| videzz.net/js/pop.js?v=1.0 |  78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-23"
expires: Sat, 18 May 2024 23:37:39 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-d3"
expires: Sat, 18 May 2024 23:37:38 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/LrfK7A3.js |  135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /LrfK7A3.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-2074"
expires: Sat, 18 May 2024 23:37:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 |  142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash631f3740305768e43ad7f0583e9ac3b2 33fa5f9d6969b27a5fd30c3610719cfdb4c38a79 fcb26f7ccf42b9bdb26fbc3d2d2136aee74c072a3e62fe59ec29675fc06de362
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 23:41:28 GMT
expires: Thu, 18 Apr 2024 23:41:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-18e9"
expires: Sat, 18 May 2024 23:37:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| vv.7vid.net/lx4oag1.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subject0i.sh-cdn.com Fingerprint24:B9:80:92:9A:AB:42:74:B0:D4:5F:04:68:CF:32:5F:5E:42:BC:53 ValidityFri, 05 Apr 2024 23:27:08 GMT - Thu, 04 Jul 2024 23:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /lx4oag1.js HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css |  104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 277173
expires: Tue, 08 Apr 2025 23:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9LdLEoCVR7QYisr6kyyOCgl8YY2IKiNmElbTJKhLE%2FNaum1ZdorqVt5UxalCetgFmPhNUpk6R41z75HNG1W4egeudCsTFMb%2FwFSwl2RWfaX6OKM9nCcGgV6jrDqXTFHAopjVxVMj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8768817d6952569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kr.cafenehkikki.com/1clkn/14903 |  23.109.170.222 | 200 OK | 26 B |
URL GET HTTP/1.1kr.cafenehkikki.com/1clkn/14903 IP23.109.170.222:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectkr.cafenehkikki.com Fingerprint50:EE:4F:95:B6:16:97:F3:4B:CE:8F:41:22:EB:63:02:F2:48:7A:F2 ValidityThu, 18 Apr 2024 00:50:14 GMT - Wed, 17 Jul 2024 00:50:13 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: kr.cafenehkikki.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:41:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 19-Apr-2024 23:41:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 19-Apr-2024 23:41:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js | 172.240.253.132 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP172.240.253.132:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44131), with no line terminators Hash8f4074a4714b495427f50bbd79a462f0 71690f7180fbd496e7cde83e1ed19c1440cb13a0 2853bc11cbe2c75e0e22ccc669610cb5bf52ad82f6d651e616d98ca40ef57191
GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 23:41:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fef2471c6ab7484e598510527129cff5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hashc6c955fd063ea758ba084abf3504859b 494e8587e9df4087ad5fbce20ca537894885966e 1b490ba7b2d9d638632a9c9d9e38deaf54eb5ed591b117b201a8caf2a309e0ba
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 23:41:28 GMT
expires: Thu, 18 Apr 2024 23:41:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 22:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.o333o.com/adgpt.js |  85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5aa18a6d6c32187ba490c8624ec9603f 03775cc9963bf619b60a83d258c6be683fb7640f c9301cd630e62979937ed77629187cfe18f78fc6b85fa5d253c265eedefe6df8
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ff503ed2-44df-4559-881e-5ae101482b44:3:1; expires=Sun, 16 Apr 2034 23:41:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | | 1.5 kB |
URL static.addtoany.com/menu/sm.25.html IP172.67.39.148:0
File typeHTML document, ASCII text, with very long lines (624) Hash41b7ed0cbe240173eea85148fcba633e 39acd5fe099974486a1c9ba11ba0fe7be6bc97ca 274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 20029
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768817f4fb2569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1364698
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876881833b8656a5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 36 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashf43a9f52bdd16907856bcccdc018b8c9 260324361bf19dc2ea4982f6fd312f9c8d5039cc 0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vl3glmJ05%2B0ai66sPQSey1GkHmk1YztJY9XccNacBDzadfEvAY1PV8yzr5Zbb8hUxW4guBYdqUKP4snBa9OkrAnDjtuOfXFfrZNFLOYmuEnok9VuYsj1IXAKFkJ0kTjJ4kvtse7sJAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876881800d7f56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 93 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hashb27bac4b900013ef23534d75fc1310c8 b64d399028a569c735eedf56854ce1caf27d1838 c55a6363f85f47a78427aea876b9145a8ced37457c715d04296769699e7adde8
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 23:41:29 GMT
expires: Thu, 18 Apr 2024 23:41:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| assignedeliminatebonfire.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js | 192.243.59.12 | 200 OK | 30 kB |
URL GET HTTP/1.1assignedeliminatebonfire.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash984ff41379893cf225bbad98e397ff4c 7a7c9ac4873e6cc8b375a0ccab08f8790446674d 806083e94b6d46fabfd4ccfd68c3b0f7d85447d0a76fc239afa0082dd20fee08
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edb5025c9dc077846ba59f7aaf7f6dd5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5aa18a6d6c32187ba490c8624ec9603f 03775cc9963bf619b60a83d258c6be683fb7640f c9301cd630e62979937ed77629187cfe18f78fc6b85fa5d253c265eedefe6df8
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=ff503ed2-44df-4559-881e-5ae101482b44:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| assignedeliminatebonfire.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 | 192.243.59.12 | 200 OK | 5.8 kB |
URL GET HTTP/1.1assignedeliminatebonfire.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
Hashf990e29f9b95dbfe79e45adae04724c9 aa9728a363499d8c62d2b9e1b0270925157bc39f e8686bc0c714cff422929be74d07a3108c936888960d1b4ec96c5809a5bc4f4c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:29 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Fri, 19 Apr 2024 23:41:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 23:41:29 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 23:41:29 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 19 Apr 2024 23:41:29 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 19 Apr 2024 23:41:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6fb162958e5e4e6e9dc375aac9600385
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 172.67.205.77 | 200 OK | 925 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hasha59a1eb59104d4bf5ae063b28f80a03e a03719ddbf97ee76f24a77994dc2fed934bad2db 80499cd3508dab092fa2c87d292031821e2230653503f1dd41c2b9c04571fc47
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R96mWsd080RziT87f8UW1PteonZ4k%2By9qOPwxX2CwdGVtDjAig%2B9rO0kbgs4HfkXZd29uDRTzTvnG9T1LMUWNeUod%2FpbW0ZJBHmNOGTJDP9GZi1WK7wdzlD%2F8Ob42M15SD1uYLRWFvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8768817ffd7c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843za200&_p=1713483688612&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=848111669.1713483690&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713483689&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1951 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843za200&_p=1713483688612&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=848111669.1713483690&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713483689&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1951 IP216.239.34.36:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843za200&_p=1713483688612&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=848111669.1713483690&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713483689&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1951 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Thu, 18 Apr 2024 23:41:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XyIDX%2BZ9KP4AhgU5Blfkr%2FP0aTxjhctZ1mLLXJar5QQ3ckR5JlMsNqcNNieEQkTH5NZev4BgGTochZbaZu49nm2wluhEgaZEdDGtU42%2FB7UuQBpABUVa41FEqEXs2p0pbMHC4shRDyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87688183fefb56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 172.67.39.148 | 200 OK | 432 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (893), with no line terminators Hash408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKI8JfGHLgDLQMxgjIu6uq9y5sFahBx8LFeIv85H4LGXkFnp9HWSnK6sZVx299a1mbU%2BjomK2FHlABBJnwQDJeYe4yJMdIkipFw6Yt2WeRGl5RDOvuaLloy6P%2F%2BRZw9yvyADzctlodc7WNv6iH7eoGMR"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818218c6569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 8.4 kB |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeEKA1NgOgqC3lpS6AFB47ZLkLNMLrqvmfjBSQaJ6BDwE%2F66w95spsVWo7RyQHQTjgJVYlHOCTvKQVQsb%2B6W8bKEkskBpOLVMx30tm1tP7YbKwc5011apkvHGm0lonCWMtAYX%2BaA244%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87688180ddd856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| assignedeliminatebonfire.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuHhcviqDmJkKLCCoy290z2zNjDmKMKyFrNiaKepLqrurZcqurmqr%2BMTunxYDkOATFa%2B83u1miwehFTwbpDSgEhB0v7sH9J4ScZcbF0QdV733vewXfe68%2B3ytOSYCCnlx8V4%2BFlHR1re25L3%2Fk%2B%2BfdDaGKkTvqh5%2BE3fOuKV8fhG3vFfcdHm%2Fr1cDzPc%2F3fHddGJ7o0eqchMjuDvz2wGt3g7a%2F1sXI%2FB%2FbwoGlDlh5Sp6BYLOVB845iLiBSr%2B7yO12rrPX3k4LSXNtULLDD9S20pVCugwT4yBRh2fV0PZ4%2FT60OljIhS7%2FLYzEjDi%2F3EekDs9EIir3FzojCa4QsSdQlQ24bCBog1jfgGDHBIgZrmxCpbevaFPRnX9YOmdnZOXRXxDVjKz8eQ4q%2FfaCFCP3upZFLrSyGCU1xKiBGDbIiiPk4xZEdYQ4%2FwyC%2FUZWH21ApfubVmoIVi96F6KBSBpIPgG1Dor5EQ6KxEGROUjZiRv7vt%2FzWEy9%2FiCOO6zHo5B5Pu0lPvW9sI8insubIM8miOUEsdlFZnaxLSYwxc%2BwWzUsc2DzGXHe20XJalScoLIEFSWoBEGVE1RlfcCkDWx9m0lbRP6ZD858p57qfLhHD3Q%2B5IqAmgkMq%2FeyU%2FL0fD7Oi60A2%2FzETVjXi8J%2BQL013qU06fYHLBiEnt9Z8ygNQ1hRQ9jWouWxmJGXkh%2BRiRl58leCiB7ByiPE4lnQ4nnQqgbdqjFW91IqVLsUTI9pW%2FEcTNfI8hXkO86ePCXPLZZ0%2BasvwOOH5MwQmxqZqfGpeEAwlDen13RF9q%2FpypLvN7NcpGJM5wu8ntOcP%2F71Zb5TacMuXbSTO2%2FGc2Ie3n2f23yDKibU0JJvLgjGuFnXJubkp0v2Qx5dLezWhcKoItu4%2Btb6pTQz3FqhVQMqjj%2B%2BhVjMyFM%2FbCx%2B5qvuHxCmgSlqpMVSqdAN4mwXNlvmrCYwcomjzEFV1FMTRMukFASSLzGNatj%2F4GgZTw2dv6ai3rM3MTQt0PwGVFqjNDVKWYPKCWzx2DTPzMM3fu8sDJFsTSNpWvuRNPLWYsjz60tYceL2Oh2PhoM1v9ejvBd1g34S%2BozSoBsGYUg7yO0seeHenb8BAAD%2F%2FwEAAP%2F%2F4503C3MEAAA%3D | 192.243.59.12 | 200 OK | 7 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuHhcviqDmJkKLCCoy290z2zNjDmKMKyFrNiaKepLqrurZcqurmqr%2BMTunxYDkOATFa%2B83u1miwehFTwbpDSgEhB0v7sH9J4ScZcbF0QdV733vewXfe68%2B3ytOSYCCnlx8V4%2BFlHR1re25L3%2Fk%2B%2BfdDaGKkTvqh5%2BE3fOuKV8fhG3vFfcdHm%2Fr1cDzPc%2F3fHddGJ7o0eqchMjuDvz2wGt3g7a%2F1sXI%2FB%2FbwoGlDlh5Sp6BYLOVB845iLiBSr%2B7yO12rrPX3k4LSXNtULLDD9S20pVCugwT4yBRh2fV0PZ4%2FT60OljIhS7%2FLYzEjDi%2F3EekDs9EIir3FzojCa4QsSdQlQ24bCBog1jfgGDHBIgZrmxCpbevaFPRnX9YOmdnZOXRXxDVjKz8eQ4q%2FfaCFCP3upZFLrSyGCU1xKiBGDbIiiPk4xZEdYQ4%2FwyC%2FUZWH21ApfubVmoIVi96F6KBSBpIPgG1Dor5EQ6KxEGROUjZiRv7vt%2FzWEy9%2FiCOO6zHo5B5Pu0lPvW9sI8insubIM8miOUEsdlFZnaxLSYwxc%2BwWzUsc2DzGXHe20XJalScoLIEFSWoBEGVE1RlfcCkDWx9m0lbRP6ZD858p57qfLhHD3Q%2B5IqAmgkMq%2FeyU%2FL0fD7Oi60A2%2FzETVjXi8J%2BQL013qU06fYHLBiEnt9Z8ygNQ1hRQ9jWouWxmJGXkh%2BRiRl58leCiB7ByiPE4lnQ4nnQqgbdqjFW91IqVLsUTI9pW%2FEcTNfI8hXkO86ePCXPLZZ0%2BasvwOOH5MwQmxqZqfGpeEAwlDen13RF9q%2FpypLvN7NcpGJM5wu8ntOcP%2F71Zb5TacMuXbSTO2%2FGc2Ie3n2f23yDKibU0JJvLgjGuFnXJubkp0v2Qx5dLezWhcKoItu4%2Btb6pTQz3FqhVQMqjj%2B%2BhVjMyFM%2FbCx%2B5qvuHxCmgSlqpMVSqdAN4mwXNlvmrCYwcomjzEFV1FMTRMukFASSLzGNatj%2F4GgZTw2dv6ai3rM3MTQt0PwGVFqjNDVKWYPKCWzx2DTPzMM3fu8sDJFsTSNpWvuRNPLWYsjz60tYceL2Oh2PhoM1v9ejvBd1g34S%2BozSoBsGYUg7yO0seeHenb8BAAD%2F%2FwEAAP%2F%2F4503C3MEAAA%3D IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuHhcviqDmJkKLCCoy290z2zNjDmKMKyFrNiaKepLqrurZcqurmqr%2BMTunxYDkOATFa%2B83u1miwehFTwbpDSgEhB0v7sH9J4ScZcbF0QdV733vewXfe68%2B3ytOSYCCnlx8V4%2BFlHR1re25L3%2Fk%2B%2BfdDaGKkTvqh5%2BE3fOuKV8fhG3vFfcdHm%2Fr1cDzPc%2F3fHddGJ7o0eqchMjuDvz2wGt3g7a%2F1sXI%2FB%2FbwoGlDlh5Sp6BYLOVB845iLiBSr%2B7yO12rrPX3k4LSXNtULLDD9S20pVCugwT4yBRh2fV0PZ4%2FT60OljIhS7%2FLYzEjDi%2F3EekDs9EIir3FzojCa4QsSdQlQ24bCBog1jfgGDHBIgZrmxCpbevaFPRnX9YOmdnZOXRXxDVjKz8eQ4q%2FfaCFCP3upZFLrSyGCU1xKiBGDbIiiPk4xZEdYQ4%2FwyC%2FUZWH21ApfubVmoIVi96F6KBSBpIPgG1Dor5EQ6KxEGROUjZiRv7vt%2FzWEy9%2FiCOO6zHo5B5Pu0lPvW9sI8insubIM8miOUEsdlFZnaxLSYwxc%2BwWzUsc2DzGXHe20XJalScoLIEFSWoBEGVE1RlfcCkDWx9m0lbRP6ZD858p57qfLhHD3Q%2B5IqAmgkMq%2FeyU%2FL0fD7Oi60A2%2FzETVjXi8J%2BQL013qU06fYHLBiEnt9Z8ygNQ1hRQ9jWouWxmJGXkh%2BRiRl58leCiB7ByiPE4lnQ4nnQqgbdqjFW91IqVLsUTI9pW%2FEcTNfI8hXkO86ePCXPLZZ0%2BasvwOOH5MwQmxqZqfGpeEAwlDen13RF9q%2FpypLvN7NcpGJM5wu8ntOcP%2F71Zb5TacMuXbSTO2%2FGc2Ie3n2f23yDKibU0JJvLgjGuFnXJubkp0v2Qx5dLezWhcKoItu4%2Btb6pTQz3FqhVQMqjj%2B%2BhVjMyFM%2FbCx%2B5qvuHxCmgSlqpMVSqdAN4mwXNlvmrCYwcomjzEFV1FMTRMukFASSLzGNatj%2F4GgZTw2dv6ai3rM3MTQt0PwGVFqjNDVKWYPKCWzx2DTPzMM3fu8sDJFsTSNpWvuRNPLWYsjz60tYceL2Oh2PhoM1v9ejvBd1g34S%2BozSoBsGYUg7yO0seeHenb8BAAD%2F%2FwEAAP%2F%2F4503C3MEAAA%3D HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91340aec2a21b473d03169c594ab6155
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://vputad.xyz/dsp/cu/clc?aid=2789904671628150831&t=1713483690&s=952699&sid=411
|
|
| tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 | 135.181.208.216 | 200 OK | 0 B |
URL GET HTTP/2tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:30 GMT
content-length: 0
set-cookie: nauid=aCC4PwGKlr4FXMRkCLRW; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.31 | 200 OK | 89 kB |
IP143.204.55.31:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QF8CsS-8_2wc1KdWqQNbeWcra4fjMr2f9f6UhbumuOWwnr5NRD36yA==
age: 655787
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 | 135.181.208.216 | 200 OK | 5.6 kB |
URL GET HTTP/2tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typegzip compressed data, from Unix Hash5c782c4b363268a6c9c093700f6dacaf 9fc6fd04c44dc94a626f1e2bc816febac564cbfa 1957ad4b922047b703d1f25712a7f75b44d9e517be5bf642723fd0d43ff2db71
GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=Tg5qff5AoHhLMxrQP3p4; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtH602sRTxjdlSBdWN%2BdJ7n0GOq7wt%2FYIv0spQzCjslZOAuQZkitAtAJ4T4hEfbThdwY2gUMOInmkhoC0v6JCg6rKExmeBgUD7y%2FL0eoNSo7fZGLrMwAeqDab3Bn6iE9b1ZiL6yjBHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876881853fa556b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| vputad.xyz/dsp/cu/clc?aid=2789904671628150831&t=1713483690&s=952699&sid=411 | 192.243.58.98 | 302 Found | 177 B |
URL GET HTTP/2vputad.xyz/dsp/cu/clc?aid=2789904671628150831&t=1713483690&s=952699&sid=411 IP192.243.58.98:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvputad.xyz Fingerprint32:59:F6:30:94:62:54:31:F0:6E:66:4C:E6:84:E4:81:F3:A6:0C:12 ValidityTue, 20 Feb 2024 09:16:33 GMT - Mon, 20 May 2024 09:16:32 GMT
File typeHTML document, ASCII text, with no line terminators Hasha8680dc6125ed98a638871a2a731147e a8f861d04882dab37b6dd0d2ae364a7c565ea81e daf3734b3c97e0dc9cdfefb6d69a0e2455d2b2d23029b6bc75462fa9ef1a7a20
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /dsp/cu/clc?aid=2789904671628150831&t=1713483690&s=952699&sid=411 HTTP/1.1
Host: vputad.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/html; charset=utf-8
content-length: 177
location: https://media.bigbasketshop.com/track?q=BIYTAin1FeA3Nmt
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NM35y8Hfg47BgtNqA3FVbGU9VfBSWxUgWG8D14S2lwcUPwVE69VP4D02De5h5HGYEV8WL8k6v0OJ0znhw%2BiNwDD3kQJCkmobT29%2F7PdSfvbFZ5G8t23YyhWKj4G8hivgE9Cx9lbptfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87688184ef6a56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.trackingtraffo.com/pop/imp?auth=mz3u78&c=TYjJ6B62a9QB-JVxh_dHEElrQmYwTRuZNMWz_snYvCM0yNFuU2yWj6P0XCELejqnEVy9TYA_YhQvwShEqeE-KPohNWRrNOAMZiKMqGLnOVvfVkIharKSdg7-aofBToFD9sbhnZTHC0KZKNXIaFDBMCA-eBRHohkd9-tgZpnvr1zg55PaKn8TkCgty1_fdE_WbcdDB0YMG_uUiRWri8nldgP4GsSepyRpdnKv4WL0FTorj1rIjTTlFVkyfxJ9CHMzEIgV4jtLtWV3bJLPs5yEq76YCYGvvs8Q70j_t2sQ2eE5sLAI_p627t2lz9I4_jYUROy6Mu-yleDUUP8TSpnXpVIFJ5TSClL8O1XITvlTHyimufDGLI_H4tmVNCXLIEtNBAkvBaO1NZEil7urhZ1buwx3ewkRrQCoT7VG55_Kd0ZDpCVSuJVDJw42hIj3WHjyPEW6SSjQuOFNtlqHVfz32BX3GM_D7A1Npy1fiHPk4PfB-71YfDYgvFUyzYnyAJb9npHPmUf8EhUK6byTSzg0KOIFlwJd7AhlNfaBUbIyagnxc2yubA_PSfTUPuRZFgO_MJkoAgari0tZr0X0n7FFkCZ4OUgP7P44XcW3GniPKEv_Gmm-BfffPXvTdR6H7aQKd8CLozm3d21x-FHUq3imCH2OLURmGcxw76jojJyS1ko5CRoc5irYdI76-9ej1HzWjPo4thhuyOivHTWx
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 172.67.39.148 | 200 OK | 235 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (360), with no line terminators Hash48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rS6p7wFnFl7fkJw7fLG2A4znYwIH3MQ0wRM8iq4hiAUKTt95h0HUv0gE1X%2BxhNFe5NpA65SxgDVKQH2MWG8Tn0P%2BjYr297yGtzRJc%2FzpKzNH1%2BOg75hSsVnjZj9iezTg3kCEOC9X8UOzN6i49HViMtne"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818218c8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ossgogoaton.com/tag.min.js | 172.67.184.45 | 200 OK | 24 kB |
URL GET HTTP/2ossgogoaton.com/tag.min.js IP172.67.184.45:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectossgogoaton.com FingerprintB8:1E:A6:C4:2B:2A:31:03:63:B7:B8:7D:1A:4D:46:B1:54:80:C7:C6 ValidityWed, 06 Mar 2024 10:18:26 GMT - Tue, 04 Jun 2024 10:18:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hash20066b7d91ff72a24f0fa316e1061697 92eefc40f32b0098d984a125a067fc0505aec18f 7a9bf5b03fcbd400094b193d716f62044efc0acb171ac7475c5a798f3e4d04f2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:30 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: afdec351ad4a38b9edc699f7c1900acc
cache-control: max-age=86400
last-modified: Thu, 18 Apr 2024 11:27:06 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 19 Apr 2024 18:19:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 19305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2%2BlX3n9GN9hYqJbPE9KNqYazmUH0teK65CE9iIHvowAnstEHbrLjT0wdRefSaZ39lBUkUx%2Fi5fN0%2FIZ6N9E5qkPSSotQHy9xUeR6uuq8QIfwu%2FvY%2BjGz7osLKqxWRpy0TA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768818c1d0eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mnymkr.net/61140215-3e40-4623-8bda-dbb7d050d361?campaignname=AdSupply%20-%20Norway%20-%20Rotator%20%28Mark%29%28A%29&placementname=AdSupply_-_Norway_-_Rotator_%28Anna%29_Norway_Popunder_1_1&bid=0.10&totalcpv=0.0001&channel=Traffic+Marketplace&subchannel=Traffic+Marketplace&medianame=AdSupply%20-%20Norway%20-%20Rotator%20%28Anna%291&keywords=&cpv=0.0001&s2sParam=00000000-0000-0000-0000-000000000000 | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/2mnymkr.net/61140215-3e40-4623-8bda-dbb7d050d361?campaignname=AdSupply%20-%20Norway%20-%20Rotator%20%28Mark%29%28A%29&placementname=AdSupply_-_Norway_-_Rotator_%28Anna%29_Norway_Popunder_1_1&bid=0.10&totalcpv=0.0001&channel=Traffic+Marketplace&subchannel=Traffic+Marketplace&medianame=AdSupply%20-%20Norway%20-%20Rotator%20%28Anna%291&keywords=&cpv=0.0001&s2sParam=00000000-0000-0000-0000-000000000000 IP188.114.96.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectmnymkr.net Fingerprint56:5B:32:97:47:60:96:41:76:ED:C1:3B:E1:27:C7:09:7A:BA:BE:7B ValidityThu, 14 Mar 2024 01:48:25 GMT - Wed, 12 Jun 2024 01:48:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /61140215-3e40-4623-8bda-dbb7d050d361?campaignname=AdSupply%20-%20Norway%20-%20Rotator%20%28Mark%29%28A%29&placementname=AdSupply_-_Norway_-_Rotator_%28Anna%29_Norway_Popunder_1_1&bid=0.10&totalcpv=0.0001&channel=Traffic+Marketplace&subchannel=Traffic+Marketplace&medianame=AdSupply%20-%20Norway%20-%20Rotator%20%28Anna%291&keywords=&cpv=0.0001&s2sParam=00000000-0000-0000-0000-000000000000 HTTP/1.1
Host: mnymkr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://engine.blehcourt.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 23:41:31 GMT
content-length: 0
location: https://topbrandsnews.com/r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw2mgoc1cpces0fm033lss610
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 61140215-3e40-4623-8bda-dbb7d050d361-v4=xBw-ooy2ECHQdUIBlYSr3qyod5aedh6u1U-fv7baG-4; Max-Age=86400; Expires=Fri, 19-Apr-2024 23:41:31 GMT; Domain=mnymkr.net; Path=/; HttpOnly
cc-v4=GqUghH7QaKIS2qEw176xH%2BZ6clygPiQrWccP7GvLAVzisjZNBnr%2FkxAFjQ7IN0eLzolaEvzrqGR6sTdvOzbHup356kOe0c%2FMhf71zVY0LZ8S5ecaP5LAxJ67aF%2BYXw4l8iJz7Q0mD2SAQ%2Fz7rUss6Q%3D%3D; Max-Age=31536000; Expires=Fri, 18-Apr-2025 23:41:31 GMT; Domain=mnymkr.net; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBzu53olQjKM2IdyQjkWr9mWvhF%2Fd4TmRUOVQ3EQ6yD6jkFqatGfNDqm0bUnWo585QxXHhp0hzM25qAhzUIXq6olgd1FHqGQnZqhQApwb8rQ92HLSX52nmnXGVs1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8768818dfcbcb515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=663 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=663 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=663 HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=ff503ed2-44df-4559-881e-5ae101482b44&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=ff503ed2-44df-4559-881e-5ae101482b44&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=ff503ed2-44df-4559-881e-5ae101482b44&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85d96cad5ba694f7ddc88cae09611a57
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=ff503ed2-44df-4559-881e-5ae101482b44&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=ff503ed2-44df-4559-881e-5ae101482b44&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=ff503ed2-44df-4559-881e-5ae101482b44&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d530d40a138defae9b54634d6355ab6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| allvideometrika.com/f.php?sid=212515 | 172.67.214.245 | 200 OK | 1 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP172.67.214.245:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com FingerprintA7:8E:7D:C9:07:A5:B6:A9:6D:38:81:8F:95:98:D9:44:DD:EA:AD:21 ValiditySat, 24 Feb 2024 11:56:27 GMT - Fri, 24 May 2024 11:56:26 GMT
File typevery short file (no magic) Hasheccbc87e4b5ce2fe28308fd9f2a7baf3 77de68daecd823babbb58edb1c8e14d7106e83bb 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6uxw7B0tU%2BB7cY1gd4wXaeGfbtKebwMJ3R9MbN9V2FooJXVt3bh3dtYTIxXWoSWC6uGy1iqPVVbIXEStbYSE8gUQzhzvkSEeXMAqcsI44HxQWloW42KiY5%2F1aH6EMOWTKEwKtgs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87688183eba556b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg | 188.114.97.1 | 200 OK | 34 kB |
URL GET HTTP/3cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hashfe81f0c5bf7decc9141801420933b351 4d0eba9db93c28ee21c2a1d236c8a56fc264a82c 0ab3cc529ab7582dfc32a721a3873345627640298d5507d8ef807b8dece36090
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: image/jpeg
content-length: 33452
last-modified: Thu, 01 Feb 2024 14:50:52 GMT
etag: "65bbafcc-82ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1232557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFnY2moW7YZYwZJwDsBrQ%2BhQDP5MEMeh5KSsFrw2pjo3gLmn1W1hmRtg1m7NFVK4dRD80lHgkb4BhSmn0J4traNqYX2uQDFfprHkN1nrouxSpoAyUgB9tPUt1pUoDFsUv1EGe7asI5jI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768818f2ef856c7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 505 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhI7MUst4himbL0GHdxLOCLICWhqW8SQ5ljjxiM6bjCr2QHCT9woUKJCtEyB2xj5KtWdv02kEdu1mgBPe9hUNb%2BiTlEUTxSHTcUtt3ah%2FEF%2FOYn0Qb8P1mlEWnBuQhuS04zx2F7Rey4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87688180adbf56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=116 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=116 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=116 HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css | 188.114.97.1 | 200 OK | 4.8 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQGtR5s3YSrylAMeTUI20uvez5be7GyWDgrKnZVrgzwH2okJSSVvVkrQgIxUYxQ2ncHegJPlrSEtII%2BOe9uYX6UnVwOdb5rV0EwOsjtmYCyGj13%2B4UsHTpyE2oaxuHbHx%2FfN5ckMmui8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768818e7f3a5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=371 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=371 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=371 HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| xml-click-oax.adstork.com/nrtb/click?bid=vIrd_MprDHXDkV39xJzh8hjgSFjmaYa_xiuauF5mGM6B4hz4mW4xQ7jITArNqc7N_0_42 | 23.226.122.79 | 302 Found | 153 B |
URL GET HTTP/2xml-click-oax.adstork.com/nrtb/click?bid=vIrd_MprDHXDkV39xJzh8hjgSFjmaYa_xiuauF5mGM6B4hz4mW4xQ7jITArNqc7N_0_42 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.adstork.com FingerprintE0:EE:DE:EC:24:46:A0:3D:17:3E:92:70:19:A5:50:DD:FA:B1:E2:36 ValidityFri, 21 Apr 2023 00:00:00 GMT - Sun, 21 Apr 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash227a6fd6cbe36e09b20be716e5b3ef1a dfa300fd497dab4db7ceb6f3c07fc2e4bc5197e3 eb823dbe1efa89eda47790681a8fcfbb03929e5171b39ea9358cb1d57044df1e
GET /nrtb/click?bid=vIrd_MprDHXDkV39xJzh8hjgSFjmaYa_xiuauF5mGM6B4hz4mW4xQ7jITArNqc7N_0_42 HTTP/1.1
Host: xml-click-oax.adstork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/html; charset=utf-8
content-length: 153
location: https://latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713483660000-4389
X-Firefox-Spdy: h2
|
|
| www.clktoro.com/feed/click/?t1=128&tid=876&uid=102&subid=649737&id=d622a43b3858bd80c269aba5fdf99d0b:8cade9d4ebea821b94a2b6656de1a0b79b643814c77790877d0347cebca23830339c3c82d3233b2b800e42d33ab8e617b6245c985e23b7843c0986e59a3806b6fcda66db2fb3baa7df9efe01d82f7e72052b422b44f6ec049b80e32b7e7cbc6eb337194a0b6d1822083ca5973ab05d4de0136630ae9b2eebe3e5c0b99d5a90a8360d3c3f34711474c0da7fe4e7bef1f21d132595d517ebc8e8852a8d9be7c41fdf68d8c26792ad40bbf5f1aead614cb5d012748e97c5f4ee4ea071742421445c1a96333fb7b67fb879d678bfb45026904e692c2c5301363ae579678eae74c9d228557b9d4db2e24866adcffe5836b64e36cc31c0b13f1d064d795118410761406e4f47c798469ba77ab5ea719ed13c33 | 142.93.240.225 | 302 Found | 142 B |
URL GET HTTP/1.1www.clktoro.com/feed/click/?t1=128&tid=876&uid=102&subid=649737&id=d622a43b3858bd80c269aba5fdf99d0b:8cade9d4ebea821b94a2b6656de1a0b79b643814c77790877d0347cebca23830339c3c82d3233b2b800e42d33ab8e617b6245c985e23b7843c0986e59a3806b6fcda66db2fb3baa7df9efe01d82f7e72052b422b44f6ec049b80e32b7e7cbc6eb337194a0b6d1822083ca5973ab05d4de0136630ae9b2eebe3e5c0b99d5a90a8360d3c3f34711474c0da7fe4e7bef1f21d132595d517ebc8e8852a8d9be7c41fdf68d8c26792ad40bbf5f1aead614cb5d012748e97c5f4ee4ea071742421445c1a96333fb7b67fb879d678bfb45026904e692c2c5301363ae579678eae74c9d228557b9d4db2e24866adcffe5836b64e36cc31c0b13f1d064d795118410761406e4f47c798469ba77ab5ea719ed13c33 IP142.93.240.225:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectwww.clktoro.com FingerprintE5:5C:88:AE:D1:C2:D4:37:03:54:45:7E:3E:5E:C6:C5:6A:E8:E4:C8 ValidityWed, 27 Mar 2024 06:29:04 GMT - Tue, 25 Jun 2024 06:29:03 GMT
File typeHTML document, ASCII text, with no line terminators Hashdc87f6da097af9b05ec1a426f0ccb554 ed5578847492aba2c5dee51bda801f191b8ec9db 293bf4fb8974892286d9cde793d3b63e91e9a43c496abc4926e7a1f432be6f2b
GET /feed/click/?t1=128&tid=876&uid=102&subid=649737&id=d622a43b3858bd80c269aba5fdf99d0b:8cade9d4ebea821b94a2b6656de1a0b79b643814c77790877d0347cebca23830339c3c82d3233b2b800e42d33ab8e617b6245c985e23b7843c0986e59a3806b6fcda66db2fb3baa7df9efe01d82f7e72052b422b44f6ec049b80e32b7e7cbc6eb337194a0b6d1822083ca5973ab05d4de0136630ae9b2eebe3e5c0b99d5a90a8360d3c3f34711474c0da7fe4e7bef1f21d132595d517ebc8e8852a8d9be7c41fdf68d8c26792ad40bbf5f1aead614cb5d012748e97c5f4ee4ea071742421445c1a96333fb7b67fb879d678bfb45026904e692c2c5301363ae579678eae74c9d228557b9d4db2e24866adcffe5836b64e36cc31c0b13f1d064d795118410761406e4f47c798469ba77ab5ea719ed13c33 HTTP/1.1
Host: www.clktoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Expires: 0
Location: https://xml.admozartxml.com/click?i=Q1Q6WrbuO5Y_0
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 142
Date: Thu, 18 Apr 2024 23:41:31 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=TYjJ6B62a9QB-JVxh_dHEElrQmYwTRuZNMWz_snYvCM0yNFuU2yWj6P0XCELejqnEVy9TYA_YhQvwShEqeE-KPohNWRrNOAMZiKMqGLnOVvfVkIharKSdg7-aofBToFD9sbhnZTHC0KZKNXIaFDBMCA-eBRHohkd9-tgZpnvr1zg55PaKn8TkCgty1_fdE_WbcdDB0YMG_uUiRWri8nldgP4GsSepyRpdnKv4WL0FTorj1rIjTTlFVkyfxJ9CHMzEIgV4jtLtWV3bJLPs5yEq76YCYGvvs8Q70j_t2sQ2eE5sLAI_p627t2lz9I4_jYUROy6Mu-yleDUUP8TSpnXpVIFJ5TSClL8O1XITvlTHyimufDGLI_H4tmVNCXLIEtNBAkvBaO1NZEil7urhZ1buwx3ewkRrQCoT7VG55_Kd0ZDpCVSuJVDJw42hIj3WHjyPEW6SSjQuOFNtlqHVfz32BX3GM_D7A1Npy1fiHPk4PfB-71YfDYgvFUyzYnyAJb9npHPmUf8EhUK6byTSzg0KOIFlwJd7AhlNfaBUbIyagnxc2yubA_PSfTUPuRZFgO_MJkoAgari0tZr0X0n7FFkCZ4OUgP7P44XcW3GniPKEv_Gmm-BfffPXvTdR6H7aQKd8CLozm3d21x-FHUq3imCH2OLURmGcxw76jojJyS1ko5CRoc5irYdI76-9ej1HzWjPo4thhuyOivHTWx |  88.214.195.153 | 302 Found | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=TYjJ6B62a9QB-JVxh_dHEElrQmYwTRuZNMWz_snYvCM0yNFuU2yWj6P0XCELejqnEVy9TYA_YhQvwShEqeE-KPohNWRrNOAMZiKMqGLnOVvfVkIharKSdg7-aofBToFD9sbhnZTHC0KZKNXIaFDBMCA-eBRHohkd9-tgZpnvr1zg55PaKn8TkCgty1_fdE_WbcdDB0YMG_uUiRWri8nldgP4GsSepyRpdnKv4WL0FTorj1rIjTTlFVkyfxJ9CHMzEIgV4jtLtWV3bJLPs5yEq76YCYGvvs8Q70j_t2sQ2eE5sLAI_p627t2lz9I4_jYUROy6Mu-yleDUUP8TSpnXpVIFJ5TSClL8O1XITvlTHyimufDGLI_H4tmVNCXLIEtNBAkvBaO1NZEil7urhZ1buwx3ewkRrQCoT7VG55_Kd0ZDpCVSuJVDJw42hIj3WHjyPEW6SSjQuOFNtlqHVfz32BX3GM_D7A1Npy1fiHPk4PfB-71YfDYgvFUyzYnyAJb9npHPmUf8EhUK6byTSzg0KOIFlwJd7AhlNfaBUbIyagnxc2yubA_PSfTUPuRZFgO_MJkoAgari0tZr0X0n7FFkCZ4OUgP7P44XcW3GniPKEv_Gmm-BfffPXvTdR6H7aQKd8CLozm3d21x-FHUq3imCH2OLURmGcxw76jojJyS1ko5CRoc5irYdI76-9ej1HzWjPo4thhuyOivHTWx IP88.214.195.153:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=TYjJ6B62a9QB-JVxh_dHEElrQmYwTRuZNMWz_snYvCM0yNFuU2yWj6P0XCELejqnEVy9TYA_YhQvwShEqeE-KPohNWRrNOAMZiKMqGLnOVvfVkIharKSdg7-aofBToFD9sbhnZTHC0KZKNXIaFDBMCA-eBRHohkd9-tgZpnvr1zg55PaKn8TkCgty1_fdE_WbcdDB0YMG_uUiRWri8nldgP4GsSepyRpdnKv4WL0FTorj1rIjTTlFVkyfxJ9CHMzEIgV4jtLtWV3bJLPs5yEq76YCYGvvs8Q70j_t2sQ2eE5sLAI_p627t2lz9I4_jYUROy6Mu-yleDUUP8TSpnXpVIFJ5TSClL8O1XITvlTHyimufDGLI_H4tmVNCXLIEtNBAkvBaO1NZEil7urhZ1buwx3ewkRrQCoT7VG55_Kd0ZDpCVSuJVDJw42hIj3WHjyPEW6SSjQuOFNtlqHVfz32BX3GM_D7A1Npy1fiHPk4PfB-71YfDYgvFUyzYnyAJb9npHPmUf8EhUK6byTSzg0KOIFlwJd7AhlNfaBUbIyagnxc2yubA_PSfTUPuRZFgO_MJkoAgari0tZr0X0n7FFkCZ4OUgP7P44XcW3GniPKEv_Gmm-BfffPXvTdR6H7aQKd8CLozm3d21x-FHUq3imCH2OLURmGcxw76jojJyS1ko5CRoc5irYdI76-9ej1HzWjPo4thhuyOivHTWx HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Location: https://plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=8f6a420b-cc5d-4d29-8bbf-222121e8400e&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=rmlnbIqGnY173wAWSNW75CxnEIfH9qN1g3pnu9I4H7zfVYVqED2TWFxV0rXbvT67sSxGpumrIT6Bqsep1FYUdbxC-uT-vPX0lI4hctS_tSkvSxp7o3OLDJUo1wGL5IU03Be_X73XQvey2a-N5TtJxJ2HDEu4cBYQKT8_Efvbop0ia42ihQhDTfDwm8WBNhV-twLoBPO8uNldLqkpJXELPdEdnvboU6FVa2zoUK3hwqBIH44yyXaxbkFZ3maOrXEtaPDwENgSEKVYzX9D-UpItEKrl171l7A2ERmgih-eKrTyur3msBcLh85v21reUIH07FXh0fXmalQqzxlZkC46a80gKoOay42QaDmX-7rjSTb8i63tI0iFmVeBW40LeK94mHAJ6oZP-A0-mvok70vpebajk__s7SR41bYiWIVF8yDIzhyFD-zl1Z78iRXz--PCRRFnGebg6GfmIhlpMJn4fF4At6itKnpbFExu5t6uYLrbHOsd76bstMfTFJSgrJXRGM7-tUiNfJolCx6HqcxLeoZNQ7AVHTAThRZaizcpue4QGwdTS4QxYIVC2V4R76kU7GM79YXksis0nOLThgaepQ9Q5p0fv9kcbz4zhxkwaSpX8fvW8DO1sqlcm4qb3ApOxmEL8jRf8bS-qRbb3KhGOhEzRe2nrbzVziIT9PTc8J1eOQcWcEPsDDWVB8qLbL4M_L6YxwCMfMAGk5u5 | 88.214.195.153 | 302 Found | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=rmlnbIqGnY173wAWSNW75CxnEIfH9qN1g3pnu9I4H7zfVYVqED2TWFxV0rXbvT67sSxGpumrIT6Bqsep1FYUdbxC-uT-vPX0lI4hctS_tSkvSxp7o3OLDJUo1wGL5IU03Be_X73XQvey2a-N5TtJxJ2HDEu4cBYQKT8_Efvbop0ia42ihQhDTfDwm8WBNhV-twLoBPO8uNldLqkpJXELPdEdnvboU6FVa2zoUK3hwqBIH44yyXaxbkFZ3maOrXEtaPDwENgSEKVYzX9D-UpItEKrl171l7A2ERmgih-eKrTyur3msBcLh85v21reUIH07FXh0fXmalQqzxlZkC46a80gKoOay42QaDmX-7rjSTb8i63tI0iFmVeBW40LeK94mHAJ6oZP-A0-mvok70vpebajk__s7SR41bYiWIVF8yDIzhyFD-zl1Z78iRXz--PCRRFnGebg6GfmIhlpMJn4fF4At6itKnpbFExu5t6uYLrbHOsd76bstMfTFJSgrJXRGM7-tUiNfJolCx6HqcxLeoZNQ7AVHTAThRZaizcpue4QGwdTS4QxYIVC2V4R76kU7GM79YXksis0nOLThgaepQ9Q5p0fv9kcbz4zhxkwaSpX8fvW8DO1sqlcm4qb3ApOxmEL8jRf8bS-qRbb3KhGOhEzRe2nrbzVziIT9PTc8J1eOQcWcEPsDDWVB8qLbL4M_L6YxwCMfMAGk5u5 IP88.214.195.153:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=rmlnbIqGnY173wAWSNW75CxnEIfH9qN1g3pnu9I4H7zfVYVqED2TWFxV0rXbvT67sSxGpumrIT6Bqsep1FYUdbxC-uT-vPX0lI4hctS_tSkvSxp7o3OLDJUo1wGL5IU03Be_X73XQvey2a-N5TtJxJ2HDEu4cBYQKT8_Efvbop0ia42ihQhDTfDwm8WBNhV-twLoBPO8uNldLqkpJXELPdEdnvboU6FVa2zoUK3hwqBIH44yyXaxbkFZ3maOrXEtaPDwENgSEKVYzX9D-UpItEKrl171l7A2ERmgih-eKrTyur3msBcLh85v21reUIH07FXh0fXmalQqzxlZkC46a80gKoOay42QaDmX-7rjSTb8i63tI0iFmVeBW40LeK94mHAJ6oZP-A0-mvok70vpebajk__s7SR41bYiWIVF8yDIzhyFD-zl1Z78iRXz--PCRRFnGebg6GfmIhlpMJn4fF4At6itKnpbFExu5t6uYLrbHOsd76bstMfTFJSgrJXRGM7-tUiNfJolCx6HqcxLeoZNQ7AVHTAThRZaizcpue4QGwdTS4QxYIVC2V4R76kU7GM79YXksis0nOLThgaepQ9Q5p0fv9kcbz4zhxkwaSpX8fvW8DO1sqlcm4qb3ApOxmEL8jRf8bS-qRbb3KhGOhEzRe2nrbzVziIT9PTc8J1eOQcWcEPsDDWVB8qLbL4M_L6YxwCMfMAGk5u5 HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Location: https://plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3f7db490-7849-4fb5-aaea-2f172e9ab312&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 198833
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 251220
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| assignedeliminatebonfire.com/pixel/sbs?c=1 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/pixel/sbs?c=1 IP172.240.108.84:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713483660000-4389 | 206.54.181.250 | 200 OK | 359 B |
URL GET HTTP/1.1latest-557263.aqgykagexo.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713483660000-4389 IP206.54.181.250:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subject*.aqgykagexo.ru FingerprintDF:94:30:8E:BA:55:DE:41:4D:F9:A3:64:DE:7E:C8:C4:CA:64:32:61 ValidityWed, 06 Mar 2024 08:45:05 GMT - Tue, 04 Jun 2024 08:45:04 GMT
File typeHTML document, ASCII text Hashd5b6dfeeeb0fca277e551750ca15779f c67d4bca31f6e67557cf57122f1e7aefbcaa6351 30965954819e225c6a2757987c1fad1833d7a6259c99543bfe378a2b5e0d65c9
GET /click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1713483660000-4389 HTTP/1.1
Host: latest-557263.aqgykagexo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
set-cookie: clickId_557263=1713483660000-110; path=/; samesite=none; secure; httponly
date: Thu, 18 Apr 2024 23:41:31 GMT
connection: close
transfer-encoding: chunked
|
|
| assignedeliminatebonfire.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuHhcviqDmJsKICCoy2z2%2FdsYcxBhXQtZsTBT1JPWrZ8utrmqquqdn57QYkByHoHjt%2FWY3SzQYvejJIL0BhYCw48U9uP%2BEkLPMuDj6oOq9732v4Hvv1ed7%2BSlpIqcnF9%2B1Y6U1Xe00wvrLH0XR%2BfqGMvmoPup1P%2Bm2z9fd8PV%2BtxG%2BUn9H8m272gyjMIzCqL6unIztaHVOQqV3%2B1GjHzbazUbUaWPk%2Fo99HsDTAGJ4Sp6BErOVB8E5KF7BJN9dlH47s%2Blrbye5ppl1GIrDD8y2sYVBsgxjFyA2h2fVsP54%2FT6sOVjIhR3%2BW8jUjAS%2F3Aczh2ciwYb7C51MQxow8QSKYQWpKyhagdsbUOKYAFzgyiZMcvuKdQXd%2BYelc3ZGVh79BVXMyMqf52CSby9oNapftzrPlDUeo7iEGlVQgwppfoRsXIMqjsCzz6DEb2T10QZMsr%2FptYUS5aJ3pSqouIKWE1AfIJ8fFSCPA%2BRpgESc1HkURWuh4DTs9TlviTXJuiKM6Foc0Sjs9pDzubwJsnQCrifgbhep28W2msDlP8NvlfAigM9mJHhvF0NRopAEhScoKEGhCIqMoBiWB0L7pi9vC%2B1zFp355plvlVObDfbogc0G0hBQN4ET5V56Sp6ezyd4sdbEtjypx6Idsm6vScOObFMat3t90ex3w6jVCSntduFVCeVri5bHakZein9EqmbkyV8JGD2C10fg6lnQ%2FHnQogTdKjE29xKqTGOohB3ThpEZhC2RZivIdoI9fUqeWyzp8ldfQPKH5MzAXYnUlfhUPSAY6JvTa7Yg%2B9ds4cn3m2mmEjWm8wVez2gmH%2F%2F6stwprBOXLvrJnTf5nJiHd9%2BXPtugRigz8OSbC0oI6dat45L8dMl%2FKNnV3G9dyJ3J042rb61fSlInvVfWVKDq%2BONb4GpGnvphY%2FEzX63%2FAeUquLxEki%2BVKluBp7vw6TLnLYHTS8zSAEVeTl2TLZNaEWi5xJSV8P%2FBbBlPHZ2%2Fpqrc8zcxcDXQ7AZMUmLoSgx1Caon8Plj0yx1D9%2F4vbUwMF2bMu1q%2B0w7fWsx5Pn1Jbw6qbdCscZkLNeYbHfaseSCdTos5DFnLdHrcWR%2BFr9w787fAAAA%2F%2F8BAAD%2F%2F2NJ4uNzBAAA | 192.243.59.12 | 200 OK | 7 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuHhcviqDmJsKICCoy2z2%2FdsYcxBhXQtZsTBT1JPWrZ8utrmqquqdn57QYkByHoHjt%2FWY3SzQYvejJIL0BhYCw48U9uP%2BEkLPMuDj6oOq9732v4Hvv1ed7%2BSlpIqcnF9%2B1Y6U1Xe00wvrLH0XR%2BfqGMvmoPup1P%2Bm2z9fd8PV%2BtxG%2BUn9H8m272gyjMIzCqL6unIztaHVOQqV3%2B1GjHzbazUbUaWPk%2Fo99HsDTAGJ4Sp6BErOVB8E5KF7BJN9dlH47s%2Blrbye5ppl1GIrDD8y2sYVBsgxjFyA2h2fVsP54%2FT6sOVjIhR3%2BW8jUjAS%2F3Aczh2ciwYb7C51MQxow8QSKYQWpKyhagdsbUOKYAFzgyiZMcvuKdQXd%2BYelc3ZGVh79BVXMyMqf52CSby9oNapftzrPlDUeo7iEGlVQgwppfoRsXIMqjsCzz6DEb2T10QZMsr%2FptYUS5aJ3pSqouIKWE1AfIJ8fFSCPA%2BRpgESc1HkURWuh4DTs9TlviTXJuiKM6Foc0Sjs9pDzubwJsnQCrifgbhep28W2msDlP8NvlfAigM9mJHhvF0NRopAEhScoKEGhCIqMoBiWB0L7pi9vC%2B1zFp355plvlVObDfbogc0G0hBQN4ET5V56Sp6ezyd4sdbEtjypx6Idsm6vScOObFMat3t90ex3w6jVCSntduFVCeVri5bHakZein9EqmbkyV8JGD2C10fg6lnQ%2FHnQogTdKjE29xKqTGOohB3ThpEZhC2RZivIdoI9fUqeWyzp8ldfQPKH5MzAXYnUlfhUPSAY6JvTa7Yg%2B9ds4cn3m2mmEjWm8wVez2gmH%2F%2F6stwprBOXLvrJnTf5nJiHd9%2BXPtugRigz8OSbC0oI6dat45L8dMl%2FKNnV3G9dyJ3J042rb61fSlInvVfWVKDq%2BONb4GpGnvphY%2FEzX63%2FAeUquLxEki%2BVKluBp7vw6TLnLYHTS8zSAEVeTl2TLZNaEWi5xJSV8P%2FBbBlPHZ2%2Fpqrc8zcxcDXQ7AZMUmLoSgx1Caon8Plj0yx1D9%2F4vbUwMF2bMu1q%2B0w7fWsx5Pn1Jbw6qbdCscZkLNeYbHfaseSCdTos5DFnLdHrcWR%2BFr9w787fAAAA%2F%2F8BAAD%2F%2F2NJ4uNzBAAA IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuHhcviqDmJsKICCoy2z2%2FdsYcxBhXQtZsTBT1JPWrZ8utrmqquqdn57QYkByHoHjt%2FWY3SzQYvejJIL0BhYCw48U9uP%2BEkLPMuDj6oOq9732v4Hvv1ed7%2BSlpIqcnF9%2B1Y6U1Xe00wvrLH0XR%2BfqGMvmoPup1P%2Bm2z9fd8PV%2BtxG%2BUn9H8m272gyjMIzCqL6unIztaHVOQqV3%2B1GjHzbazUbUaWPk%2Fo99HsDTAGJ4Sp6BErOVB8E5KF7BJN9dlH47s%2Blrbye5ppl1GIrDD8y2sYVBsgxjFyA2h2fVsP54%2FT6sOVjIhR3%2BW8jUjAS%2F3Aczh2ciwYb7C51MQxow8QSKYQWpKyhagdsbUOKYAFzgyiZMcvuKdQXd%2BYelc3ZGVh79BVXMyMqf52CSby9oNapftzrPlDUeo7iEGlVQgwppfoRsXIMqjsCzz6DEb2T10QZMsr%2FptYUS5aJ3pSqouIKWE1AfIJ8fFSCPA%2BRpgESc1HkURWuh4DTs9TlviTXJuiKM6Foc0Sjs9pDzubwJsnQCrifgbhep28W2msDlP8NvlfAigM9mJHhvF0NRopAEhScoKEGhCIqMoBiWB0L7pi9vC%2B1zFp355plvlVObDfbogc0G0hBQN4ET5V56Sp6ezyd4sdbEtjypx6Idsm6vScOObFMat3t90ex3w6jVCSntduFVCeVri5bHakZein9EqmbkyV8JGD2C10fg6lnQ%2FHnQogTdKjE29xKqTGOohB3ThpEZhC2RZivIdoI9fUqeWyzp8ldfQPKH5MzAXYnUlfhUPSAY6JvTa7Yg%2B9ds4cn3m2mmEjWm8wVez2gmH%2F%2F6stwprBOXLvrJnTf5nJiHd9%2BXPtugRigz8OSbC0oI6dat45L8dMl%2FKNnV3G9dyJ3J042rb61fSlInvVfWVKDq%2BONb4GpGnvphY%2FEzX63%2FAeUquLxEki%2BVKluBp7vw6TLnLYHTS8zSAEVeTl2TLZNaEWi5xJSV8P%2FBbBlPHZ2%2Fpqrc8zcxcDXQ7AZMUmLoSgx1Caon8Plj0yx1D9%2F4vbUwMF2bMu1q%2B0w7fWsx5Pn1Jbw6qbdCscZkLNeYbHfaseSCdTos5DFnLdHrcWR%2BFr9w787fAAAA%2F%2F8BAAD%2F%2F2NJ4uNzBAAA HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38756df792a6c107b41fdf7a70b49a10
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f4f2135-3dfc-4950-924a-16849c9a5c05 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f4f2135-3dfc-4950-924a-16849c9a5c05 IP139.45.195.254:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f4f2135-3dfc-4950-924a-16849c9a5c05 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1403
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashb253067e1590d5f5a338eda343cf25a2 42d5c32cb6e46691ff0a2b4f654e48b3f2dd3239 a8edfc15d4d1742b000ae95eb8fb90c49c5cc1234585315b155db49e13c1722f
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 23:41:31 GMT
date: Thu, 18 Apr 2024 23:41:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=Ni45K3oEcfFdCChcmjqY6L4msMNH_cRZGI1SzN69PJlzaetLN_KBUa0J2pIS1BNsisRjsFHqrY3ngHWdJf55eKnZuojAvPfcziuS_sB17faQVLYT-RJDXTPKG0LnkiqoEdyCETdfRFdOTqc23zSGbBxirJvdZxbQtCo0U0QWIhuebWgIB08EUh72ZnaJISsJ4sGtRUbR83hiRLrCgFougpW9RxokT1jLI4fyNKqxFHIb1lv-lJMudKZxmutxNDMTgw8UCSxKnnNGsoeHSbOOPmIrloeC3XW3TRIym-T8abUQoIxYSndQ5n6fYhamoA-ciwAFpEMv0mUNHHC6yCX69N_CchDS-DXoZGN4UaSyY7dZykjvc_5qFjNYdn6ZXGuU5SgE4yJ9cB8TUGY87mMN1KUist-2kEZ_PiAiiGdNFgGCmORqwWh8wuR00p_APXqSytUSvCQmetrmXkcHcrljCbGmHWZH6BfFiSQNhLhHlH7ahRnBoQptLdNHxHcMSbPnah7La-Z46g0kFOocGgqfaq-REelN83cVCTElPpwc2J1FJ9Q0peAjFlGMfQ1LOzOMT4lNmnRVjKFQ8ThvbgZtTqxeIC3BVeQDts7blwox6qlAZyhuOAx5A4md0pzxult1aIOMsMHs5_ZDpB383WX7LE0qM0GO-eQQPNFRQ5Uxc1pNkNn189eLUGsn6j1DQOtllydr4QHC-5pnFVFU | 88.214.195.153 | 302 Found | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=Ni45K3oEcfFdCChcmjqY6L4msMNH_cRZGI1SzN69PJlzaetLN_KBUa0J2pIS1BNsisRjsFHqrY3ngHWdJf55eKnZuojAvPfcziuS_sB17faQVLYT-RJDXTPKG0LnkiqoEdyCETdfRFdOTqc23zSGbBxirJvdZxbQtCo0U0QWIhuebWgIB08EUh72ZnaJISsJ4sGtRUbR83hiRLrCgFougpW9RxokT1jLI4fyNKqxFHIb1lv-lJMudKZxmutxNDMTgw8UCSxKnnNGsoeHSbOOPmIrloeC3XW3TRIym-T8abUQoIxYSndQ5n6fYhamoA-ciwAFpEMv0mUNHHC6yCX69N_CchDS-DXoZGN4UaSyY7dZykjvc_5qFjNYdn6ZXGuU5SgE4yJ9cB8TUGY87mMN1KUist-2kEZ_PiAiiGdNFgGCmORqwWh8wuR00p_APXqSytUSvCQmetrmXkcHcrljCbGmHWZH6BfFiSQNhLhHlH7ahRnBoQptLdNHxHcMSbPnah7La-Z46g0kFOocGgqfaq-REelN83cVCTElPpwc2J1FJ9Q0peAjFlGMfQ1LOzOMT4lNmnRVjKFQ8ThvbgZtTqxeIC3BVeQDts7blwox6qlAZyhuOAx5A4md0pzxult1aIOMsMHs5_ZDpB383WX7LE0qM0GO-eQQPNFRQ5Uxc1pNkNn189eLUGsn6j1DQOtllydr4QHC-5pnFVFU IP88.214.195.153:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=Ni45K3oEcfFdCChcmjqY6L4msMNH_cRZGI1SzN69PJlzaetLN_KBUa0J2pIS1BNsisRjsFHqrY3ngHWdJf55eKnZuojAvPfcziuS_sB17faQVLYT-RJDXTPKG0LnkiqoEdyCETdfRFdOTqc23zSGbBxirJvdZxbQtCo0U0QWIhuebWgIB08EUh72ZnaJISsJ4sGtRUbR83hiRLrCgFougpW9RxokT1jLI4fyNKqxFHIb1lv-lJMudKZxmutxNDMTgw8UCSxKnnNGsoeHSbOOPmIrloeC3XW3TRIym-T8abUQoIxYSndQ5n6fYhamoA-ciwAFpEMv0mUNHHC6yCX69N_CchDS-DXoZGN4UaSyY7dZykjvc_5qFjNYdn6ZXGuU5SgE4yJ9cB8TUGY87mMN1KUist-2kEZ_PiAiiGdNFgGCmORqwWh8wuR00p_APXqSytUSvCQmetrmXkcHcrljCbGmHWZH6BfFiSQNhLhHlH7ahRnBoQptLdNHxHcMSbPnah7La-Z46g0kFOocGgqfaq-REelN83cVCTElPpwc2J1FJ9Q0peAjFlGMfQ1LOzOMT4lNmnRVjKFQ8ThvbgZtTqxeIC3BVeQDts7blwox6qlAZyhuOAx5A4md0pzxult1aIOMsMHs5_ZDpB383WX7LE0qM0GO-eQQPNFRQ5Uxc1pNkNn189eLUGsn6j1DQOtllydr4QHC-5pnFVFU HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Location: https://plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=9f057999-daa1-4651-be5a-d369687b515a&cost=0.0036&PUB_ID=118&SUB_ID=583524&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 172.67.39.148 | 200 OK | 273 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6GJdn8sjfSnuFPLDtJ%2FQfURHSV9%2BVKFPN%2BoVMIE1WLd%2FjnFWUFJ2yQt7T11BUY%2FmaD3PEQ7eEP6%2Bz96%2BX%2BOzAKq%2BjuM95%2B0V1zYfujak10jOE9EJBhjR6qVVwcABhbLdH5ABU1D%2FXBghUl5L%2FyVYWLhC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818208c3569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| r.linksprf.com/v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w2mgoc1cpces0fm033lss610 |  63.33.119.172 | 403 Forbidden | 64 B |
URL GET HTTP/2r.linksprf.com/v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w2mgoc1cpces0fm033lss610 IP63.33.119.172:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectlinksprf.com Fingerprint15:49:F4:32:D4:F8:74:E9:DD:AD:24:DB:FE:38:64:F8:2A:17:FE:AA ValidityThu, 18 Apr 2024 11:27:29 GMT - Wed, 17 Jul 2024 11:27:28 GMT
Hash44dffb68c186c3f31278454b81b76c50 83b972a39d03ab2510c91fe564c3312d016936de f294c94c8a52b205ae915b8b412ab02c6a93276369effb02144aaafabbe47965
GET /v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w2mgoc1cpces0fm033lss610 HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/json
content-length: 64
set-cookie: ykuid=aa976a08b8d2476096a175de64454fa6; Path=/; Secure; Domain=.linksprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=E8A13D4A9E896F4D0373A216082A71AF; Path=/; HttpOnly
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3f7db490-7849-4fb5-aaea-2f172e9ab312&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 | 23.88.80.32 | 302 Found | 0 B |
URL GET HTTP/1.1plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3f7db490-7849-4fb5-aaea-2f172e9ab312&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 IP23.88.80.32:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectplinksplanet.com Fingerprint8F:DC:E5:EE:9A:5C:35:FE:35:A3:81:ED:70:D0:B9:A6:F5:55:86:93 ValidityThu, 04 Apr 2024 10:17:31 GMT - Wed, 03 Jul 2024 10:17:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3f7db490-7849-4fb5-aaea-2f172e9ab312&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 HTTP/1.1
Host: plinksplanet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=qe6jbgfy0; expires=Fri, 19-Apr-2024 23:41:31 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=qe6jbgfy0-qe6jbgfy0-slvc-0-2t1mwj-52a8wj-52a8vr-95c80e; expires=Fri, 19-Apr-2024 23:41:31 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=b773bqe6jbgfy0085
Strict-Transport-Security: max-age=31536000
|
|
| plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=8f6a420b-cc5d-4d29-8bbf-222121e8400e&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 | 23.88.80.32 | 302 Found | 0 B |
URL GET HTTP/1.1plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=8f6a420b-cc5d-4d29-8bbf-222121e8400e&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 IP23.88.80.32:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectplinksplanet.com Fingerprint8F:DC:E5:EE:9A:5C:35:FE:35:A3:81:ED:70:D0:B9:A6:F5:55:86:93 ValidityThu, 04 Apr 2024 10:17:31 GMT - Wed, 03 Jul 2024 10:17:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=qcopnrbsgld1lpyq4gqz&clickid=8f6a420b-cc5d-4d29-8bbf-222121e8400e&cost=0.0036&PUB_ID=118&SUB_ID=602216&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 HTTP/1.1
Host: plinksplanet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 23:41:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=qe6jbgfyfe; expires=Fri, 19-Apr-2024 23:41:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=qe6jbgfyfe-qe6jbgfyfe-slvc-0-2t1mwj-52a8wj-52a8vr-e8ed2c; expires=Fri, 19-Apr-2024 23:41:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=75c27qe6jbgfyfe8f2
Strict-Transport-Security: max-age=31536000
|
|
| plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3adfabce-b9f2-44d6-9c07-9334f3f02617&cost=0.0036&PUB_ID=118&SUB_ID=520478&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 | 23.88.80.32 | 302 Found | 0 B |
URL GET HTTP/1.1plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3adfabce-b9f2-44d6-9c07-9334f3f02617&cost=0.0036&PUB_ID=118&SUB_ID=520478&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 IP23.88.80.32:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectplinksplanet.com Fingerprint8F:DC:E5:EE:9A:5C:35:FE:35:A3:81:ED:70:D0:B9:A6:F5:55:86:93 ValidityThu, 04 Apr 2024 10:17:31 GMT - Wed, 03 Jul 2024 10:17:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3adfabce-b9f2-44d6-9c07-9334f3f02617&cost=0.0036&PUB_ID=118&SUB_ID=520478&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 HTTP/1.1
Host: plinksplanet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 23:41:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=qe6jbgkti4; expires=Fri, 19-Apr-2024 23:41:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=qe6jbgkti4-qe6jbgkti4-slvc-0-2t1mwj-52a8wj-52a8vr-ec1f52; expires=Fri, 19-Apr-2024 23:41:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=d077cqe6jbgkti4407
Strict-Transport-Security: max-age=31536000
|
|
| topbrandsnews.com/r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw2mgoc1cpces0fm033lss610 | 172.67.72.211 | 308 Permanent Redirect | 415 B |
URL GET HTTP/2topbrandsnews.com/r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw2mgoc1cpces0fm033lss610 IP172.67.72.211:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjecttopbrandsnews.com Fingerprint5E:65:A8:5B:A7:01:99:CC:2D:F6:70:02:17:5A:69:ED:DD:D8:18:C1 ValidityWed, 03 Apr 2024 14:17:26 GMT - Tue, 02 Jul 2024 14:17:25 GMT
File typeHTML document, ASCII text, with very long lines (414) Hash5761f65fcb703a58d25b5dc581ff8fbb 9f700d996aea6b628c8d390c8ca4f47b22121db3 018de99674291d415901e0e309d3df51c7ca1624b344120f9c038d9a1f8c0802
GET /r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw2mgoc1cpces0fm033lss610 HTTP/1.1
Host: topbrandsnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://engine.blehcourt.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/html; charset=UTF-8
location: https://r.linksprf.com/v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w2mgoc1cpces0fm033lss610
x-powered-by: PHP/8.2.18, PleskLin
referrer-policy: no-referrer
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaGcwzqacW05XcJA0uPUSGplSPkglvbaJ%2F6UFuGI8r5cPU9ZS4LTLnsZOGhAjwiLBCJUzh2TfDNOFfAAncun3n3i75Nsx%2BKRu7rsjhsjMK8XzREIc0s6q7CPuRtKnNobKsj7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cflb=0H28vHozRJJ2U2zMtR6mkpLBtqXxMEm6LyUd67rYie1; SameSite=None; Secure; path=/; expires=Fri, 19-Apr-24 00:11:31 GMT; HttpOnly
server: cloudflare
cf-ray: 87688190197356cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=d077cqe6jbgkti4407 | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=d077cqe6jbgkti4407 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject20bet.partners Fingerprint7D:08:B3:80:9A:D9:AF:7C:D7:7C:B8:CE:FE:1A:EF:F5:BD:8C:56:FF ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashe75f952605e6682921b112f1b74428d5 28197aa18a33963df86a50ec796e9dd528cfbdc5 fcf12ad8f13066a52a83e8faa99eadab3d7565a1760fc9f91a215e4ee28bdb78
GET /redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=d077cqe6jbgkti4407 HTTP/1.1
Host: promo.20bet.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 23:41:32 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T234132Z-17f9dd4c48bpw5gpvd09qb5x440000000310000000000kxb
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=75c27qe6jbgfyfe8f2 | 13.107.213.53 | 403 Forbidden | 409 B |
URL GET HTTP/2promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=75c27qe6jbgfyfe8f2 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject20bet.partners Fingerprint7D:08:B3:80:9A:D9:AF:7C:D7:7C:B8:CE:FE:1A:EF:F5:BD:8C:56:FF ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hash3af487f641bdc2d8fa18bdf3ca31444a 862dab749a13a44e1b5495b0ebef5fa30b342ea5 aab498d5a42328a5a504e231126dd51d531cf639ea3705afa892d8a98a53298b
GET /redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=75c27qe6jbgfyfe8f2 HTTP/1.1
Host: promo.20bet.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 23:41:32 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T234132Z-17f9dd4c48bpw5gpvd09qb5x440000000310000000000kxc
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| xml.admozartxml.com/click?i=Q1Q6WrbuO5Y_0 | 173.239.53.22 | 302 Found | 0 B |
URL GET HTTP/1.1xml.admozartxml.com/click?i=Q1Q6WrbuO5Y_0 IP173.239.53.22:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerUnizeto Technologies S.A. Subject*.admozartxml.com FingerprintCF:43:3E:0B:91:40:89:D5:00:EB:FB:8E:88:88:92:C2:01:11:87:BF ValidityTue, 19 Mar 2024 12:11:35 GMT - Wed, 19 Mar 2025 12:11:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=Q1Q6WrbuO5Y_0 HTTP/1.1
Host: xml.admozartxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: x3327657=810451017; Domain=.green-resultsbid.com
Cache-Control: no-store
Location: https://filter.realtime-bid.com/filter?q=&i=l3ylmJ9b1NU_0&ci=-4073749371781264010&t=1224080206&h=51
|
|
| filter.realtime-bid.com/filter?q=&i=l3ylmJ9b1NU_0&ci=-4073749371781264010&t=1224080206&h=51 | 198.134.116.29 | 200 OK | 13 kB |
URL GET HTTP/1.1filter.realtime-bid.com/filter?q=&i=l3ylmJ9b1NU_0&ci=-4073749371781264010&t=1224080206&h=51 IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGlobalSign nv-sa Subject*.realtime-bid.com Fingerprint13:61:C0:C0:12:08:62:C1:D0:9C:2D:51:84:23:03:A1:51:3C:1E:4F ValidityTue, 05 Mar 2024 13:40:12 GMT - Sun, 06 Apr 2025 13:40:11 GMT
File typeHTML document, ASCII text, with very long lines (524) Hash52b7414d21433e35462b119ff6bc7ade a1579135e9ac8750cd068bd9cb052a922b534525 27c9143abc1c590418dc2be2574aad129adcbcd8168b2af70907e02d37ad8d83
GET /filter?q=&i=l3ylmJ9b1NU_0&ci=-4073749371781264010&t=1224080206&h=51 HTTP/1.1
Host: filter.realtime-bid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:41:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12950
Connection: keep-alive
Referrer-Policy: unsafe-url
Cache-Control: no-store
Set-Cookie: c-1794011548=810451017
x3327657=810451017; Domain=.realtime-bid.com
|
|
| xml.green-resultsbid.com/click2?i=l3ylmJ9b1NU_0&ci=-4073749371781264010&j=rv%3Db%26ss%3D1280x1024%26ws%3D1916x1076%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2193%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D8%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A96.0%29%2BGecko%252F20100101%2BFirefox%252F96.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1916x1076%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1900x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 | 198.134.116.29 | 302 Found | 0 B |
URL GET HTTP/1.1xml.green-resultsbid.com/click2?i=l3ylmJ9b1NU_0&ci=-4073749371781264010&j=rv%3Db%26ss%3D1280x1024%26ws%3D1916x1076%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2193%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D8%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A96.0%29%2BGecko%252F20100101%2BFirefox%252F96.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1916x1076%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1900x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectgreen-resultsbid.com FingerprintC8:14:16:91:8D:B8:DF:60:61:B3:04:CF:D2:09:58:40:C7:71:8F:F5 ValidityThu, 29 Feb 2024 07:47:02 GMT - Wed, 29 May 2024 07:47:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click2?i=l3ylmJ9b1NU_0&ci=-4073749371781264010&j=rv%3Db%26ss%3D1280x1024%26ws%3D1916x1076%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2193%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D8%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.realtime-bid.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A96.0%29%2BGecko%252F20100101%2BFirefox%252F96.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1916x1076%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1900x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 HTTP/1.1
Host: xml.green-resultsbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filter.realtime-bid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:33 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://mypopadpro.com/606778
Referrer-Policy: no-referrer
|
|
| mypopadpro.com/606778 | 108.61.206.40 | 302 Found | 7.2 kB |
IP108.61.206.40:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectmypopadpro.com Fingerprint92:3B:D3:5D:E9:76:29:5E:9A:19:A9:7B:F2:D4:48:4C:0D:8C:4D:BF ValiditySun, 07 Apr 2024 06:12:35 GMT - Sat, 06 Jul 2024 06:12:34 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash60ac073db5f2389502490ad81cd8fe6e 115137f279a9f05745f0c76ba659c9c7dc7eba89 614c22a21c35f46f2a351978ab5da3c79440e00b326023b5b89c07af5dd07c0e
GET /606778 HTTP/1.1
Host: mypopadpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 23:41:34 GMT
content-type: text/html; charset=UTF-8
location: http://popcash.net/world/go/251690/703591
cache-control: no-store
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
x-permitted-cross-domain-policies: master-only, master-only
referrer-policy: same-origin, same-origin
X-Firefox-Spdy: h2
|
|
| veepteero.com/?rb=xOwW2qNm0QTZ-lSaYqJaY4_woWZpM2qUU6yKwJ3155L04kGdtsKfBG7edhH3BqDJrpF4yJsDq_5NRddno5C8GKq-MTQcCl71dhtiYdMGgr8bVQlsuCPiZ3-rWcrx5mUvyG3XL-eEIleH1uU8ipwBjupDrN62t6I-acphOXeJkRozP1fB1bX2aZAwfkusKEE0D_yDylqhF5YcNfY9RkBkfIvFQeS5-sZAMnqIKs8G7CqD8hWqb-R2VCG5yHeCwQhWNxnsgA%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=11&pl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3cdd1bd3-6863-438c-9ab7-5270dadd0e45&userId=008042bff1b44bdce22ee9bb233e1d3f&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2veepteero.com/?rb=xOwW2qNm0QTZ-lSaYqJaY4_woWZpM2qUU6yKwJ3155L04kGdtsKfBG7edhH3BqDJrpF4yJsDq_5NRddno5C8GKq-MTQcCl71dhtiYdMGgr8bVQlsuCPiZ3-rWcrx5mUvyG3XL-eEIleH1uU8ipwBjupDrN62t6I-acphOXeJkRozP1fB1bX2aZAwfkusKEE0D_yDylqhF5YcNfY9RkBkfIvFQeS5-sZAMnqIKs8G7CqD8hWqb-R2VCG5yHeCwQhWNxnsgA%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=11&pl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3cdd1bd3-6863-438c-9ab7-5270dadd0e45&userId=008042bff1b44bdce22ee9bb233e1d3f&m=link IP139.45.197.242:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2321), with no line terminators Hashb761fb1f41354b245b481f11f36840c4 f2517946e04e3a0d20066c19d030e87bdc8372b9 4155a989a59ac0842f6343fa30a78024ed9a1a41d859d751e5ff2d2495e4b96d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?rb=xOwW2qNm0QTZ-lSaYqJaY4_woWZpM2qUU6yKwJ3155L04kGdtsKfBG7edhH3BqDJrpF4yJsDq_5NRddno5C8GKq-MTQcCl71dhtiYdMGgr8bVQlsuCPiZ3-rWcrx5mUvyG3XL-eEIleH1uU8ipwBjupDrN62t6I-acphOXeJkRozP1fB1bX2aZAwfkusKEE0D_yDylqhF5YcNfY9RkBkfIvFQeS5-sZAMnqIKs8G7CqD8hWqb-R2VCG5yHeCwQhWNxnsgA%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=11&pl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=3cdd1bd3-6863-438c-9ab7-5270dadd0e45&userId=008042bff1b44bdce22ee9bb233e1d3f&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/json
x-trace-id: 55a7836e211e4a1d8e7f7b2954737683
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008042bff1b44bdce22ee9bb233e1d3f; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
oaidts=1713483691; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 23:41:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=38b8bqe6jbgktvr4b8 | 0.0.0.0 | | 0 B |
URL GET promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=38b8bqe6jbgktvr4b8 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject20bet.partners Fingerprint7D:08:B3:80:9A:D9:AF:7C:D7:7C:B8:CE:FE:1A:EF:F5:BD:8C:56:FF ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=38b8bqe6jbgktvr4b8 HTTP/1.1
Host: promo.20bet.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-1183"
expires: Sat, 18 May 2024 23:32:58 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70102?s1=120221&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70102?s1=120221&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70102?s1=120221&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&sid=4e6626ab-644e-4e0b-ab8e-90f00988d5c2 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=QLVRnrAWUWx5U3JTr6VQ; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| str33.vidoza.net/i/04/07555/ux5i45ivmnqo_xt.jpg | 213.152.167.246 | 200 OK | 35 kB |
URL GET HTTP/2str33.vidoza.net/i/04/07555/ux5i45ivmnqo_xt.jpg IP213.152.167.246:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x283, components 3 Hash275815af94bc2d3b1ed3396bd8d5a80d 27c9a20a67850aee99abdcde85f432d33878261f ab3120e084593ef46f802e29f057dfe50f7a28cdec9e5050a9314cb0ee4c2e93
GET /i/04/07555/ux5i45ivmnqo_xt.jpg HTTP/1.1
Host: str33.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: image/jpeg
content-length: 35426
last-modified: Fri, 15 Mar 2024 17:57:00 GMT
etag: "65f48bec-8a62"
expires: Thu, 02 May 2024 23:41:29 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 19 kB |
IP172.67.193.52:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3gCX5BgffAyRtnAuNGp8TUlzjwHMew4pL9Thmx%2BrpI5c%2B0VfPwpHXOLqB0c6UKHSO2qoUvR%2FbYXM2EJvyH3Jl%2BVWaYp0VDH6x4zp3i6WK5RLmrCoeB4Ue5eLssMDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876881905ac51c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1; file_id=37775401; aff=120221; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; _ga_HEX1BG8H46=GS1.1.1713483689.1.0.1713483689.60.0.0; _ga=GA1.1.848111669.1713483690; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:30 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-47e"
expires: Sat, 18 May 2024 23:32:53 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 172.67.39.148 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FN7klxF7wXP63HcRl%2BjCdei7MZiQdLbHTqz87Q9U8JynkbiNBMS1rbdVtmUknMMTPAEW9DWd2%2FJRR1gRNn7DGNrqap17XCipxcat6ZwNX7wMVLUN3VPJR8WgR5HpxT%2BapjjIqHt"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768817f4fb7569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js | 104.17.25.14 | 200 OK | 18 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP104.17.25.14:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17660) Hash12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 282710
expires: Tue, 08 Apr 2025 23:41:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uA07776uvN64mN6uI5daXulPcRwz99u8Wzi8lTBwjGCSeM7cOYhNRSis00YssK7TNxVV%2FrFkunwSHJr2%2BunvE11U6dfQ7tS8Ddu6GtIttAWk3%2Bc2J1HTULHe0RLKXZlkIv1CeDYK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8768818b8ffc7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 42 kB |
URL GET HTTP/2videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:39 GMT
vary: Accept-Encoding
etag: W/"66163917-a554"
expires: Sat, 18 May 2024 23:33:04 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 172.67.39.148 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdllmjIIRPRO2sHETKfzSGgQqV%2B5f6wC121kOiSfff%2FleOBxlgQKvNn%2B2DUe%2Fr5kpz9KGft%2FRsHDcGcIpGt%2F42uj0Qb%2BUMIa9aqfRrxL31k1iZW4bD4Y1%2BVj76SQGbCP3FxdALOTUrcyP3H539%2BTGVdC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818218ce569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js | 188.114.97.1 | 200 OK | 386 B |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (399), with no line terminators Hash022602a468da44628060800173771da2 9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c 6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:54 GMT
etag: W/"65bbaf56-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yfzr%2FK7JA7qI2H1zTlL0jGZOcQSdtlXzYzEqhFzfl3j7GLUaMFLKBLt1PkdEpBt1mGcTayDhDGq7%2Bmt6wqAToSIh50TRFnjLz3X1PNwwBaqjkT8UgtQfgHc1%2FD9vOlegfLvFLfBaEJXB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768818e6f355687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/5708419 | 139.45.197.244 | 200 OK | 88 kB |
IP139.45.197.244:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash267838f33148049cab8f792e93181d8b b400c1c8926ad14dce8edbd3699f6c08ec1183d1 cb6870ab36ef09e03091ba48c0d7806f9223f9d21e38838c09cf427dd42e3222
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/javascript
x-trace-id: c627922faa4a893917c6125d3dadcdee
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030042f1b5a04833ee89304253b93640; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=381 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1assignedeliminatebonfire.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=381 IP172.240.108.84:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectassignedeliminatebonfire.com Fingerprint00:9E:21:D8:74:7C:90:C2:F0:BC:A2:6E:7F:C7:CE:65:41:A5:FF:9D ValidityTue, 16 Apr 2024 13:52:53 GMT - Mon, 15 Jul 2024 13:52:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=381 HTTP/1.1
Host: assignedeliminatebonfire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css | 188.114.97.1 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 846496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUkxXHfiyRo0bWCV4jZEciVvApOIN3OizSlWCLHADo7%2FroP84bxXwz8MRqne3GWCJ4IJYCfle1KYgjWTxEPrAuXfn0NjlZ0xkxB30UesalAFfU%2FovNz5HAiIKxESOCBiASc%2FrUVz0ZHq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768818e8f3e5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=9f057999-daa1-4651-be5a-d369687b515a&cost=0.0036&PUB_ID=118&SUB_ID=583524&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 | 23.88.80.32 | 302 Found | 0 B |
URL GET HTTP/1.1plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=9f057999-daa1-4651-be5a-d369687b515a&cost=0.0036&PUB_ID=118&SUB_ID=583524&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 IP23.88.80.32:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectplinksplanet.com Fingerprint8F:DC:E5:EE:9A:5C:35:FE:35:A3:81:ED:70:D0:B9:A6:F5:55:86:93 ValidityThu, 04 Apr 2024 10:17:31 GMT - Wed, 03 Jul 2024 10:17:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=qcopnrbsgld1lpyq4gqz&clickid=9f057999-daa1-4651-be5a-d369687b515a&cost=0.0036&PUB_ID=118&SUB_ID=583524&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456 HTTP/1.1
Host: plinksplanet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 23:41:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=qe6jbgktvr; expires=Fri, 19-Apr-2024 23:41:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=qe6jbgktvr-qe6jbgktvr-slvc-0-2t1mwj-52a8wj-52a8vr-79e783; expires=Fri, 19-Apr-2024 23:41:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=38b8bqe6jbgktvr4b8
Strict-Transport-Security: max-age=31536000
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1762a"
expires: Sat, 18 May 2024 23:40:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0cb2f48460290ddced5a5d348a798fbe
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 23:41:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwiou865oWQNtsqPr9UFLUHJn9k1Sz7yiuLVv5zjg1tnPR7SVJSkcub7JnJ1%2BK38xrQ84LruEvm1Eyxtr%2Bbf4qvmRPGvaLDnibH8WjVdD9R2FxuElVVN1BgEMMmpL9q%2BUP4sEhnOzZH%2BBv%2Bd9kIxJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876881812874569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 172.67.39.148 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWKI1OdsgbKSSTP8GoOtOhOKwQZxTKwLszgx9k%2BDMGmsGKC5miCWXMTCDxhml1%2BDIyezqjP%2F1TFlvruSrPSHWyFchgoghrBAuphUoHmG9VP4ODKiD5REkfluPD1gVIjmFYN898HTH2wMXNp45zD%2BhTqy"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818238d8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=848111669.1713483690>m=45je44f0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=226766218 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=848111669.1713483690>m=45je44f0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=226766218 IP142.250.74.163:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68 ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=848111669.1713483690>m=45je44f0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=226766218 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 Apr 2024 23:41:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d4bddc53b1787025ccb0fb1734d1e731
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 23:41:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzBMmtieJEAY%2FP4kTfcG4tYuqivZwPAULYqd97a1%2B8BCSBwl82%2F2mD%2BLckQXTleCInkI7B46FbM%2FstPfqcDG4COyU3tr%2BUyXKbn9E330orP%2BN4pWV4dnGDq4LY8vp%2BauiN%2BdiqUT2mtqby2mDMbnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8768818569c9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=008042bff1b44bdce22ee9bb233e1d3f | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008042bff1b44bdce22ee9bb233e1d3f IP139.45.195.8:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashb636e61daf625ab88a946d5441c62024 58c121b4c1ffa2dd6c135e65e26d8926bd16234e 24503ca8873271d3c32ae60adc36586e1dc79643f466d73780d3e2148749f620
GET /gid.js?userId=008042bff1b44bdce22ee9bb233e1d3f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008042bff1b44bdce22ee9bb233e1d3f; expires=Fri, 18 Apr 2025 23:41:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/5708419?oo=1&oaid=008042bff1b44bdce22ee9bb233e1d3f&sw_version=v1.335.0 | 139.45.197.244 | 200 OK | 2.4 kB |
URL GET HTTP/2aistekso.net/401/5708419?oo=1&oaid=008042bff1b44bdce22ee9bb233e1d3f&sw_version=v1.335.0 IP139.45.197.244:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2561), with no line terminators Hashe5cb647e7216e8b0c9266dbf3d7a37d3 a9f66dcfa150ff2937931c3d96bc0d67236f7fb0 0e3a22a6274e82c1b886c48ba43b08aa172766b41079b505aa6fcf477034a824
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/5708419?oo=1&oaid=008042bff1b44bdce22ee9bb233e1d3f&sw_version=v1.335.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: OAID=030042f1b5a04833ee89304253b93640
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/json
x-trace-id: 06b97955d50ea97cb5d7b54359081ade
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://videzz.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=008042bff1b44bdce22ee9bb233e1d3f; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/settings/59846 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2tr.7vid.net/api/settings/59846 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59846 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| media.bigbasketshop.com/track?q=BIYTAin1FeA3Nmt | 104.21.86.113 | 200 OK | 643 B |
URL GET HTTP/2media.bigbasketshop.com/track?q=BIYTAin1FeA3Nmt IP104.21.86.113:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbigbasketshop.com Fingerprint65:70:22:AA:26:38:BC:26:03:98:99:D1:95:49:77:0A:82:68:0F:49 ValiditySat, 13 Apr 2024 23:14:47 GMT - Fri, 12 Jul 2024 23:14:46 GMT
File typeHTML document, ASCII text, with very long lines (743), with no line terminators Hash87b7f9cd99e183a35931eb902bb2353d 36c09a158b85b37ccd66609e463fb441a140f2ff 4a3f251742d7013670cf832ae26ef238e4ec73d714e982b04144c7d6e97bcfb3
GET /track?q=BIYTAin1FeA3Nmt HTTP/1.1
Host: media.bigbasketshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/html
referrer-policy: origin
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnCGHlPoKlfotuA9MPYCahxA6pwSYsWrj2Lok9Fw7GnVQaZJD%2BySPLBIgNtWaUx%2FY0ES%2BpcNjyeTl%2BZ22wRc4iS8pGsxN1bKfy%2F1JapaewnCncW%2BPn%2FIeWDNJduvDhr574egQuigqFoP0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8768818e2855b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html | 104.26.7.19 | 200 OK | 1.6 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html IP104.26.7.19:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1661), with no line terminators Hasha0caf2ebe9e8bce2f9ba24e68d49df54 084f4e0ed300ca8635654e61a21ae9697cf13051 fba2d1a6a043f857876addc861fe4fe03bf563e00d561227504e0eb2c2895b4c
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:49:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2bSj3jR%2BKMXxYPijJ9J4ajLv4R%2BM5Uvmj1wkLqvnT2tTW4JIzGvZXSXpsPahEselEVMMAUhZtlfkR135L7kU60h1NcIy50SGr6EEBHo4QS7dJYyOHrmWusd6Ficx04nklXY2OU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87688189fe08b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/?rb=LZtZd6UmSbu1cLZUXg3EoxqYOcV1gpthw2ZgT5fE6HHUJzhlv0hsy5slj9LkUTdm-5ehhD8myAXSSdBOHfeWtQPqd4VPb2Xuv9Bb0Y-5eZorytrtmQis2XcFPHK7CkQ6Hp3pFHHw1oNmBacUtz7dGk9RoKhY603HK-BXLNEFYjdYpQPUmNn5-rO5ssYg4NDgMxDaNxZ4enX-iNTVAJxtUO7SaO9m4OiJRHXusjK4Wp9hVeg1NfOK2PT8jS-RxlDg562UbaAM5LD_zjd1-a02MaE7jmc%3D&request_ab2=150121&zoneid=5902452&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=907a4ef5-7284-4e6b-8893-ede23111bc8e&userId=008042bff1b44bdce22ee9bb233e1d3f&m=link | 139.45.197.236 | 200 OK | 2.4 kB |
URL GET HTTP/2cdn.itskiddien.club/?rb=LZtZd6UmSbu1cLZUXg3EoxqYOcV1gpthw2ZgT5fE6HHUJzhlv0hsy5slj9LkUTdm-5ehhD8myAXSSdBOHfeWtQPqd4VPb2Xuv9Bb0Y-5eZorytrtmQis2XcFPHK7CkQ6Hp3pFHHw1oNmBacUtz7dGk9RoKhY603HK-BXLNEFYjdYpQPUmNn5-rO5ssYg4NDgMxDaNxZ4enX-iNTVAJxtUO7SaO9m4OiJRHXusjK4Wp9hVeg1NfOK2PT8jS-RxlDg562UbaAM5LD_zjd1-a02MaE7jmc%3D&request_ab2=150121&zoneid=5902452&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=907a4ef5-7284-4e6b-8893-ede23111bc8e&userId=008042bff1b44bdce22ee9bb233e1d3f&m=link IP139.45.197.236:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2379), with no line terminators Hashab0b83baec22985864a59c9f79a18d86 7e34a604fccbc10ac883beb2203deb4038042806 bc192cc150869baeb6a2c72ea158f1cb640fc2d9253b8f3d62f4c0129781def6
GET /?rb=LZtZd6UmSbu1cLZUXg3EoxqYOcV1gpthw2ZgT5fE6HHUJzhlv0hsy5slj9LkUTdm-5ehhD8myAXSSdBOHfeWtQPqd4VPb2Xuv9Bb0Y-5eZorytrtmQis2XcFPHK7CkQ6Hp3pFHHw1oNmBacUtz7dGk9RoKhY603HK-BXLNEFYjdYpQPUmNn5-rO5ssYg4NDgMxDaNxZ4enX-iNTVAJxtUO7SaO9m4OiJRHXusjK4Wp9hVeg1NfOK2PT8jS-RxlDg562UbaAM5LD_zjd1-a02MaE7jmc%3D&request_ab2=150121&zoneid=5902452&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-ux5i45ivmnqo.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=907a4ef5-7284-4e6b-8893-ede23111bc8e&userId=008042bff1b44bdce22ee9bb233e1d3f&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=0080427fa40d4431e4336f7cf159c109; oaidts=1713483691
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:32 GMT
content-type: application/json
x-trace-id: 1f9cfaeadd09032a34c126c145ace68a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008042bff1b44bdce22ee9bb233e1d3f; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
oaidts=1713483691; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 23:41:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-29645"
expires: Sat, 18 May 2024 23:32:33 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 2135132
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768817b48f156cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150121 | 139.45.197.236 | 200 OK | 84 kB |
URL GET HTTP/2cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150121 IP139.45.197.236:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash721fa79536071b3d3d1018892b42f7fb 5a290aea5aebfdb5ac4d8adb49e83ed3acfdb726 7d9474b3da20ca7b89dae7f47c1c028adf46b2eb2fd635585dfa09a8e62c29a0
GET /apu.php?zoneid=5902452&var=5708419&branchId=150121 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/javascript
x-trace-id: 55adae2256b265ccf9efe120d18b35aa
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080427fa40d4431e4336f7cf159c109; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
oaidts=1713483691; expires=Fri, 18 Apr 2025 23:41:31 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=b773bqe6jbgfy0085 | 0.0.0.0 | | 0 B |
URL GET promo.20bet.partners/redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=b773bqe6jbgfy0085 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject20bet.partners Fingerprint7D:08:B3:80:9A:D9:AF:7C:D7:7C:B8:CE:FE:1A:EF:F5:BD:8C:56:FF ValidityTue, 26 Sep 2023 00:00:00 GMT - Wed, 25 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=174581&bid=1971&lpid=1042&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&utm_term=Ubidex-20bet-EU-NotReg-pop%20BonWheel-1042&subid=b773bqe6jbgfy0085 HTTP/1.1
Host: promo.20bet.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 172.67.39.148 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no0s8wf%2B47RtY8CEer2btpxxEiQg64a2epQXM1gVeuJI2MFbat7D2FpnM2CTnrpqF8xhWPrS4hZNCEW3DGu0x8AI7gl43a8FCrFs3fa3QDBL33XfcQ%2F%2Bao27VUMmVJ9PHZZcsnwPTuha9DeAmuHyZVOg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818218cc569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| str33.vidoza.net/nvl4j4w7p4feieno3usanh5whkxz4vgcl22otzqujrhsd7hpamsvooyi5cqq/v.mp4 | 0.0.0.0 | | 0 B |
URL GET str33.vidoza.net/nvl4j4w7p4feieno3usanh5whkxz4vgcl22otzqujrhsd7hpamsvooyi5cqq/v.mp4 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4j4w7p4feieno3usanh5whkxz4vgcl22otzqujrhsd7hpamsvooyi5cqq/v.mp4 HTTP/1.1
Host: str33.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: video/mp4
content-length: 292718699
last-modified: Fri, 15 Mar 2024 17:56:56 GMT
etag: "65f48be8-1172886b"
content-range: bytes 0-292718698/292718699
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 23:41:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=Q54MRbKe-Tj20nN43Lnw7GfIxSJlw7xXQRNpeUMnGapT-Sl1PNnwfCOF5gn_SpzZJClr0s9DBypuyfoVYq8Sn_R0D-ezeasw_m5jsRhR9mG8yKKVf-HCBEmkE56dV9B6aLEucHkNptE7fZ1qePzPukwQnVvRKKN_eiaSJoWrt2ESs0HVGldNes-4Gr6ibv6oPr1RljwcIk5VwPrXT4_pVC4yqOSZyLIvdKh6fEtH8S7ACykyUPPxvRSZdgIGs9E4bUyNlYZ9EjFEGsZ16D4532qJomNTn9ju-As9ARN7FeGPmUE0WIkNgfZGpzUxQ_ntqdoZoqKTH7AJfySmFZjwQYgGRg-XmdX4arkjIQq5i_OmOEocBfd-5vvE9vzAOqde6a8yKOMd7QnUZRxW1vPvExgVhpJzP_bZHdzuqLTFg5JXCV5XCKp8Tyaal9_UmmZaCrEjXaD3-LMJpm6rCRJyK3j3Jqrx-tMIG6seyONt2CMBeiT-5tIGlul8vF7VD-LhbUCn2VVpxWCst9LjDwCvJIyS40uncbbQHjzS8MmdHiA3aMEY65utx1j_hINL5STZhgZjQGjDQVGNQ8xO0PXIpEVIDyRv6_GLKCY6iIOMv_0pZVZdSuOFwPW2irQ84AZw7klmsYITIvfdYJRhdHJTRe0k9ixux_I33TJ3qVUIalgpv6uACeuSeUlxBC9-r8SgL4OKdBZED9cKDS5D | 88.214.195.153 | 302 Found | 409 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=Q54MRbKe-Tj20nN43Lnw7GfIxSJlw7xXQRNpeUMnGapT-Sl1PNnwfCOF5gn_SpzZJClr0s9DBypuyfoVYq8Sn_R0D-ezeasw_m5jsRhR9mG8yKKVf-HCBEmkE56dV9B6aLEucHkNptE7fZ1qePzPukwQnVvRKKN_eiaSJoWrt2ESs0HVGldNes-4Gr6ibv6oPr1RljwcIk5VwPrXT4_pVC4yqOSZyLIvdKh6fEtH8S7ACykyUPPxvRSZdgIGs9E4bUyNlYZ9EjFEGsZ16D4532qJomNTn9ju-As9ARN7FeGPmUE0WIkNgfZGpzUxQ_ntqdoZoqKTH7AJfySmFZjwQYgGRg-XmdX4arkjIQq5i_OmOEocBfd-5vvE9vzAOqde6a8yKOMd7QnUZRxW1vPvExgVhpJzP_bZHdzuqLTFg5JXCV5XCKp8Tyaal9_UmmZaCrEjXaD3-LMJpm6rCRJyK3j3Jqrx-tMIG6seyONt2CMBeiT-5tIGlul8vF7VD-LhbUCn2VVpxWCst9LjDwCvJIyS40uncbbQHjzS8MmdHiA3aMEY65utx1j_hINL5STZhgZjQGjDQVGNQ8xO0PXIpEVIDyRv6_GLKCY6iIOMv_0pZVZdSuOFwPW2irQ84AZw7klmsYITIvfdYJRhdHJTRe0k9ixux_I33TJ3qVUIalgpv6uACeuSeUlxBC9-r8SgL4OKdBZED9cKDS5D IP88.214.195.153:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=Q54MRbKe-Tj20nN43Lnw7GfIxSJlw7xXQRNpeUMnGapT-Sl1PNnwfCOF5gn_SpzZJClr0s9DBypuyfoVYq8Sn_R0D-ezeasw_m5jsRhR9mG8yKKVf-HCBEmkE56dV9B6aLEucHkNptE7fZ1qePzPukwQnVvRKKN_eiaSJoWrt2ESs0HVGldNes-4Gr6ibv6oPr1RljwcIk5VwPrXT4_pVC4yqOSZyLIvdKh6fEtH8S7ACykyUPPxvRSZdgIGs9E4bUyNlYZ9EjFEGsZ16D4532qJomNTn9ju-As9ARN7FeGPmUE0WIkNgfZGpzUxQ_ntqdoZoqKTH7AJfySmFZjwQYgGRg-XmdX4arkjIQq5i_OmOEocBfd-5vvE9vzAOqde6a8yKOMd7QnUZRxW1vPvExgVhpJzP_bZHdzuqLTFg5JXCV5XCKp8Tyaal9_UmmZaCrEjXaD3-LMJpm6rCRJyK3j3Jqrx-tMIG6seyONt2CMBeiT-5tIGlul8vF7VD-LhbUCn2VVpxWCst9LjDwCvJIyS40uncbbQHjzS8MmdHiA3aMEY65utx1j_hINL5STZhgZjQGjDQVGNQ8xO0PXIpEVIDyRv6_GLKCY6iIOMv_0pZVZdSuOFwPW2irQ84AZw7klmsYITIvfdYJRhdHJTRe0k9ixux_I33TJ3qVUIalgpv6uACeuSeUlxBC9-r8SgL4OKdBZED9cKDS5D HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Location: https://plinksplanet.com/click.php?key=qcopnrbsgld1lpyq4gqz&clickid=3adfabce-b9f2-44d6-9c07-9334f3f02617&cost=0.0036&PUB_ID=118&SUB_ID=520478&KEYWORD=&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2024-04-18&BID_PUB=0.0036&CR_ID=36456
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-26cb6"
expires: Sat, 18 May 2024 23:35:06 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| str33.vidoza.net/nvl4j4w7p4feieno3usanh5whkxz4vgcl22otzqujrhsd7hpamsvooyi5cqq/v.mp4 | 213.152.167.246 | 206 Partial Content | 229 kB |
URL GET HTTP/2str33.vidoza.net/nvl4j4w7p4feieno3usanh5whkxz4vgcl22otzqujrhsd7hpamsvooyi5cqq/v.mp4 IP213.152.167.246:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size229 kB (229376 bytes) Hashadd783545137d14d80e2441d467aafb6 3b3a5b7052c7d47af42e93823e91c2885976c47c 775ef4b8ce0241419b25524864d0266c194d906aa58186406cbda5d00d03b83f
GET /nvl4j4w7p4feieno3usanh5whkxz4vgcl22otzqujrhsd7hpamsvooyi5cqq/v.mp4 HTTP/1.1
Host: str33.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: video/mp4
content-length: 292718699
last-modified: Fri, 15 Mar 2024 17:56:56 GMT
etag: "65f48be8-1172886b"
content-range: bytes 0-292718698/292718699
X-Firefox-Spdy: h2
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.97.1 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4sB8ZjrrCXJhn4XsTmwADPWYrWczLdqMytYyGtqoLmHQRGbO4J2opYCwAdfEsLycan%2B1lYR5caQBG%2FhXjmpxz1%2FvLoPYM1AsiTdFEMe%2Fyu7%2F1T1YzlW3wggj8J7z5nh87NK1eqUvFikE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876881826f1cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flyingperilous.com/pixel/purst?dl=0&th=0&sc=0&rs=1992&rd=1992&fd=780&bv=24.4.2204&tmpl=136 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1flyingperilous.com/pixel/purst?dl=0&th=0&sc=0&rs=1992&rd=1992&fd=780&bv=24.4.2204&tmpl=136 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectflyingperilous.com FingerprintC2:AD:B1:C3:DB:83:1C:B1:4D:AB:8D:8C:50:3A:A9:27:43:16:6E:09 ValidityTue, 16 Apr 2024 14:07:05 GMT - Mon, 15 Jul 2024 14:07:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1992&rd=1992&fd=780&bv=24.4.2204&tmpl=136 HTTP/1.1
Host: flyingperilous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 23:41:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| engine.blehcourt.com/Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_4a471124-7df0-47ce-ba5f-b84fd41d89c6&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflSXMQmmiP1C28xB65DRT9unGoed7fjTcqJ9FcXFkrUDmP0zE3xNmKSQl6mMNvgjgjc1&kw=&mw=1024&mh=768&xml=1&at= | 104.18.33.10 | 200 OK | 545 B |
URL GET HTTP/2engine.blehcourt.com/Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_4a471124-7df0-47ce-ba5f-b84fd41d89c6&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflSXMQmmiP1C28xB65DRT9unGoed7fjTcqJ9FcXFkrUDmP0zE3xNmKSQl6mMNvgjgjc1&kw=&mw=1024&mh=768&xml=1&at= IP104.18.33.10:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerCloudflare, Inc. Subjectblehcourt.com Fingerprint0F:49:C2:D8:C1:D2:AA:3E:A1:87:B2:53:D9:6F:1D:B0:90:BC:06:CD ValidityWed, 27 Dec 2023 00:00:00 GMT - Thu, 26 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (556), with no line terminators Hash57244519321c192bf295272308c23516 3c1502ff90f9dced650962596fab8907429939a0 5467a2db6e0d45491edbab9be2ef0ad8db526beb468882cf681e3cefd48a6f1a
GET /Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_4a471124-7df0-47ce-ba5f-b84fd41d89c6&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflSXMQmmiP1C28xB65DRT9unGoed7fjTcqJ9FcXFkrUDmP0zE3xNmKSQl6mMNvgjgjc1&kw=&mw=1024&mh=768&xml=1&at= HTTP/1.1
Host: engine.blehcourt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:31 GMT
set-cookie: IKSR=%7B%7D; path=/; secure; samesite=none
INF_DFL8=false; path=/; secure; samesite=none
IUID=17265249-b6ab-4d3e-8cc2-51a8d2e97518; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none
ISSH=72BC09; path=/; secure; samesite=none
VMI=b19b5cd3-dffe-40db-8194-bee2e4dc05ea; path=/; secure; samesite=none
IPLH=%23%7B%22129425%22%3A%5B%7B%22SId%22%3A%2272BC09%22%2C%22D%22%3A%2224%2F4%2F18T16%3A41%3A30%22%7D%5D%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IPLH_Q=%23%5B129425%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
CHN=%23%5B%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
MSSH=%23%7B%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
MSRH=%23%7B%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ILP=null; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none
ILPLU=%2301%2F01%2F0001%2000%3A00%3A00; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ILEALC=%2301%2F01%2F0001%2000%3A00%3A00; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ILMPF=%23False; expires=Fri, 19 Apr 2024 03:41:30 GMT; path=/; secure; samesite=none; httponly
IPMPLU=%2301%2F01%2F0001%2000%3A00%3A00; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IPMUID=%23; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
BSWUID=%23; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IKSR=%7B%7D; path=/; secure; samesite=none
IBL=%23%5B%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none
IOPT=%23%5B%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IPLSH=%23%7B%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IPLSH_Q=%23%5B%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IZH=%23%7B%2230224%22%3A%5B%7B%22SId%22%3A%2272BC09%22%2C%22D%22%3A%2224%2F4%2F18T16%3A41%3A30%22%7D%5D%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IZH_Q=%23%5B30224%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IMCH=%23%7B%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IMCH_Q=%23%5B%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IMH=%23%7B%22137643%22%3A%5B%7B%22SId%22%3A%2272BC09%22%2C%22D%22%3A%2224%2F4%2F18T16%3A41%3A30%22%7D%5D%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
IMH_Q=%23%5B137643%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ISH=%23%7B%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ISH_Q=%23%5B%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ISPH=%23%7B%226713%22%3A%5B%7B%22SId%22%3A%2272BC09%22%2C%22D%22%3A%2224%2F4%2F18T16%3A41%3A30%22%7D%5D%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ISPH_Q=%23%5B6713%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ICH=%23%7B%2261126%22%3A%5B%7B%22SId%22%3A%2272BC09%22%2C%22D%22%3A%2224%2F4%2F18T16%3A41%3A30%22%7D%5D%7D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
ICH_Q=%23%5B61126%5D; expires=Tue, 18 Apr 2034 23:41:30 GMT; path=/; secure; samesite=none; httponly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8768818b8b320b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-65a66"
expires: Sat, 18 May 2024 23:35:07 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-22364"
expires: Sat, 18 May 2024 23:36:00 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 20029
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768817f4fb2569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeAvMrczEOzG7TXuYaCnzfEG7d1ffbGFMbCGB3YS3XOTW4tYGi5JelMk4EadM8m7aZ9%2FUzUxDvuGlLkPxcgVi15seMk5ySTXJukNGhNSSbjfRXgO4Gr00mYYiPd9gX8U1FgSeCLCvm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87688180ede156b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 302 Found | 13 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.clktoro.com/feed/click/?t1=128&tid=876&uid=102&subid=649737&id=d622a43b3858bd80c269aba5fdf99d0b:8cade9d4ebea821b94a2b6656de1a0b79b643814c77790877d0347cebca23830339c3c82d3233b2b800e42d33ab8e617b6245c985e23b7843c0986e59a3806b6fcda66db2fb3baa7df9efe01d82f7e72052b422b44f6ec049b80e32b7e7cbc6eb337194a0b6d1822083ca5973ab05d4de0136630ae9b2eebe3e5c0b99d5a90a8360d3c3f34711474c0da7fe4e7bef1f21d132595d517ebc8e8852a8d9be7c41fdf68d8c26792ad40bbf5f1aead614cb5d012748e97c5f4ee4ea071742421445c1a96333fb7b67fb879d678bfb45026904e692c2c5301363ae579678eae74c9d228557b9d4db2e24866adcffe5836b64e36cc31c0b13f1d064d795118410761406e4f47c798469ba77ab5ea719ed13c33
|
|
| videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 618 kB |
URL GET HTTP/2videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (63495) Size618 kB (618399 bytes) Hashffba0e4b3edaa1a4c6bc7ef04bcf0ba9 3507ae56cc30b273cf17d0cf4de234dafa4db0eb 57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-96f9f"
expires: Sat, 18 May 2024 23:33:05 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.346980587646826 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.346980587646826 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.346980587646826 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-ux5i45ivmnqo.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1c25"
expires: Sat, 18 May 2024 23:41:28 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/locale/ru.js | 172.67.39.148 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSZZPHRQHmmj7W9b8uSrlEOmUNd5EPtJjQ6dGciF28UUVd2CDtNJ%2FBwzXajDEbBux%2FcEjPyaUJyeHlp1cPBVMV3Q2eK944CTAvvX7nWPfNzysCaOl3kzBNgW%2F9nsUG4Ry0l3jQ6qpq%2Bc1bomXdrURWCn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19930
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768818208c0569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/page.js | 172.67.39.148 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2AC7bE2UDFKM7qC5jDQxDxGBrcVDlnPDaJpMnzeeMpH%2BWmJ3duBGtVLq6wxk1QIfxp7e6MatgiRO5LypYWukV0nng7cUXW9aran8y9cwM8v0JAzIBzS1YQZ9pyCABT%2BXorAHEebwrAhbk61YRrQnUdl"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20025
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8768817b7f09b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 545 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://engine.blehcourt.com/Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_4a471124-7df0-47ce-ba5f-b84fd41d89c6&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflSXMQmmiP1C28xB65DRT9unGoed7fjTcqJ9FcXFkrUDmP0zE3xNmKSQl6mMNvgjgjc1&kw=&mw=1024&mh=768&xml=1&at=
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 409 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 23:41:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.trackingtraffo.com/pop/imp?auth=mz3u78&c=Q54MRbKe-Tj20nN43Lnw7GfIxSJlw7xXQRNpeUMnGapT-Sl1PNnwfCOF5gn_SpzZJClr0s9DBypuyfoVYq8Sn_R0D-ezeasw_m5jsRhR9mG8yKKVf-HCBEmkE56dV9B6aLEucHkNptE7fZ1qePzPukwQnVvRKKN_eiaSJoWrt2ESs0HVGldNes-4Gr6ibv6oPr1RljwcIk5VwPrXT4_pVC4yqOSZyLIvdKh6fEtH8S7ACykyUPPxvRSZdgIGs9E4bUyNlYZ9EjFEGsZ16D4532qJomNTn9ju-As9ARN7FeGPmUE0WIkNgfZGpzUxQ_ntqdoZoqKTH7AJfySmFZjwQYgGRg-XmdX4arkjIQq5i_OmOEocBfd-5vvE9vzAOqde6a8yKOMd7QnUZRxW1vPvExgVhpJzP_bZHdzuqLTFg5JXCV5XCKp8Tyaal9_UmmZaCrEjXaD3-LMJpm6rCRJyK3j3Jqrx-tMIG6seyONt2CMBeiT-5tIGlul8vF7VD-LhbUCn2VVpxWCst9LjDwCvJIyS40uncbbQHjzS8MmdHiA3aMEY65utx1j_hINL5STZhgZjQGjDQVGNQ8xO0PXIpEVIDyRv6_GLKCY6iIOMv_0pZVZdSuOFwPW2irQ84AZw7klmsYITIvfdYJRhdHJTRe0k9ixux_I33TJ3qVUIalgpv6uACeuSeUlxBC9-r8SgL4OKdBZED9cKDS5D
|
|
| veepteero.com/88/104 | 139.45.197.242 | 200 OK | 2.9 kB |
IP139.45.197.242:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3203), with no line terminators Hashf96a3bf4bb88fe308afac109fdb2a595 e01f07e64f38d24956f44339d5b34e8789bdec2a 4956f6c2eb44ec7e708ea8baa3578d2fb32e696ff07b7e9aaa24406f8bce97bd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 23:41:31 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP172.67.205.77:443
Requested byhttps://videzz.net/embed-ux5i45ivmnqo.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 23:41:29 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFLNFC3X9%2B2yrFx6yLL94djkCggVyen7%2B56oIjnkzDO75TBjPvg25Ka8OKNgRGp9HsZnCJkaJGy7WISvQ5SFtJIqa1nthEt0DAEaMfy12D1tLa9LKTtlIodtFwRHX2IGKNSGxCXA9Eo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876881805d9e56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/embed-ux5i45ivmnqo.html | 78.142.18.54 | 200 OK | 32 kB |
URL User Request GET HTTP/2videzz.net/embed-ux5i45ivmnqo.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeHTML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators Hash3469aaf7db1eceed5050e8b78c3ede19 0b4fd59065b711dc422a3f3c35b8b2bebb07c3b2 fe6611a19805a42f23cb7eae6246c38d7ba4b7d4d1219d1dbf0b4b88d656b313
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /embed-ux5i45ivmnqo.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 23:41:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 17 Apr 2024 23:41:27 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Wed, 19-Apr-2023 23:41:27 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
0.0.0.0