blurred/1713981720/148378115_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.6 kB (2618 bytes)
Hash
acc4158829e489bd8bf5fe39c159b0d5
8dac4462671320c07b2e5c0445dee0f37a2936e2
694c02eb395d13568491b8c1dc6e7ab73ce509173c801aef90603b84cafb8288

HTTP Headers

GET /blurred/1713981720/148378115_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2618
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:01:48 GMT
vary: Accept, Accept-Encoding
x-request-id: riLhkSeILAZ0vQz7IAbSa
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:01:47 GMT
cf-cache-status: HIT
age: 191
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f510b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981750/152683119_webp

104.17.11.106

1.9 kB

URL
img.strpst.com/blurred/1713981750/152683119_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.9 kB (1932 bytes)
Hash
14a88b80deb5d77075f16220d157e66d
a07ae308d858e463a0f53d4dd821b5cf76035a84
37eb30f0dee602e704eda08bd63a4e816144ccdd91302f87e4074e204750a99f

HTTP Headers

GET /blurred/1713981750/152683119_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 1932
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:02:32 GMT
vary: Accept, Accept-Encoding
x-request-id: oFapkDPO6v8h6uLg-jAmF
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:02:31 GMT
cf-cache-status: HIT
age: 4
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f500b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981270/122375932_webp

104.17.11.106

2.1 kB

URL
img.strpst.com/blurred/1713981270/122375932_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2068 bytes)
Hash
7ab4edd59bea75ba97270d31aeb4c2b1
84bf9e06f2fa03bae1e90bd25314b92b28624387
c73cd56a2d838136540f867f94891c29a4198e7066e0a1ca96174f5f1bfcd63f

HTTP Headers

GET /blurred/1713981270/122375932_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2068
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:54:25 GMT
vary: Accept, Accept-Encoding
x-request-id: NhLsOoELS25iIfna0buMu
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:54:24 GMT
cf-cache-status: HIT
age: 609
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f560b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981660/1128670_webp

104.17.11.106

2.4 kB

URL
img.strpst.com/blurred/1713981660/1128670_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.4 kB (2392 bytes)
Hash
abfe56a4fcd11b5448f67148f7ec3060
3d5d286a18eb560d674731e07d7b7aafa85c792c
d98da0dac0af98986d901642a208deaeebf4902eaa0589e26be26c489a4b7bf9

HTTP Headers

GET /blurred/1713981660/1128670_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2392
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 18:00:57 GMT
vary: Accept, Accept-Encoding
x-request-id: u9jaRcHREXpRbRDjjkGq7
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 18:00:56 GMT
cf-cache-status: HIT
age: 242
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f640b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981600/147835277_webp

104.17.11.106

3.7 kB

URL
img.strpst.com/blurred/1713981600/147835277_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
3.7 kB (3736 bytes)
Hash
fc976c8c163b22352080566564490d0b
e1a3d3865c506f3fce02093aaa07132b609d31cf
ccbf2fb08a39406f2b81664a016f4dbb6dd855b1bcd7c2d29c34b3fe005846cf

HTTP Headers

GET /blurred/1713981600/147835277_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 3736
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:59:57 GMT
vary: Accept, Accept-Encoding
x-request-id: L4fQB0ngWkqpmpiT_1cgK
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:59:56 GMT
cf-cache-status: HIT
age: 285
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f630b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981360/96668230_webp

104.17.11.106

2.6 kB

URL
img.strpst.com/blurred/1713981360/96668230_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.6 kB (2630 bytes)
Hash
6e8aaa8aa236e523b831c7d00d3fb371
826158e01b7cac4ae1b46dc5e1cebdec8ad11d22
5153383ba74e3d10a2ee0a50fe9a659cb7fa3db70f9b6bd167c4f83c3d265cea

HTTP Headers

GET /blurred/1713981360/96668230_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2630
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:55:57 GMT
vary: Accept, Accept-Encoding
x-request-id: -DYa_xpndLfFue5vGQ_az
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:55:56 GMT
cf-cache-status: HIT
age: 533
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f610b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981240/61589884_webp

104.17.11.106

2.1 kB

URL
img.strpst.com/blurred/1713981240/61589884_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2100 bytes)
Hash
8662c514e13e9c0863696299f6d0bf38
77045c088f9c08a2be7e3e6f3489ebd4824bad33
29b2140fb60a583abcd03f0b7a599ffb9d58d413dac4a34e4125bc33a9b96047

HTTP Headers

GET /blurred/1713981240/61589884_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2100
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:53:55 GMT
vary: Accept, Accept-Encoding
x-request-id: z3d39CUOwrvp9j85HT4Jp
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:53:55 GMT
cf-cache-status: HIT
age: 655
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f580b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981360/56180102_webp

104.17.11.106

1.9 kB

URL
img.strpst.com/blurred/1713981360/56180102_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
1.9 kB (1938 bytes)
Hash
1d93bb3a305f5497f0ba0d64dc2b84d3
b125325d675d63f94f12754cb761c69d87f27c86
077c9b7eadb421b8cd2d9eb151837ad683aca296673a2b6c2cf551f9f2015b0c

HTTP Headers

GET /blurred/1713981360/56180102_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 1938
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:55:58 GMT
vary: Accept, Accept-Encoding
x-request-id: MATvtdvhx_QRwDy4agBQu
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:55:57 GMT
cf-cache-status: HIT
age: 534
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f680b55-OSL
alt-svc: h3=":443"; ma=86400

str37.vidoza.net/nvl4hj7wpufeieno3u6anw74hksha3mq2b3onhvkzm4cab56avyxxgkddewq/v.mp4

109.202.99.55

206 Partial Content

7.5 MB

URL GET HTTP/2
str37.vidoza.net/nvl4hj7wpufeieno3u6anw74hksha3mq2b3onhvkzm4cab56avyxxgkddewq/v.mp4
IP
109.202.99.55:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
7.5 MB (7476657 bytes)
Hash
0aac047d27315102577d4bc08455e24d
ff0341661ffe3da1ae465dd5e136c04f56635c44
ed5621ba19964a9053ae5fb0c5b48c6cf2d6a601d5ed196ef8839a7c9eb5d9eb

HTTP Headers

GET /nvl4hj7wpufeieno3u6anw74hksha3mq2b3onhvkzm4cab56avyxxgkddewq/v.mp4 HTTP/1.1
Host: str37.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: video/mp4
content-length: 7476657
last-modified: Mon, 08 Apr 2024 02:29:23 GMT
etag: "66135683-7215b1"
content-range: bytes 0-7476656/7476657
X-Firefox-Spdy: h2

img.strpst.com/blurred/1713981210/46714006_webp

104.17.11.106

2.0 kB

URL
img.strpst.com/blurred/1713981210/46714006_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.0 kB (1976 bytes)
Hash
4944c3443fe04feca38e999d308eedd4
3104a4ddfddbc37e00850cc45a17548909768548
ebe8786ba283760805d0653d79d60326e82f73e9b396fb1face40016a2202624

HTTP Headers

GET /blurred/1713981210/46714006_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 1976
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:53:27 GMT
vary: Accept, Accept-Encoding
x-request-id: Ei5Gc-WLCqDN9lEdHbbzu
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:53:27 GMT
cf-cache-status: HIT
age: 684
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f550b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981300/49265666_webp

104.17.11.106

2.2 kB

URL
img.strpst.com/blurred/1713981300/49265666_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2188 bytes)
Hash
38cc64c63829c288f974ffde8b253034
7f13960f3df452eb3870767382a80c50ba4ca496
e733e3cb668f9982aea0b8cb3612b17556e88960ef5e662655891a72911f1fad

HTTP Headers

GET /blurred/1713981300/49265666_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2188
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:54:59 GMT
vary: Accept, Accept-Encoding
x-request-id: KtCbxxYDxhNArP_cb7Vit
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:54:58 GMT
cf-cache-status: HIT
age: 598
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f590b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981600/75055015_webp

104.17.11.106

2.1 kB

URL
img.strpst.com/blurred/1713981600/75055015_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2088 bytes)
Hash
bfa91609ba7863e9abfdbaf0b5a02124
2571d5707d3a4af0f546f6ea73b023c05613f4c6
bffa2f9b542205e6c826423c639b7935923dce086a6c49a90e605b01a68579bc

HTTP Headers

GET /blurred/1713981600/75055015_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2088
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:59:56 GMT
vary: Accept, Accept-Encoding
x-request-id: 5M085J_z0OI6lMfuiKR0Y
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:59:55 GMT
cf-cache-status: HIT
age: 297
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f5e0b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981300/87683439_webp

104.17.11.106

2.3 kB

URL
img.strpst.com/blurred/1713981300/87683439_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.3 kB (2270 bytes)
Hash
fbe0d96536b301b0b094ddd4f5dae792
608f7e415c9854e399910f766c2fec89fbea6442
6d1020187318b8c010ff00ac79135dc314dfd5066141672516da50b2b37b7c85

HTTP Headers

GET /blurred/1713981300/87683439_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2270
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:55:01 GMT
vary: Accept, Accept-Encoding
x-request-id: iMs1qYc6IwqxNqGCU1fNV
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:55:00 GMT
cf-cache-status: HIT
age: 600
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f650b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981000/9212711_webp

104.17.11.106

2.1 kB

URL
img.strpst.com/blurred/1713981000/9212711_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2122 bytes)
Hash
3166bb27cb36a254741d49d83d2b95ca
dcc8addfa1dc7160df335cb1fd4e32a14a0a4dcb
1861b38f0351e898da710c8d115f29bc3d587da150baab29e3c5092e0cf9e6e1

HTTP Headers

GET /blurred/1713981000/9212711_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2122
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:49:55 GMT
vary: Accept, Accept-Encoding
x-request-id: BaChLY_41eqjMprzQBUpp
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:49:54 GMT
cf-cache-status: HIT
age: 886
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f670b55-OSL
alt-svc: h3=":443"; ma=86400

img.strpst.com/blurred/1713981300/119938100_webp

104.17.11.106

2.0 kB

URL
img.strpst.com/blurred/1713981300/119938100_webp
IP
104.17.11.106:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image
Size
2.0 kB (2018 bytes)
Hash
bf1288131e5e36e02b7c0ecc1b1acab5
79d1b1053a7de0f26aa23acfd9212d5693afcc7c
e853f66882ecce39dbbd6364b4b89b9c933f78019f1ddc07295ea93e725b8d50

HTTP Headers

GET /blurred/1713981300/119938100_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/webp
content-length: 2018
content-security-policy: script-src 'none'
expires: Wed, 24 Apr 2024 17:54:56 GMT
vary: Accept, Accept-Encoding
x-request-id: qw8pu3ecsiI69KXaaiqhb
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 24 Apr 2024 17:54:55 GMT
cf-cache-status: HIT
age: 598
accept-ranges: bytes
server: cloudflare
cf-ray: 879804f48f690b55-OSL
alt-svc: h3=":443"; ma=86400

assets.strpst.com/assets/common/components/ui/CountryFlag/images/jp.svg

104.17.10.106

16 kB

URL
assets.strpst.com/assets/common/components/ui/CountryFlag/images/jp.svg
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image
Size
16 kB (15926 bytes)
Hash
9857801968d165b1dd8563a6b7c7f647
ab5b800824c65eb90669562880398cafdc46b00a
c36fc6bcb0e4a6cfbcf7bdcf1e81689cd190fbd7f6ca54e36141f7f0da7d6267

HTTP Headers

GET /assets/common/components/ui/CountryFlag/images/jp.svg HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Apr 2024 14:36:37 GMT
expires: Wed, 01 May 2024 18:05:04 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 391438
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804f47bf75694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44m0v9104348843z8832020053za200&_p=1713981899150&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=19970008.1713981900&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713981900&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&dt=Watch%2069484%20mp4&en=error_network&tfd=7436

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44m0v9104348843z8832020053za200&_p=1713981899150&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=19970008.1713981900&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713981900&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&dt=Watch%2069484%20mp4&en=error_network&tfd=7436
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44m0v9104348843z8832020053za200&_p=1713981899150&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=19970008.1713981900&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713981900&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&dt=Watch%2069484%20mp4&en=error_network&tfd=7436 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 24 Apr 2024 18:05:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

assets.strpst.com/assets/common/components/ui/CountryFlag/images/at.svg

104.17.10.106

10 kB

URL
assets.strpst.com/assets/common/components/ui/CountryFlag/images/at.svg
IP
104.17.10.106:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image
Size
10 kB (10050 bytes)
Hash
a51a8f4c499c722eff541f7fb05ffe72
fb3853fb9d38814d60491d07628939ccb1c3010a
852b5125f4ee9d88fef3009ebab609161a0e48d898d01efa6c2f2c0b7b71e843

HTTP Headers

GET /assets/common/components/ui/CountryFlag/images/at.svg HTTP/1.1
Host: assets.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cambaddies.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:04 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Apr 2024 14:43:38 GMT
expires: Wed, 01 May 2024 18:05:04 GMT
cache-control: public, max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 558602
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804f48c195694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9f9b8f18a31d8fd141cd953710b8bfd6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 18:05:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPXGZn6IKmWDGUBEWnZZKl6pHRJZd3uSPpEzNoiJ4MD00F77fY%2FCODZ7tGzUFsZpZL2eYvDxcsLcROQC1fhefxlsjP4FjCBrrJai2blyN7xcsFeLQYCIeuYmTxttz43bQPc3aHYvJfj7MRPhxa6tdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804dd8a7e5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/js/jquery.min.js

78.142.18.54

200 OK

96 kB

URL GET HTTP/2
videzz.net/js/jquery.min.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1762a"
expires: Fri, 24 May 2024 18:02:05 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/0YDX8OE

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/0YDX8OE
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
af2b6f5e906532aa6d51ed7dcbb8fed7
5ddca712e64ecb7520e561656c87079ec18e3db1
eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3

HTTP Headers

GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4b%2BupIqGTRm8VOqDolqkzdo4spHhmcbe5BIyaSDKFnLSEpRjYoe95mnTKilU93kgksO0bOB7a0FwXMXYtSrtTLjdhNxZVCzUWp%2BM0n0IYDAj99YiIr2qHW7eUdEO12ayGmWtC%2FDIt2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d81f495694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31bV2Jy

172.67.205.77

200 OK

239 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31bV2Jy
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0acFomKZtaxjSMxVB76xsx1%2F5W%2BvZh4UWIyvbFSYSMIZLki%2BjlxtCLX1gMsvNtxduxGbx7E%2F0LMW1bU2zsSp%2F%2B0PdNIyA%2FrciQyHvQuMcP5Ez1VQ4xnEbzXMVRUl3h1vBnEKOjS%2FJao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d8d8d85694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

myliveforyoudreder.com/vidozza.js

172.67.151.245

200 OK

1.6 kB

URL GET HTTP/2
myliveforyoudreder.com/vidozza.js
IP
172.67.151.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectmyliveforyoudreder.com
FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7
ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1742), with no line terminators
Size
1.6 kB (1615 bytes)
Hash
1b10623dcc365c3e40aa543ee9be6c3d
ee99261cffbbf896eba3c60d867480042fbaadc5
54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f

HTTP Headers

GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIO5Gk%2BuVa%2BHChy0R%2B7hr%2BrHecAeg7CZHyiKgonlcttGnaDusbe6sTYseLpgtxWr0lmwQZWlUygfP63Qgn18r1OfMjPrSXCiiT%2BablMg9maq0OwvuTLZBxj0vUdJsY3Ew69HU0zwI1tx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804da6b72b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

302 Found

1.2 kB

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
1.2 kB (1161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tfosrv.com/show_std.php?id_site=13101&id_channel=60771&uf=true

videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

416 kB

URL GET HTTP/2
videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
416 kB (416358 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-65a66"
expires: Fri, 24 May 2024 18:02:09 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

1.4 MB

URL GET HTTP/2
videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
1.4 MB (1360962 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-14c442"
expires: Fri, 24 May 2024 17:55:14 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/twitter_button.png

78.142.18.54

200 OK

7.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/twitter_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.3 kB (7332 bytes)
Hash
d680a9ff6f8107a4582fc3da7b95b852
df709fd8b064642697ce5075aef16d7ec3df9475
d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 7332
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-1ca4"
expires: Fri, 24 May 2024 17:58:26 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

142.250.74.106

200 OK

27 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (634)
Size
27 kB (26662 bytes)
Hash
b38e93359bf408137b205df1dc494995
c8a136dea93305a6be1a7341e5b1d34145415b37
24b63ecac66577632b7277c0105fedc08608171a8ca4335fa5f8e07104962320

HTTP Headers

GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 18:04:58 GMT
date: Wed, 24 Apr 2024 18:04:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568190&siteid=639576&cost=0.0006&conversion=2UwmO3T7tY0

0.0.0.0

0 B

URL GET
track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568190&siteid=639576&cost=0.0006&conversion=2UwmO3T7tY0
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568190&siteid=639576&cost=0.0006&conversion=2UwmO3T7tY0 HTTP/1.1
Host: track.jajaloop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

140 kB

URL GET HTTP/2
videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
140 kB (140132 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-22364"
expires: Fri, 24 May 2024 18:02:05 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183

174.137.133.17

302 Found

61 kB

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
61 kB (60667 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://impactserving.com/Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_41bc995f-4efc-45a3-8020-ae89b44bc7a7&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=xoMiqaVIhNfViNoAzbb7BoVSNqN6yb2gzWUfrrcbZk1i3aJYRGfBqkb1rsF41OY1NkQ2ojM2WCmajKajgXcJzB4rGPQ5vL43T4MCx0rtsFItMOV6PY9-MFkxAdpBGIyV0I-mafZ8rBoHcUz16658UIng-WUW42oi0t_ZWFQb5aQiWez0eU13QrvBifmMI4qKTgmU5JA8l2kv8ZhzY_oYvh7hosBjfMrpMKMT4haEOW-A0DE93I1Hz6X1wA49XD-x5Evdr4yvQJTXzuW7j9wvj79gn09dXQbC8A4D3HJNcOZnbRGcLkAawLWFD6gQl8RSo5qGEw2Am73T1q0e3SnXlIAqSUt0XeQc1SuSvep0HuHb6MnU4RabPWxclwjeNKnx0rGylrbdNtEQBX0okLTqXnyPaAoXOLBAoGV1tMAQ18nLqKlBuo21JtWBpER4Mboi0p4lI0NeUKuKnku-L94dAlOgdoaJ9UaWuJyLC2iPk2SAwq8zoQUqIcB3TkkOyxN6Fggu48MKtKMFmhQwtMfbB4rBUk7VBImOUzBykYj216UMrfQdiRLrq02wPXb_9sG8HXJ4HNzsbStgu5iRBlQlslZqpf0KzKOGPHCkYVMQj1HeJ-JIVdwdkztc9lhENfFitRfrtrkZcwJbZUGeFG1ZByfa2djYQ-XFGtkkYcGskgrgIE90NVGFkpZMYh6ORQvoIigGAPzO26VkengRk41AYN9WNNAk1BH1vajFWwYgcaOf6jSjOsvgetHkYBCfdNc36Sz3oWhaEWn4ALDCs85EhHaZ5lop5sTJh4hXli_cIqZ-spt68DPnXZc40BXMTTuJVL-AxLYzcpisTXnJDPi0hGUUpt__N-_X_VCa8pvmh7LbKz_1Q7hp5t7EBYKqQv8yzSBVX96xUOkgb9gfvDlGEaSqVVhYAVM288mAnOgfWQSBUaWnTAMyQD7sXlYcK_PKueVSzUlksT3pHXzkOPKwG_4Fa48cCaI6KwmWrh0MJKM1&kw=&mw=1024&mh=768&xml=1&at=

fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet

142.250.74.106

200 OK

48 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (1572)
Size
48 kB (47712 bytes)
Hash
61e51ca36cd9e3939eea245c274df4d2
690f446590fd749fcdb23860a787f7075c3ac9df
59d779cc48a40b1dc4f69b77ea6c6e05f4ca8e517e5541a107ff7f09714a7f82

HTTP Headers

GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&amp;subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 18:04:58 GMT
date: Wed, 24 Apr 2024 18:04:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/telegram.js

104.22.70.197

200 OK

360 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/telegram.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (370), with no line terminators
Size
360 B (360 bytes)
Hash
d455b7099e753a3680d5e481a7b56a9d
146fdec3f2e51dabdd15fc8acda6d73823b0d44d
4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a

HTTP Headers

GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jty8znFib0KWLtGhjMAg%2BxsjKXe7JzL7YJbtSlJe7kph2rpky7WRd1yEbqG%2B%2BjIQdAdIEgC6yml2kYICcTp3ijclEgiX9QtrVqm04z7h3YAKWGtr1zqXmPl17EI4scLjMpIy7oH0C8DC5dMe2Nt5EA4B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db4a9d92fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/facebook.js

104.22.70.197

200 OK

429 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
429 B (429 bytes)
Hash
874e1638740e061f9fa55eda3180724c
108a7e30fa0f7d50b961845ec970a2745f3c821f
d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA%2B6CgmC8jseqBD58yzw3g08jOUphhgsylzMxZ9D42vO%2BJBt32H6ze0OdR1laWID89ODHa4t%2Bxndp0DSd5UXaRTw8BQyEZ3vgr9VvN7BcD2jiKHRKXH68v4autIBxyvEqTc%2B93g%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db2a6492fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/modules/core.BRQnzO8v.js

104.22.70.197

200 OK

72 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71454 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uyznthxAYKLdqkqMFs%2BlEmSND%2FCZW0SgKJ90BaRtGb5KqnzDppiPL7X%2FonZ8a7tCIwb6q1ayJ2CjdGXG%2F%2FKHGIr3pkK%2BZl5ILozvXlUtMJT9pwQBhRfaQMa48icbnNAN1iN5Sbc"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9245
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804d83d9292fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

11 kB

URL GET HTTP/2
videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (11269), with no line terminators
Size
11 kB (11269 bytes)
Hash
f2b1e2d690c2c568d846e8da3ab66ccd
f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a
3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-2c05"
expires: Fri, 24 May 2024 18:02:55 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5WbRVXB2jxsLHCGxU%2FMlnvydhS3o3z1XUjzcC4id2rf%2BLC5dBcVx5uw9bRHB%2Bc8izYDXCag0RSkbRvcbG3PmfwohRfwDqrHQZUf%2Fg1dGSNOdY0TRDF2ZqVOS%2BJ9Kfm%2FJSJX0B3FexU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d84f9b5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xmlclick.adokutrtb.com/nrtb/click?bid=01onGr3SWUvyM0UgoWPrI9TfJQf-ozM3XVjVvpL7rNOfzGfdRIWWOHgwCnRfJ2FT_0_5

23.226.122.79

302 Found

0 B

URL GET HTTP/2
xmlclick.adokutrtb.com/nrtb/click?bid=01onGr3SWUvyM0UgoWPrI9TfJQf-ozM3XVjVvpL7rNOfzGfdRIWWOHgwCnRfJ2FT_0_5
IP
23.226.122.79:443
ASN
#29802 HVC-AS

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerUnizeto Technologies S.A.
Subject*.adokutrtb.com
FingerprintFE:8D:59:6C:AC:C6:8C:40:28:AE:A4:B8:B8:6C:4B:B0:1F:1D:1E:AC
ValidityTue, 19 Mar 2024 12:12:32 GMT - Wed, 19 Mar 2025 12:12:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nrtb/click?bid=01onGr3SWUvyM0UgoWPrI9TfJQf-ozM3XVjVvpL7rNOfzGfdRIWWOHgwCnRfJ2FT_0_5 HTTP/1.1
Host: xmlclick.adokutrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:05:02 GMT
content-type: text/html; charset=utf-8
content-length: 76
location: https://xml-v4.onemediawork.com/click?i=IMdutEHwvtY_0
X-Firefox-Spdy: h2

videzz.net/sw.js

78.142.18.54

200 OK

42 kB

URL GET HTTP/2
videzz.net/sw.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (42324), with no line terminators
Size
42 kB (42324 bytes)
Hash
764aafd976dd9cd9f33279bfafa02908
e9ad856ec00bccfdcbe17b79113681685c943b8d
2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:39 GMT
vary: Accept-Encoding
etag: W/"66163917-a554"
expires: Fri, 24 May 2024 18:02:57 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

tr.7vid.net/api/users/88464?v2=1&fill=0&kw=69484%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e

135.181.208.216

200 OK

67 B

URL GET HTTP/2
tr.7vid.net/api/users/88464?v2=1&fill=0&kw=69484%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
XML document, ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25

HTTP Headers

GET /api/users/88464?v2=1&fill=0&kw=69484%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=mdDmRFdPyrwFCq7Cqoji
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/1257pc8b3t79.html?asgtbndr=1

78.142.18.54

200 OK

50 kB

URL User Request GET HTTP/2
videzz.net/1257pc8b3t79.html?asgtbndr=1
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
50 kB (50336 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1257pc8b3t79.html?asgtbndr=1 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 23 Apr 2024 18:04:58 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 25-Apr-2023 18:04:58 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:58 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5a80fdb25a1f4c70c38767b1307ad4b6
cdn-cache: HIT
cf-cache-status: HIT
age: 13016190
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804d31f0d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.o333o.com/vast-im.js

143.204.55.120

200 OK

310 kB

URL GET HTTP/2
cdn.o333o.com/vast-im.js
IP
143.204.55.120:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type

Size
310 kB (310487 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: g9F4XAA3mgRnAwl0RQ6HLliXOC3Zso9lfoOQwnDafdUxq2X8_FYTag==
age: 1153997
X-Firefox-Spdy: h2

static.addtoany.com/menu/locale/ru.js

104.22.70.197

200 OK

2.1 kB

URL GET HTTP/3
static.addtoany.com/menu/locale/ru.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (2170), with no line terminators
Size
2.1 kB (2130 bytes)
Hash
7581051e137324f383ce692c383a90ac
7c66ac218fd109304436e9588d602c7aaab63b82
428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c

HTTP Headers

GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omOH0D%2F%2FbKHbCJPkdNmLfR8%2BzGCPnitB9qv%2F66TMRKWDY7WyIUiVT7HFQW6m1QLfULBGPLFPNRFippED1ZfGEJ8HPMogoHiqn6R2bStWoCkRRt1L3MFsSrtt9TCP4czTv5ufndQp5aJnB7rzqZAxu%2Bme"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1209
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db1a5c92fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

tr.7vid.net/api/settings/59845

135.181.208.216

200 OK

33 B

URL GET HTTP/2
tr.7vid.net/api/settings/59845
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

HTTP Headers

GET /api/settings/59845 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

camsofa.net/?p=1161

172.67.202.186

200 OK

0 B

URL GET HTTP/2
camsofa.net/?p=1161
IP
172.67.202.186:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectcamsofa.net
FingerprintE9:00:B2:4D:3C:EB:66:B4:77:2F:E8:14:F2:85:34:48:54:72:24:C4
ValidityTue, 23 Apr 2024 14:38:59 GMT - Mon, 22 Jul 2024 14:38:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?p=1161 HTTP/1.1
Host: camsofa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:05:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: http://camsofa.net/xmlrpc.php
link: <http://camsofa.net/index.php?rest_route=/>; rel="https://api.w.org/", <http://camsofa.net/index.php?rest_route=/wp/v2/posts/1161>; rel="alternate"; type="application/json", <http://camsofa.net/?p=1161>; rel=shortlink
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 46068
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5JXzUbDKpN2IT0N6rz5IJV6TqSOgirrwzmbci3LFewejFE4TF6x7iuF%2BJr2Lw8yKzqyGBCH5ZdwCpsUM08CbeHtaKFbqKX8OiTPCUKtN%2FlVgq9u4PsPQAi%2FoKP4yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804ed6f72569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

waterfallchequeomnipotent.com/sbar.json?key=9785383bf0d8f2fb611d938245088565

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
waterfallchequeomnipotent.com/sbar.json?key=9785383bf0d8f2fb611d938245088565
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectwaterfallchequeomnipotent.com
Fingerprint10:02:FD:E1:42:43:0C:C7:37:B0:94:C6:F9:9A:80:1F:38:80:C0:6E
ValidityTue, 23 Apr 2024 10:44:53 GMT - Mon, 22 Jul 2024 10:44:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sbar.json?key=9785383bf0d8f2fb611d938245088565 HTTP/1.1
Host: waterfallchequeomnipotent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 18:05:00 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071529; expires=Thu, 25 Apr 2024 18:05:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3133cda0a6bddc7913fb184eff38f1bb
Strict-Transport-Security: max-age=0; includeSubdomains

videzz.net/favicon.ico?v=2

78.142.18.54

200 OK

1.2 kB

URL GET HTTP/2
videzz.net/favicon.ico?v=2
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
07075ddac650ad1577e310576f4ac231
1c8f551262fac5a047a268b82fa932c405ab13ff
c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Cookie: lang=1; file_id=37896572; aff=202079; _ga_HEX1BG8H46=GS1.1.1713981900.1.0.1713981900.60.0.0; _ga=GA1.1.19970008.1713981900; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-47e"
expires: Fri, 24 May 2024 18:03:08 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/reddit.js

104.22.70.197

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeC0kBV8KrFm3Zkv8J%2Bge%2FSmdij%2FcSJYFqs%2FClTVJvkDxtE2k4Lm3nrK2rBTmLtPWAmSuAfBAXieePa6WMNRv1VRamIPriaRn61zPtoPKykLcjj95XYi5NXBqGD5AN7dpzhIuExa"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db3a9392fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570

173.239.53.20

302 Found

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 18:05:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://camsofa.net/?p=1161

tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079

135.181.208.216

200 OK

655 B

URL GET HTTP/2
tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
ASCII text, with very long lines (789), with no line terminators
Size
655 B (655 bytes)
Hash
43055b07e7a6f9748701930b0a2e2096
29c8b37d2a4dbd55abc3d310109f29b73d7c4fed
8afe497baae8cf71fecf446fb1d8da4c9c304dc067040fd69e221ace4184459f

HTTP Headers

GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F1257pc8b3t79.html%3Fasgtbndr%3D1&sid=426b01ec-e2f5-47e9-bc96-374e2c43ad5e&i=1&kw=69484%2Cmp4&s1=202079 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=mdDmRFdPyrwFCq7Cqoji
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 18:05:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uBSemf%2FwPAzR3ql3HFR5gP%2By9am1iOp7W%2BERkjdBZF0LPwdAcq23%2FLqBaTH4xEQQxYFPYIKch1FJlqWvMCdt%2BYMrYdbOouYnAtbE4zMxxwrtO2xwmzWgGRfbbMMDkDP%2FW5GUWJPvzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d81f5b5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnupu12uoou2pjpollumsnoutmtltqpodrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUXWzXSzOc6V0rpXSuldK6V0rpXSuoutt0lnotttrqm1ppuz1ut0pr2t0ul1pcH2A

66.254.114.234

200 OK

961 kB

URL GET HTTP/2
tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnupu12uoou2pjpollumsnoutmtltqpodrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUXWzXSzOc6V0rpXSuldK6V0rpXSuoutt0lnotttrqm1ppuz1ut0pr2t0ul1pcH2A
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type

Size
961 kB (960553 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnupu12uoou2pjpollumsnoutmtltqpodrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUXWzXSzOc6V0rpXSuldK6V0rpXSuoutt0lnotttrqm1ppuz1ut0pr2t0ul1pcH2A HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 24 Apr 2024 18:05:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2BC87FE440E1D9B847B8A27242E06512EE9F226D99760966D566C8DCAC00
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 214411
x_ats_instance_type: tour
etag: W/"ea829-8e98/4zY+D6Qx9IDlprDp/xczE8"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE0MDg5NjAwLCJpZCI6MjE0NDExLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.YuIKECdo0IAauTBIu4mly5KLTQ5aarYuWO1n6eN2X08; Max-Age=86400; Path=/; Expires=Thu, 25 Apr 2024 18:05:02 GMT
__s=662949CD-42FE72EA01BB24C9EE-56901;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 1863f2f66dbb0a0ebfb099ce2c1208f3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 18:04:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f4%2B81D9BGJGHcAgoo2aMJCQonZxEvRZ6wzxJydjU5tc2izD2CGbTDZkmF2kBvRoTGD4CaW8HCCO6HG5WFx71wKLMxJQbh0qHPdzZUhGs2m7S4zw%2FglAfMGFew8DVgW82XQN9UYK9bAojhMMOO5V4jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879804d9db6fb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Zj8D76R

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Zj8D76R
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
aa39ce14ee4ef59a81b3b1ccc7c20cfb
4037f87db53a18212b896cbe7dc03404833bd9f4
5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68

HTTP Headers

GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OH%2FnMRkCtdXySCgsyzo%2B9SrZ31n1407h%2BGs4rqs2%2F2jIs6j0kqLG7wfo3X9IoaLSVNJ%2FbluDw5LvCd8ej5aOJFk%2FeHqC3t5jCcPUsNjSv3rXSSjzk%2F0Ftj0FWJKOGqCPpCz%2BDwjxHw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d79e5c5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

bid.bidclickmedia.com/sub/31bV2Jy

172.67.205.77

200 OK

239 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31bV2Jy
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=620vefTW5bUf5nGNyPV%2Bo4i1YWHZ5sb5xTW%2FJFGkkZ5CBmqpdyouN2nqiaPi4oJP4XxV9rggekA2bP0miapcrpmrZG5Drb2J7blkoqxJ4UkL4Ly32tlN6e0BQuqYBg5by%2B3Tz8Ui%2BwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879804d8d8d25694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 18:05:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

videzz.net/images-newtheme/social/facebook_button.png

78.142.18.54

200 OK

3.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/facebook_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
3.3 kB (3296 bytes)
Hash
7136dd30e8f2bac19a84c71f7051fbe4
9e0386c21a34c2034c5736d083f2aa9d74aa9698
0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 3296
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-ce0"
expires: Fri, 24 May 2024 18:00:41 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

104.22.70.197

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zug0GuV8TT18l%2FvMZH%2FJnDeJHp7wf%2B1Y662Hj9%2BLzz2bUcCdNCoPp%2Fh0DEFIQdCRWhP4K%2BoKw%2FRmNo3FmNPd%2Fwhjcq0lNYxvJsnDWqwQO4JO8fVs77yEaENmOQytJ1Ua8d%2FapSMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 7610
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804d7ccb492fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/images-newtheme/social/viber_button.png

78.142.18.54

200 OK

7.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/viber_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.6 kB (7583 bytes)
Hash
36454bc0a71ba0919c38f4b072ea1792
b90bd02d15eb470070f5767b12f8879cfa54033f
795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 18:04:59 GMT
content-type: image/png
content-length: 7583
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-1d9f"
expires: Fri, 24 May 2024 17:59:57 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/twitter.js

104.22.70.197

200 OK

645 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
104.22.70.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/1257pc8b3t79.html?asgtbndr=1
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (655), with no line terminators
Size
645 B (645 bytes)
Hash
671b3272826b2e03f7f5ecc6846a4f83
bcd620154cd6381ddf84b4e17e53ad716f3acbea
b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 18:05:00 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxxP6fA7SCmH2G8WV1QlWSjYQqrhXMuU4mnVJ%2BC0TDBdD0m8wauRAkLOYl50RXawR1%2FOrt1xlzKQtqQJ8MuStl%2FhFDuRrC%2FB3dR8cstocthEq4VNWZUXk%2BKWd5%2FD0y55l3S4oUfS"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879804db4a9f92fd-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (73)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL