Report - videzz.net/embed-zmjt062n2cm9.html

Report Overview

Submitted URL
videzz.net/embed-zmjt062n2cm9.html
IP
78.142.18.54
ASN
#208046 ColocationX Ltd.
Submitted
2024-05-08 04:08:50
Access
public
Website Title
Vidoza
Final URL
videzz.net/embed-zmjt062n2cm9.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
zv.7vid.net	unknown	2018-07-27	2023-07-29	2024-02-22	593 B	541 B	135.181.208.216
cdn.o333o.com	158144	2015-02-16	2015-05-28	2024-05-03	395 B	311 kB	143.204.55.90
harassmentgrowl.com	unknown	2024-05-06	2024-05-07	2024-05-07	483 B	469 B	192.243.61.225
veepteero.com	unknown	2023-05-08	2023-05-09	2024-04-30	1.5 kB	7.3 kB	139.45.197.242
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	1.3 kB	245 kB	142.250.74.168
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-07	338 B	942 B	143.204.53.97
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2024-03-08	1.7 kB	415 B	174.137.133.17
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-05-06	478 B	1.2 kB	172.67.74.218
allvideometrika.com	unknown	2022-05-16	2022-05-16	2024-05-02	520 B	703 B	172.67.214.245
astronomybreathlessmisunderstand.com	unknown	unknown	No data	No data	8.1 kB	48 kB	192.243.61.227
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2024-04-20	2.2 kB	550 B	174.137.133.17
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-05-07	561 B	480 B	139.45.195.254
cdn.itskiddien.club	unknown	2022-10-06	2022-10-06	2024-04-26	1.6 kB	99 kB	139.45.197.236
aistekso.net	unknown	2023-10-16	2023-10-16	2024-04-30	395 B	92 kB	139.45.197.244
bid.bidclickmedia.com	unknown	2022-09-19	2023-03-09	2024-03-22	5.7 kB	16 kB	104.21.37.74
www.google.no	25607	2001-02-26	2016-04-05	2024-05-07	580 B	578 B	142.250.74.163
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.0 kB	33 kB	142.250.74.67
myliveforyoudreder.com	unknown	2023-07-27	2023-07-27	2024-03-20	404 B	2.3 kB	172.67.151.245
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-07	814 B	173 kB	188.114.97.1
dog.seetron.net	unknown	unknown	No data	No data	2.4 kB	157 kB	135.181.208.216
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-07	1.0 kB	110 kB	104.18.10.207
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-08	493 B	293 B	52.58.212.182
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-05-07	4.5 kB	91 kB	172.67.39.148
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	905 B	13 kB	104.17.25.14
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-07	1.5 kB	847 B	192.243.61.225
ossgogoaton.com	unknown	2022-04-18	2022-04-18	2024-04-17	397 B	82 kB	172.67.184.45
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	418 B	7.6 kB	142.250.74.42
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-06	453 B	739 B	139.45.195.8
videzz.net	unknown	2024-02-28	2024-03-04	2024-04-30	7.3 kB	1.5 MB	78.142.18.54
yd.cottoidearldom.com	unknown	unknown	No data	No data	402 B	1.2 kB	23.109.170.27
xml.cachegorilla.com	unknown	2021-07-23	2023-11-27	2024-05-04	559 B	137 B	173.239.53.20
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-06	738 B	441 B	216.239.34.36
profitablegatecpm.com	unknown	2024-02-05	2024-02-06	2024-04-18	435 B	17 kB	172.240.127.234
s.o333o.com	unknown	2015-02-16	2015-03-05	2024-05-06	389 B	1.2 kB	85.10.205.45
str40.vidoza.net	unknown	2016-11-18	2023-01-28	2023-09-27	1.5 kB	1.2 MB	109.202.101.218
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-05-07	391 B	8.3 kB	104.21.11.245
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-06	2.8 kB	348 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	cottoidearldom.com	Sinkholed
2024-05-07	medium	profitablegatecpm.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	unseenreport.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-07	medium	ossgogoaton.com	Sinkholed
2024-05-07	medium	aistekso.net	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	astronomybreathlessmisunderstand.com	Sinkholed
2024-05-08	medium	unseenreport.com	Sinkholed
2024-05-07	medium	veepteero.com	Sinkholed
2024-05-07	medium	veepteero.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (72)

	URL	Size	First Seen	Last Seen
	s.o333o.com/adgpt.js	2.0 kB	2024-03-22	2024-05-19
Pretty URL s.o333o.com/adgpt.js IP 85.10.205.45 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:49 Last Seen2024-05-19 19:16:42 Times Seen397 Hash 55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Loading...

	videzz.net/embed-zmjt062n2cm9.html	162 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:41 Times Seen158 Hash 035c117549bb95ad0992ae461d89e44e 2f45bc18613030f169e7c8ef25553df24e7003b6 0d89ce1d538634aeb6d56fa061bb107311c5daaa1c59aed01cb4e18c48081a96 Loading...

	videzz.net/embed-zmjt062n2cm9.html	357 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:41 Times Seen158 Hash 824c86e507e4c27bb34b991feedb5820 06bd36505ef9492db28ebb53c740d5c17d4516b4 0c45ee272e41a3a37bb7d5a0881665e4d54b762e20921cdb145bf5539fe4f551 Loading...

	static.addtoany.com/menu/svg/icons/viber.js	1.0 kB	2024-04-12	2024-05-19
Pretty URL static.addtoany.com/menu/svg/icons/viber.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-19 19:16:41 Times Seen185 Hash aeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee Loading...

	dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638	674 B	2024-05-08	2024-05-08
Pretty URL dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:58 Last Seen2024-05-08 06:09:00 Times Seen2 Hash 765a2740e4eddc6fdcb6ccc4bd926867 bce56769a229e3556eb17984fde39dda6fec4257 fee860db8a8a059883305a6b2ba497f41a3b320791f760547f4c1a85f9165fe7 Loading...

	videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	4.5 kB	2023-03-08	2024-05-19
Pretty URL videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-19 12:01:14 Times Seen112 Hash b3415295ff8e1f9ac2ee3804686e8000 aa440d72b1f380d6b63cea2615984bddfd78c3d0 e5b0442a1e812c047177f669bec8d9f81678b0e26d4cc98c642a00da19ccb1b7 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-56DK3TH	209 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:08:59 Times Seen2 Hash c1fed532327d99e1cafa5bc78886c9fa d5d84d3ffb6200e9ca5df873c59c02011dc5af8a 4bfd69f44a7ec4006faec07eec294c15041f71fa423bcc755a528e1f8723252a Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-19
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-19 20:40:32 Times Seen1701 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

	videzz.net/embed-zmjt062n2cm9.html	87 B	2023-03-08	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-19 12:01:14 Times Seen110 Hash 0a672ce747f1a359a1a6ef6d23ea6202 47662e53c52c0e4d4004acd5c72d4fd34f8fc439 49013788910cc5aee4e70354bdde9cce7f9c9912a142dd141622a68bb9d2293f Loading...

	unknown	653 B	2023-09-20	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-15 23:14:21 Times Seen50 Hash ff4fb246e3224e9b1d863e65bf84ead2 c24857faaca93f142e72535076eeed67921ff6e4 930561cb73fb3285dcb5a7849006202a9e81db3b248da6248477b1916508fcf8 Loading...

	videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	416 kB	2023-03-07	2024-05-19
Pretty URL videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:42 Times Seen160 Hash 9721700ae4b3d8e0e81f9c6c1c8d511b 1c987ebb7fac787eaa3b2190c9b53bb685d5b8ea d4098ce7457b5191970d2df49c8b8f6c2ffc0d8510673777a08910f0b68d5c2f Loading...

	dog.seetron.net/lx4oag1.js	239 kB	2024-03-22	2024-05-19
Pretty URL dog.seetron.net/lx4oag1.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-19 19:16:42 Times Seen715 Hash a6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Loading...

	videzz.net/js/ads.js?v=1.0	211 B	2023-03-07	2024-05-19
Pretty URL videzz.net/js/ads.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 12:01:15 Times Seen282 Hash 09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523 Loading...

	videzz.net/embed-zmjt062n2cm9.html	42 B	2023-03-12	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 17:26:16 Last Seen2024-05-19 06:42:02 Times Seen83 Hash ef7ab1eb5fe88b692b3d8d65ff95a2c4 1339642288bd1758b6b3864292da22d085349752 c2ba1c539107eb3a3ceb346cf19e3ba42b4e7104ac2c96dd5495aafb48d0b021 Loading...

	unknown	628 B	2023-05-14	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-15 23:14:21 Times Seen40 Hash a0ef24498b347b5680fd22ab09d5d79f e60e210b34e9bb82520880ab78c22ef0ad45fb43 6fd3be890ce20576ac3175d25fe2ba49381dda15b4879ed8bda31ba858cde53c Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2024-04-12	2024-05-19
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-19 19:16:41 Times Seen218 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	unknown	2.3 kB	2024-05-03	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 06:40:46 Last Seen2024-05-08 09:02:50 Times Seen6 Hash f6070f1fa00a9963f9dcae048ec166fa a067649b577ae4c6a4583e23bac07fd8e29e3511 1fae6b946bd339ab8d36fa28ddbdf20491ce7a1343d58de0d4a271cc17d21a75 Loading...

	videzz.net/embed-zmjt062n2cm9.html	388 B	2023-12-19	2024-05-08
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-19 15:53:37 Last Seen2024-05-08 06:08:59 Times Seen2 Hash e7665ca01cd3035a75981cd87ed6b1ba f4ece9655ad4d32e71bb3b2bffe631fc1396f7ad 75257731ebd97356034015e9992d1804f7fc02a11a3322f2101fe59ef7e8304b Loading...

	aistekso.net/401/5708419	91 kB	2024-05-08	2024-05-08
Pretty URL aistekso.net/401/5708419 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:09:00 Times Seen2 Hash 7d175a79887c6be6f6aa5a287cc02ec8 34884a4854e0e42275f483eeb6d3f3feb85fed2d b5f2077b9feff5f12009f39db5019d416e8ade960614408b89840092d0b7d92c Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-19
Pretty URL tzegilo.com/stattag.js IP 104.21.11.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-19 16:37:36 Times Seen1838 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	unknown	655 B	2023-10-28	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 00:22:42 Last Seen2024-05-19 07:47:52 Times Seen48 Hash eeb099589fd44a49cd58f1cf6e436999 7ed82cd75c4320112f68a3116a74ef3a0d03304e 49c4391765c17d61019251678ffdeb14a05b03c7e2c1f9ebf996e990f3e6214f Loading...

	videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	159 kB	2023-03-07	2024-05-19
Pretty URL videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-19 19:16:43 Times Seen267 Hash 7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02 Loading...

	videzz.net/embed-zmjt062n2cm9.html	82 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-19 19:16:42 Times Seen154 Hash 67b70174cc2854586ec824f84b79d825 c9bde16aa4e39ab912e1a20fe298b028a3432596 a979d312087118fa753a8ed59077b51936c9595eb2a37cd369a6b4f579eebafd Loading...

	myliveforyoudreder.com/vidozza.js	1.6 kB	2023-03-08	2024-05-19
Pretty URL myliveforyoudreder.com/vidozza.js IP 172.67.151.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-19 19:16:42 Times Seen194 Hash b340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000 Loading...

	videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	42 kB	2023-03-07	2024-05-19
Pretty URL videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:43 Times Seen256 Hash 764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa Loading...

	dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638	636 B	2024-05-08	2024-05-08
Pretty URL dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:08:59 Times Seen1 Hash c1dc1aeea0132cf633fca56776710b5b c2a097aed1106289688c0596e0417178ad5ee2d0 b8a538647af6d2efae438c748c33548034cfb4d482f47dc183a94bc250644a97 Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js	18 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-19 20:25:28 Times Seen2984 Hash 12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Loading...

	ossgogoaton.com/tag.min.js	81 kB	2024-05-07	2024-05-08
Pretty URL ossgogoaton.com/tag.min.js IP 172.67.184.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:04:31 Last Seen2024-05-08 22:45:22 Times Seen19 Hash 43d7cfde39f6a0d86f3dd9dadd585edd 2a8f4de42716406465227c86f37b24b55c1b0233 62c6cba138d72f64de8743bd8bd9cbd22fb9c903aa86a5825f6837d1cc419826 Loading...

	videzz.net/embed-zmjt062n2cm9.html	488 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:42 Times Seen154 Hash c88a098ddb34ae8eb653079349e1eb71 c273d06595b90b3f3eadde95865d4fd88a2cdc4a f8be9aff934fb09a35261e76d411268402098e38f3c1468679a0ffddf96cb8cd Loading...

	videzz.net/embed-zmjt062n2cm9.html	1.9 kB	2024-05-08	2024-05-08
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:08:59 Times Seen1 Hash f526b0e935979f2a6b15984d15d74a1f af9296915500f43527480aa8b8d0b3cfa20cfaf0 e3ac6eac6dd9db367846bacb9ef56fbc099918c505ff86cf31453eff3a688746 Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-19
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 20:45:46 Times Seen37842503 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	videzz.net/embed-zmjt062n2cm9.html	1.9 kB	2023-03-26	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-19 19:16:41 Times Seen138 Hash 82e1ab0f6fb26e1a626e1ad6812a2e50 ff89302fd6c7736cfe3c0ce1bea0da569a763ced c1133cdc2ae23220a521a156d0edc736cea501341435673899a05f4d54597373 Loading...

	videzz.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL videzz.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 20:42:05 Times Seen350806 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	videzz.net/embed-zmjt062n2cm9.html	1.9 kB	2023-05-14	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-19 19:16:42 Times Seen137 Hash a692b14c46b795baddef6cde7925aec0 83421ee7434ca7916a53f711c1a207c04e264e3c 0a136fef0aef4b2b4d90057c95c48e84618ecebe376ad324594150d0b8588f90 Loading...

	videzz.net/embed-zmjt062n2cm9.html	221 B	2024-05-08	2024-05-08
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:08:59 Times Seen1 Hash 860766c554fc86b04f01c50acc43a63c e85f25d6b6ceca325236ac45d1e25abccee3040c 53c2935a06e9533474cb2ccfd295251fb4fe24725f1a185831b6830b22e7475b Loading...

	videzz.net/embed-zmjt062n2cm9.html	1.9 kB	2023-09-20	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-19 19:16:42 Times Seen126 Hash ea18635ebabe6012d41f9fe215f59b54 4bb7351c02f51a2d10b55eb8daecf0862aec3db7 4e69daf6970b0700406f701311ff61bf0623749d951327a09de054a9906c8056 Loading...

	videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	140 kB	2023-03-08	2024-05-19
Pretty URL videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:59 Last Seen2024-05-19 19:16:42 Times Seen159 Hash 8986804e792bac03d992cfa0d65281de 4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44 e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295 Loading...

	www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c	275 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:08:59 Times Seen2 Hash 3356501c60c9b4f614df7c4cdf500acc 0fffe2756c62bcfcb37fac4f558bf765eecb69c3 39398c1dabdc8bf0e094b273ce326bed3f7fdaee47a6d9ecf053814c2b9754df Loading...

	videzz.net/js/jquery.min.js	96 kB	2023-03-07	2024-05-19
Pretty URL videzz.net/js/jquery.min.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-19 20:40:32 Times Seen48084 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	unknown	661 B	2023-12-19	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-19 15:53:37 Last Seen2024-05-19 07:47:51 Times Seen46 Hash 40006a4b76e930d1e6794581fd38443c 07ad1605f4c6ffdd7d8dced012df6afbf059426a 4fb75a3162472fed1810a45c22722332aedc97d3f918947583806c1618c31d96 Loading...

	yd.cottoidearldom.com/1clkn/14903	6 B	2023-03-07	2024-05-19
Pretty URL yd.cottoidearldom.com/1clkn/14903 IP 23.109.170.27 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-19 20:33:30 Times Seen15238 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	videzz.net/embed-zmjt062n2cm9.html	1.9 kB	2023-09-20	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-19 19:16:42 Times Seen126 Hash af6177bd7ff00168d56dcbb2dfad8aad b0565c811d5bc5e2b4923cc1194a81126512010c 68848e296ab0993815dd2ae9efbb9b41e1bddf7d57aafd1ce37fcb6588b09901 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	893 B	2024-04-16	2024-05-19
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58:32 Last Seen2024-05-19 19:16:43 Times Seen171 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

	static.addtoany.com/menu/svg/icons/telegram.js	360 B	2023-03-08	2024-05-19
Pretty URL static.addtoany.com/menu/svg/icons/telegram.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2024-05-19 19:16:42 Times Seen932 Hash 48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Loading...

	cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419	94 kB	2024-05-08	2024-05-08
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:09:00 Times Seen2 Hash a43736339c987b4b271240ccd69f4110 612611faf786f1af482a6d2fd79a52feaf76f352 d99de0b583a8b859f19663901470f7ff1e61bb5bd70aa4b400d487f21ea2062d Loading...

	videzz.net/js/videojs.stm.5.min.js?0.00660743972046163	7.2 kB	2024-03-08	2024-05-19
Pretty URL videzz.net/js/videojs.stm.5.min.js?0.00660743972046163 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-19 12:01:14 Times Seen115 Hash 4630f52d883cdd6dc5b7e0aee209fe40 ae08102d07ab32e76d5dbd12fa7db315e6f51f4e b74ebfdefad877a934b2e7d38afb3a56ad4db4ebbd88a72b7ae4a44fad74c0d3 Loading...

	astronomybreathlessmisunderstand.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js	84 kB	2024-05-08	2024-05-08
Pretty URL astronomybreathlessmisunderstand.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 06:08:59 Times Seen2 Hash 1bae0999eda0c38eebcbba06565852cf 76fcce3ff5f6944b43068022994824367d9c152b 6de12680f8a72f9819844df0fd85c10b2d814445838b21789825e2ca683e3ec9 Loading...

	unknown	624 B	2023-05-14	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-15 23:14:21 Times Seen41 Hash aa5eae7a9b8a9920494588dbc75146da 2fc38b826f16188cb450fee67c7bf089fd119147 13d3753b4394cc62bbd779f2bd1941fd00c31cdc7aa4dab4d2ef6fdcbcc60b39 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	429 B	2024-04-12	2024-05-19
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:44 Last Seen2024-05-19 19:16:43 Times Seen226 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	unknown	659 B	2023-12-19	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-19 15:53:37 Last Seen2024-05-19 07:47:52 Times Seen46 Hash 2d3dc3cf44ac00f62649d54aac4007c8 e1046455b1fbd01c76c4b1cf43343d6c9bc45675 dbf4189fa89772373cc64f40271936b4de374736c64d789c82f639139ab45e2d Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-19
Pretty URL static.addtoany.com/menu/page.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-19 20:40:32 Times Seen1142 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	unknown	626 B	2023-05-14	2024-05-15
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-15 23:14:22 Times Seen41 Hash 22d6e4f371bdec70476f29d992c20429 0a881cf8c1006e8f7c70674c4468bf8356331fd7 1c86ff1e9f97fe4b09c1e551cde2182930ae352c2110e7f0165262c15ace7057 Loading...

	unknown	657 B	2023-12-19	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-19 15:53:37 Last Seen2024-05-19 07:47:52 Times Seen46 Hash 85e413861ba93183528c03dfb6e488d1 f36ec60ca9bfc8cd3538bb35b5eb6659e3fc2c88 57d4ae4e52138af0b32fec2f423767e9abaa49ae4aa9d6a6bcce24a7bc54a1ff Loading...

	unknown	663 B	2024-04-18	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 07:58:46 Last Seen2024-05-19 07:47:52 Times Seen44 Hash 92d6bbbfdf276914ce580a1d1c90c4ec 19b5c96436d8b964c61b0f76c311004e191f155e 3d104dc2cdcef28966d6b49d63c3dc71d0a21c703af31e79a6c38a4d932b0522 Loading...

	cdn.o333o.com/vast-im.js	310 kB	2024-03-22	2024-05-19
Pretty URL cdn.o333o.com/vast-im.js IP 143.204.55.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-19 19:16:42 Times Seen399 Hash 04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286 Loading...

	www.googletagmanager.com/gtag/js?id=UA-158623850-1	208 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:08:59 Last Seen2024-05-08 09:02:50 Times Seen4 Hash c6819ed8dcd1cc91e6378698cf628452 2b27baa1cdae5e33b8081b2c32b8b4bf03e33c41 ac11a3477b1ad6da9e9437153039c28e481a18e12d9fb63ef8f86fc62e925531 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 20:42:05 Times Seen350291 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	videzz.net/embed-zmjt062n2cm9.html	1.9 kB	2023-12-02	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-19 19:16:42 Times Seen117 Hash 861dcaf645aae37b6316256c150d9dfb 3a9f80b6a4bf4c7807b354238ee1092098ef0592 8580955f289133f8987846865a71337744c9e2f39defb5c7bad0df0752a47ae7 Loading...

	videzz.net/embed-zmjt062n2cm9.html	416 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:42 Times Seen158 Hash 7b2ab585a733a8e54eb7117dbe673331 38ba49b934ea93104d43c095a34cbebabee2416b 161196e2eb45160ec056dcf19476aaf0a8694cd099ce5ddb43f53f58fa86d0d8 Loading...

	videzz.net/embed-zmjt062n2cm9.html	604 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-19 19:16:42 Times Seen157 Hash 3f51f1dc48435128b95bc2f1354a7a17 1baedda0ccf0cdaaa29bf441fcfe0c5fb2f8d4d4 9a3b5d51bd26f5549b2a1ca571835e3c1f0beede7826fd81566bdbc1dad656e9 Loading...

	static.addtoany.com/menu/locale/ru.js	2.1 kB	2023-03-07	2024-05-19
Pretty URL static.addtoany.com/menu/locale/ru.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2024-05-19 19:16:42 Times Seen198 Hash c0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	645 B	2024-04-12	2024-05-19
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:45 Last Seen2024-05-19 19:16:43 Times Seen211 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	videzz.net/js/pop.js?v=1.0	35 B	2023-03-07	2024-05-19
Pretty URL videzz.net/js/pop.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-19 12:01:15 Times Seen297 Hash da4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d Loading...

	videzz.net/embed-zmjt062n2cm9.html	0 B	2023-03-07	2024-05-19
Pretty URL videzz.net/embed-zmjt062n2cm9.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 20:45:46 Times Seen37842503 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js	44 kB	2024-05-08	2024-05-10
Pretty URL profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 05:14:19 Last Seen2024-05-10 01:03:36 Times Seen6 Hash 237a1a37d24d6069584050d213675999 62a46d9d6155d648f25d28b1141edbfda13e22fb 483435cfe614be8485505f44e6adc36019025233aeaac6717ea6162e87dda42d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-19 18:41:41 Times Seen2481 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - 7aea427efe0ebb35cac7f6c65074feaa	613 B	2023-03-26	2024-05-19
Pretty Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-19 19:16:42 Times Seen138 Hash 7aea427efe0ebb35cac7f6c65074feaa 7f7025ff75b6c305cf0f7258c68dcc5c3b787ea6 d72f60419e2549dc6934524845bed150c6aa5e1541b5eac18dd5c145f40d2857 Loading...

	#2 Write - 43449de866396eb0131d8111f4fa3895	613 B	2023-05-14	2024-05-19
Pretty Observations First Seen2023-05-14 23:54:06 Last Seen2024-05-19 19:16:42 Times Seen137 Hash 43449de866396eb0131d8111f4fa3895 d74126ea9f2c40f8395c79b3e7f69760f91702fc a67ffe15bbd54d8f4cc64a1e458fc3b742f73783efb009b827b9cf3e9b502add Loading...

	#3 Write - c661bb9a7cc33ed4849427e94a91858c	614 B	2023-09-20	2024-05-19
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-19 19:16:42 Times Seen125 Hash c661bb9a7cc33ed4849427e94a91858c 4be38292beb83aa1b58a668283dfe08ed97d7a42 e56ca9ad4497b40fd4b7c14e2c5e6c5b58563af9cb588188992d2189d22dc477 Loading...

	#4 Write - bf6e0ef92ae84c6ac72a2e33e3bd0ba5	614 B	2023-09-20	2024-05-19
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-19 19:16:42 Times Seen126 Hash bf6e0ef92ae84c6ac72a2e33e3bd0ba5 dd276e9188ea2de2da9b957adbb91c7e2b08d4ec 5f5f7af99db9aecf63f1ae5480d2b95a82e350abcdd3a765f5537235d12a4744 Loading...

	#5 Write - ab34ea7c979c46402352a8ce4c7b87cf	614 B	2023-12-02	2024-05-19
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-19 19:16:42 Times Seen117 Hash ab34ea7c979c46402352a8ce4c7b87cf 4ec90223aeea83fe3850db77b92c11eed50c99d3 fd21c10a5b8c554e00e76da6ce58475053e414d4280741ed032a857cf9876978 Loading...

HTTP Transactions (102)

URL IP Response Size

videzz.net/js/pop.js?v=1.0

78.142.18.54

200 OK

35 B

URL GET HTTP/2
videzz.net/js/pop.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
ASCII text
Size
35 B (35 bytes)
Hash
da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d

HTTP Headers

GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-23"
expires: Fri, 07 Jun 2024 04:04:18 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/ads.js?v=1.0

78.142.18.54

200 OK

211 B

URL GET HTTP/2
videzz.net/js/ads.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
Unicode text, UTF-8 text
Size
211 B (211 bytes)
Hash
09f34de71e8853387dd398fbb263af69
4ccb7007fcebcffe64eaa80f2991509fdbac55d5
6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523

HTTP Headers

GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-d3"
expires: Fri, 07 Jun 2024 04:04:22 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158623850-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74844 bytes)
Hash
c6819ed8dcd1cc91e6378698cf628452
2b27baa1cdae5e33b8081b2c32b8b4bf03e33c41
ac11a3477b1ad6da9e9437153039c28e481a18e12d9fb63ef8f86fc62e925531

HTTP Headers

GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:08:21 GMT
expires: Wed, 08 May 2024 04:08:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

videzz.net/embed-zmjt062n2cm9.html

78.142.18.54

200 OK

15 kB

URL User Request GET HTTP/2
videzz.net/embed-zmjt062n2cm9.html
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, max speed, from Unix
Size
15 kB (15335 bytes)
Hash
c34a1ba9f9c3599db790f74fca089078
2b98d7e1bbe4a95eb34f1c924313316053a93f68
555443aa63bd3f26134c572766618abe8334e356f2ab494fd3afde7725737c9d

HTTP Headers

GET /embed-zmjt062n2cm9.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 07 May 2024 04:08:21 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 09-May-2023 04:08:21 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/images-newtheme/attention.png

78.142.18.54

200 OK

6.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/attention.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6377 bytes)
Hash
d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6

HTTP Headers

GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-18e9"
expires: Fri, 07 Jun 2024 04:04:39 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

dog.seetron.net/lx4oag1.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
dog.seetron.net/lx4oag1.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /lx4oag1.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

dog.seetron.net/LrfK7A3.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
dog.seetron.net/LrfK7A3.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /LrfK7A3.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

yd.cottoidearldom.com/1clkn/14903

23.109.170.27

200 OK

26 B

URL GET HTTP/1.1
yd.cottoidearldom.com/1clkn/14903
IP
23.109.170.27:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectyd.cottoidearldom.com
Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE
ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 09-May-2024 04:08:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 09-May-2024 04:08:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 538767
expires: Mon, 28 Apr 2025 04:08:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xh9QW4IlhRdS9BcnFlYfB8N%2BEc0c00OZLnRMSyasOeC6cGd4d1OpmvQx67fgzPHWgM1dIJyPQA9VHumD1iC%2BEUfBhDrTS6KUylWHrXLBhPW1CsMvPAQubz%2FrrFwCelHc%2B049VEth"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880696919d31712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectprofitablegatecpm.com
Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30
ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT

File type
JavaScript source, ASCII text, with very long lines (44191), with no line terminators
Size
16 kB (15875 bytes)
Hash
237a1a37d24d6069584050d213675999
62a46d9d6155d648f25d28b1141edbfda13e22fb
483435cfe614be8485505f44e6adc36019025233aeaac6717ea6162e87dda42d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7eb725256d3c224f4cd0decf961489ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.googletagmanager.com/gtm.js?id=GTM-56DK3TH

142.250.74.168

200 OK

74 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3287)
Size
74 kB (73661 bytes)
Hash
c1fed532327d99e1cafa5bc78886c9fa
d5d84d3ffb6200e9ca5df873c59c02011dc5af8a
4bfd69f44a7ec4006faec07eec294c15041f71fa423bcc755a528e1f8723252a

HTTP Headers

GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:08:22 GMT
expires: Wed, 08 May 2024 04:08:22 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

s.o333o.com/adgpt.js

85.10.205.45

200 OK

820 B

URL GET HTTP/2
s.o333o.com/adgpt.js
IP
85.10.205.45:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subjects.o333o.com
FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46
ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2040), with no line terminators
Size
820 B (820 bytes)
Hash
55f8db8e0ec58b646f0b5425b405fdd0
0c79af1239cafc7ec4783f20b0b886a61daccc09
3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2

str40.vidoza.net/i/02/07565/zmjt062n2cm9.jpg?v=1715141301

109.202.101.218

200 OK

20 kB

URL GET HTTP/2
str40.vidoza.net/i/02/07565/zmjt062n2cm9.jpg?v=1715141301
IP
109.202.101.218:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3
Size
20 kB (20529 bytes)
Hash
babfb60a54aea692f6459437bd80e853
1ef80710eac81fb76f0d2f4e8e874e25d560ac1e
861338a39faf680e056e710213e9360b75b7d31d6637ba7eec8b25082c38c896

HTTP Headers

GET /i/02/07565/zmjt062n2cm9.jpg?v=1715141301 HTTP/1.1
Host: str40.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 04:08:22 GMT
content-type: image/jpeg
content-length: 20529
last-modified: Thu, 28 Mar 2024 05:59:56 GMT
etag: "6605075c-5031"
expires: Wed, 22 May 2024 04:08:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3a1e61864f6877260287982fa7e36085
6d426b2327915af4f120ff6b18ebd20ed03c2a2b
9ee2ee3f0b60937becb4aa057c348332dd277e32b268f5c0ea260c0d2a2af498

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 04:08:22 GMT
Last-Modified: Wed, 08 May 2024 03:37:25 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fxQqBDFiOUqHg5E462RUCJrgb1Wa8KIIRWD_t-oVy03pP8VWQLC3PQ==
Age: 1857

www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
95 kB (94574 bytes)
Hash
3356501c60c9b4f614df7c4cdf500acc
0fffe2756c62bcfcb37fac4f558bf765eecb69c3
39398c1dabdc8bf0e094b273ce326bed3f7fdaee47a6d9ecf053814c2b9754df

HTTP Headers

GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:08:22 GMT
expires: Wed, 08 May 2024 04:08:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

1.9 kB

URL GET HTTP/2
videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
1.9 kB (1871 bytes)
Hash
93aa9c84e2adc4bf33498144a8561610
fe017784b54026511198d6852e9e0bdc2a9ae877
3ebd7f5184410ee0540b0c373c7a6de8d81a264d25fb04623bd86fb6e8cd1686

HTTP Headers

GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1183"
expires: Fri, 07 Jun 2024 04:06:39 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

astronomybreathlessmisunderstand.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js

192.243.61.227

200 OK

30 kB

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30443 bytes)
Hash
1bae0999eda0c38eebcbba06565852cf
76fcce3ff5f6944b43068022994824367d9c152b
6de12680f8a72f9819844df0fd85c10b2d814445838b21789825e2ca683e3ec9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb642b4476d822625dfaa6e57040894f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

200 OK

77 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:23 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 647397
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696991df2b517-OSL
alt-svc: h3=":443"; ma=86400

proftrafficcounter.com/stats

52.58.212.182

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.58.212.182:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1e45f370bd3f48dcfb99a1fa04b430b2
9e7d8cd290ff1db39a98ca16bc0e0300fa4f856a
4e49068006062ade76da4ac1c144ca6ad0c8e0b3bf869631e98a171a373f87eb

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=c2d4f0f5-2efc-4005-b477-574a4b5aaa72:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Zj8D76R

104.21.37.74

200 OK

6.1 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/Zj8D76R
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
6.1 kB (6135 bytes)
Hash
a59a1eb59104d4bf5ae063b28f80a03e
a03719ddbf97ee76f24a77994dc2fed934bad2db
80499cd3508dab092fa2c87d292031821e2230653503f1dd41c2b9c04571fc47

HTTP Headers

GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZI2G6Pu6bOKBuLpD0yGCXxxvdfK8PyQGgbRiPXZ7HK%2B7khP84%2Fem9GARtDQThl0lXvYpFFPny%2BGnGHSxleqo5TF6Z6o1TGlDlI8S1T8hKlWuYXMxhebt5m0FRLW8KBBqGbG36a5ytpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696951c7556c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

41 kB

URL GET HTTP/2
videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
41 kB (41222 bytes)
Hash
92e3c17412e91a7a0411943dd99eeff3
d039530d607f0fdaf77a05cae37c7475960d273b
84c1d42113e57ad5cc4e74ab950734d8555f5b23a64cdf7b0ba34be43651ec06

HTTP Headers

GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-22364"
expires: Fri, 07 Jun 2024 04:03:01 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

104.21.37.74

200 OK

647 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
647 B (647 bytes)
Hash
e151e24dc5b354ea8ee36534a8264594
4b5f293d59d009ee46087f164ee86d066e8e83f4
b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QU5MpjKX%2BYbcFo49P2TZD7PWJ4SyuJwSM7cdxpRQZHEf67n9YIgibvnJHXOv1tdX7ct0zleFAigTdmP%2FGbDFwgOm4nTNpYsqkcM8vOFiDOcvDf6u%2BLGVuzzZKrF5B39nFA%2BlGafZ96E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696951c7156c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

57 kB

URL GET HTTP/2
videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
57 kB (57323 bytes)
Hash
0d15b917e06fde79fc6581d3781826ea
1aa79004646e2bc759f75d2439964e9d093f9ceb
dcd7375ff33868b2485a3b2852dd34cc8dd1b71ac0c853a567dbe3469a948898

HTTP Headers

GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-26cb6"
expires: Fri, 07 Jun 2024 04:03:28 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=744775195.1715141303&gtm=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=330370862

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=744775195.1715141303&gtm=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=330370862
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=744775195.1715141303&gtm=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=330370862 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 04:08:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

104.21.37.74

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 04:08:23 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPiz6q51hRbHELt5fYwlLUqEPyYe38W2EBq3EuX5JpEoJiAZpu%2FMB2b07xZDrpH0MrCNWfpvxKyjUeApiqhQcQ5w6z6TuVkk98EZUq5Oo5PFn6C%2FldK8ZDXb%2F0fV1umf73fVixvxtTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88069698fb8156af-OSL
alt-svc: h3=":443"; ma=86400

xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

bid.bidclickmedia.com/sub/31bV2Jy

104.21.37.74

200 OK

509 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31bV2Jy
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
509 B (509 bytes)
Hash
c1555c052dde7c63577b65ee2e032228
d3edbfc34af2949d589c6b978d7f3505d259def1
6355368aaf575ec49fad1013f7b100d3b4af0e08aa190538daaa7e1966141c31

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MA%2B8UiKgW8aqMs5zjgv%2ByqDso5DygJ%2FLjXJtGQ6qKnIKyhmMYVeKMlinCaT6%2BPVz%2FvpIJLMB%2FFwX6a%2BSLGTUNfPHK5RIlM08AJdJ%2FPKWHEAQvZtcnjQ00PRnu98%2FcvDGO1uqH3m2eQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696951c7356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/favicon.ico?v=2

78.142.18.54

200 OK

768 B

URL GET HTTP/2
videzz.net/favicon.ico?v=2
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
gzip compressed data, from Unix
Size
768 B (768 bytes)
Hash
88ba6b702e8ccc453e833ae9b7ce5dcb
3e16fbe72b21de5208c1598a8c6f5b54fa533f38
ea7b9ff93cf5abd034b21e71f808d027fee1aa4afb6a3eb8ddd618b8c0226eed

HTTP Headers

GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1; file_id=37829592; aff=198638; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; _ga_HEX1BG8H46=GS1.1.1715141303.1.0.1715141303.60.0.0; _ga=GA1.1.744775195.1715141303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:23 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:37 GMT
vary: Accept-Encoding
etag: W/"662ca99d-47e"
expires: Fri, 07 Jun 2024 04:00:36 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

104.21.37.74

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
0afbc42662d610b514f5be89bfd0d53a
0e5f0faddf5910a3c68deb940bb23924d244f1ff
a850e0db4b9fad13d0cb77a0f6599bfaf2d068dea62db64a43c06dadb12bbc38

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 04:08:23 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQKBgK2RKVK9jXcObExctN85Xfpq9bcQfR%2B49%2FlS8Bmhh2hy6hyconQ1R9Ost2XyNrbE3XETyiXBg0Rjt0D0TxnvWdNyZJGI4a%2Bk1YRzOfXIJtLdnakY5SbCJKXjIvnoI9KruHU63eY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88069699dbe356af-OSL
alt-svc: h3=":443"; ma=86400

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843za200&_p=1715141302134&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=744775195.1715141303&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715141303&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2154

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843za200&_p=1715141302134&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=744775195.1715141303&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715141303&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2154
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je4510v9104348843za200&_p=1715141302134&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=744775195.1715141303&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715141303&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2154 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 08 May 2024 04:08:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

astronomybreathlessmisunderstand.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHrMnBVH3JsqACArLpLtn0jOzewiuu5Fg3OyPoqAg1V3VkzLVXW1V1%2FRkTsGgrHgZvXjtfJNsUBd%2FTrsIrjJZUAgsZjzlYK6iXhaEPSiizBg2%2BKD7vVffV%2FC979V7m%2FaQ%2BLD04NxLqi%2BkpLNzNbf6zGued6a6JFLbq%2FZawZtB40xVd0%2B3g5r7bPUFHq2qWd%2F1XNdzveqC0DxWvdkJCJFdb3u1tltr%2BDVvroGe%2Fn9vrANDHbDuIXkUgo1nbjsnIaIR0uTLc9ys5io7dT6xkuZKo8t2XklXU1WkSI7LWDuI050jNpTZX7gFlW5P5UJ17xNDMSbO97cQpjtHIhF2t6Y6QwmeImQPouiOwOUIgo4QqQ0Itk%2BAiOHCMtLk2gWlC7r2H0on6JjM3PsDohiTmZ9PIk0%2BPytFr3pFSZsLlRr04hKiN4LojJDZXeT9CkSxiyh%2FB4LdIbP3lpAmW8tGKghWTmcXYgQRjyD5ANQ4sJNPOLCxA5s5SNhBNfI8r%2BmyiLqtdhTVWZOHAXM92ow96rlBCzaayBsgzwaI5ACRXkem17EqBtD2O5iVEoY5MPmYOJfW0WUlCk5QGIKCEhSCoMgJim65zaTxTXmNSWND7yj7R7leDlXe2aTbKu%2FwlIDqATQrN7ND8sjEH%2Bepio9VflCNWcMNg5ZP3TneoDRutNrMbweuV59zKQ0CGFFCmMp05L4Yk6fjG8jEmDz0A0FId2HkLiLxGKh9ArQoQVdK9NMvEirSWlcw1ae1lOdgqkSWzyBfczblIXl8uqTlDQse7c3f%2FfrEb3998DciXSLTJd4Stwk68urwsirI1mVVGPLVcpaLRPTpZIFXcprzE5%2B%2ByNcKpdniOTP45LloAkzK6y9zky%2FRlIm0Y8hnZwVjXC8oHXHyzaJ5lYcXrVk5a3Vqs6WLzy8sJpnmxgiVjkDF%2FvmPEYkxefjbN6Yv89Trv0DoEbQtkdg9chQQahdRtg6T7c3fff%2FHXz%2F8520YRaDlMSfMHBS2HGo%2FPD6UgkDy456GJQzfm79z89Lv7z55EyG%2Fb8dQ08ltKspNcxUdXQHNN5AmJbq6RFeWoHIAYx8Y5pnem%2F%2BpPg2EsjIMpa5shVLLj6YmT34GRhxUm%2FW6S4P2nNdsUt4MG34rDjxGqd8I%2FCCgdeRmHJ%2F%2B88a%2FAAAA%2F%2F8BAAD%2F%2F9frTtNzBAAA

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHrMnBVH3JsqACArLpLtn0jOzewiuu5Fg3OyPoqAg1V3VkzLVXW1V1%2FRkTsGgrHgZvXjtfJNsUBd%2FTrsIrjJZUAgsZjzlYK6iXhaEPSiizBg2%2BKD7vVffV%2FC979V7m%2FaQ%2BLD04NxLqi%2BkpLNzNbf6zGued6a6JFLbq%2FZawZtB40xVd0%2B3g5r7bPUFHq2qWd%2F1XNdzveqC0DxWvdkJCJFdb3u1tltr%2BDVvroGe%2Fn9vrANDHbDuIXkUgo1nbjsnIaIR0uTLc9ys5io7dT6xkuZKo8t2XklXU1WkSI7LWDuI050jNpTZX7gFlW5P5UJ17xNDMSbO97cQpjtHIhF2t6Y6QwmeImQPouiOwOUIgo4QqQ0Itk%2BAiOHCMtLk2gWlC7r2H0on6JjM3PsDohiTmZ9PIk0%2BPytFr3pFSZsLlRr04hKiN4LojJDZXeT9CkSxiyh%2FB4LdIbP3lpAmW8tGKghWTmcXYgQRjyD5ANQ4sJNPOLCxA5s5SNhBNfI8r%2BmyiLqtdhTVWZOHAXM92ow96rlBCzaayBsgzwaI5ACRXkem17EqBtD2O5iVEoY5MPmYOJfW0WUlCk5QGIKCEhSCoMgJim65zaTxTXmNSWND7yj7R7leDlXe2aTbKu%2FwlIDqATQrN7ND8sjEH%2Bepio9VflCNWcMNg5ZP3TneoDRutNrMbweuV59zKQ0CGFFCmMp05L4Yk6fjG8jEmDz0A0FId2HkLiLxGKh9ArQoQVdK9NMvEirSWlcw1ae1lOdgqkSWzyBfczblIXl8uqTlDQse7c3f%2FfrEb3998DciXSLTJd4Stwk68urwsirI1mVVGPLVcpaLRPTpZIFXcprzE5%2B%2ByNcKpdniOTP45LloAkzK6y9zky%2FRlIm0Y8hnZwVjXC8oHXHyzaJ5lYcXrVk5a3Vqs6WLzy8sJpnmxgiVjkDF%2FvmPEYkxefjbN6Yv89Trv0DoEbQtkdg9chQQahdRtg6T7c3fff%2FHXz%2F8520YRaDlMSfMHBS2HGo%2FPD6UgkDy456GJQzfm79z89Lv7z55EyG%2Fb8dQ08ltKspNcxUdXQHNN5AmJbq6RFeWoHIAYx8Y5pnem%2F%2BpPg2EsjIMpa5shVLLj6YmT34GRhxUm%2FW6S4P2nNdsUt4MG34rDjxGqd8I%2FCCgdeRmHJ%2F%2B88a%2FAAAA%2F%2F8BAAD%2F%2F9frTtNzBAAA
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHrMnBVH3JsqACArLpLtn0jOzewiuu5Fg3OyPoqAg1V3VkzLVXW1V1%2FRkTsGgrHgZvXjtfJNsUBd%2FTrsIrjJZUAgsZjzlYK6iXhaEPSiizBg2%2BKD7vVffV%2FC979V7m%2FaQ%2BLD04NxLqi%2BkpLNzNbf6zGued6a6JFLbq%2FZawZtB40xVd0%2B3g5r7bPUFHq2qWd%2F1XNdzveqC0DxWvdkJCJFdb3u1tltr%2BDVvroGe%2Fn9vrANDHbDuIXkUgo1nbjsnIaIR0uTLc9ys5io7dT6xkuZKo8t2XklXU1WkSI7LWDuI050jNpTZX7gFlW5P5UJ17xNDMSbO97cQpjtHIhF2t6Y6QwmeImQPouiOwOUIgo4QqQ0Itk%2BAiOHCMtLk2gWlC7r2H0on6JjM3PsDohiTmZ9PIk0%2BPytFr3pFSZsLlRr04hKiN4LojJDZXeT9CkSxiyh%2FB4LdIbP3lpAmW8tGKghWTmcXYgQRjyD5ANQ4sJNPOLCxA5s5SNhBNfI8r%2BmyiLqtdhTVWZOHAXM92ow96rlBCzaayBsgzwaI5ACRXkem17EqBtD2O5iVEoY5MPmYOJfW0WUlCk5QGIKCEhSCoMgJim65zaTxTXmNSWND7yj7R7leDlXe2aTbKu%2FwlIDqATQrN7ND8sjEH%2Bepio9VflCNWcMNg5ZP3TneoDRutNrMbweuV59zKQ0CGFFCmMp05L4Yk6fjG8jEmDz0A0FId2HkLiLxGKh9ArQoQVdK9NMvEirSWlcw1ae1lOdgqkSWzyBfczblIXl8uqTlDQse7c3f%2FfrEb3998DciXSLTJd4Stwk68urwsirI1mVVGPLVcpaLRPTpZIFXcprzE5%2B%2ByNcKpdniOTP45LloAkzK6y9zky%2FRlIm0Y8hnZwVjXC8oHXHyzaJ5lYcXrVk5a3Vqs6WLzy8sJpnmxgiVjkDF%2FvmPEYkxefjbN6Yv89Trv0DoEbQtkdg9chQQahdRtg6T7c3fff%2FHXz%2F8520YRaDlMSfMHBS2HGo%2FPD6UgkDy456GJQzfm79z89Lv7z55EyG%2Fb8dQ08ltKspNcxUdXQHNN5AmJbq6RFeWoHIAYx8Y5pnem%2F%2BpPg2EsjIMpa5shVLLj6YmT34GRhxUm%2FW6S4P2nNdsUt4MG34rDjxGqd8I%2FCCgdeRmHJ%2F%2B88a%2FAAAA%2F%2F8BAAD%2F%2F9frTtNzBAAA HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5670317ebdd13bf9d90143668742c7d
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.yourwebbars.com/sb/notifications/gambling/unibet/social-box-confetti/1/index.html

172.67.74.218

200 OK

482 B

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/gambling/unibet/social-box-confetti/1/index.html
IP
172.67.74.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
482 B (482 bytes)
Hash
901ff8c558bc4861832dfbddf78ab7a3
97da1f43e3d63c195a9e0961aec099bccef7f28c
a4414b760c15140f8ddbcb2dc85e95bc17bd54102cdc3f93d42b589e34ed4c89

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: text/html
last-modified: Thu, 02 May 2024 09:41:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 394236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcMnzHHHaJzBkXckPph%2Fn9jIKepY2nDGOum9Y%2FpQ4c8YekeB865rHHKBc5Pr8xlLjDTFFNNs8ERWXaMleSAYLN3J15OEGcFGQqmcQJLqfbGDk8DVwWo0c50DR3OFD4NierNz63I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806969e6e395690-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/js/script.js

188.114.96.1

200 OK

6.8 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
Unicode text, UTF-8 text
Size
6.8 kB (6837 bytes)
Hash
240731cf1c4b2bcad70c2365c2d81cbd
7604629159b8131ae062623e7971d51b6b223903
5ba205b36a8a1119104acfd210d008258b9de7a98b3efe25970c2a75053616a8

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 09:40:33 GMT
etag: W/"66335f91-827"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 474575
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MSDDNX9%2FRhFYmlHmOmVNOd%2B2Fu8AA298YJSRWvFsRDWBXwwdyJM2bekBRG1EI0dT%2Bk%2FUtCT4eiZ9ikMfZ79id3jWEfGnHnvRHJDR9wwQFsaIE35CBtkrR1hbVtMxbH%2FfRHGQS7cScsi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806969fef900b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/confetti.gif

188.114.96.1

200 OK

206 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/confetti.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
GIF image data, version 89a, 480 x 360
Size
206 kB (206291 bytes)
Hash
0b33face774f2203446507ce5f075538
1dd3522529bce7739df0687f47f5bc84356698a0
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 02 Feb 2024 15:34:07 GMT
etag: "65bd0b6f-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nW6uVISgT%2BvwcZlZOr383tOhQ24Nml0mCqqo9LDMBUrW6qIUUVkKfNQHuG75PUBIq36j6dhhxF7oEAnbMIBBhe72x%2BCdGBYVx52joUeUP3TG7elofuuciKMv31K7Qlq8nfKz13XiLBCf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696a0d8cab512-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/logo.png

188.114.96.1

200 OK

44 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 2038 x 728, 8-bit/color RGBA, non-interlaced
Size
44 kB (43597 bytes)
Hash
7385ff746ad38c8d244e3c5ee4a939a1
2bf171af67d57e5ed098473551ab9a4729051136
9d16ffd0a510eaf5e7a8509f0c02c7d26bc8b65675f2be5aba15d8094c00269a

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/img/logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: image/png
content-length: 43597
last-modified: Thu, 02 May 2024 09:37:49 GMT
etag: "66335eed-aa4d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FSL%2BYUbo7M9MQsj2gRqKt1%2B%2FyKPV%2B2pX8nW8tY8WnP53ypjwEnqWaKjVTVIHyMf5KiK%2Fh1l6CV8de5wGaEMEbkenyazsXSj517yASgIIbR%2BJZc%2BVgIojdw17kIqYdpFk8t1x2oOSCLvF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696a0e8ccb512-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

104.17.25.14

200 OK

5.1 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17660)
Size
5.1 kB (5117 bytes)
Hash
12dd498bf90c536803c2aad708b66c2b
5f9363d39a405d1c94328cf2303ff4a05c0ad163
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

HTTP Headers

GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 543736
expires: Mon, 28 Apr 2025 04:08:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fYKgg3U%2Bn%2FgC%2FSj924mrLMUCFzrPzwW4FNDa8t0mp4w44KCeFnxUeeuPSp0JGGuYisGnkpNXkG2kUiC4u0bED%2BXYDmxA01V63WKmH%2Fq%2BPdriQJ%2B5cj13m229xI%2Fz%2F9peMWUa9Hq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880696a15993569a-OSL
alt-svc: h3=":443"; ma=86400

dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638

135.181.208.216

200 OK

449 B

URL GET HTTP/2
dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
ASCII text, with very long lines (350)
Size
449 B (449 bytes)
Hash
765a2740e4eddc6fdcb6ccc4bd926867
bce56769a229e3556eb17984fde39dda6fec4257
fee860db8a8a059883305a6b2ba497f41a3b320791f760547f4c1a85f9165fe7

HTTP Headers

GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=48Y6YIjdQK9lXms8WQel; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

astronomybreathlessmisunderstand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fjs%2Fscript.js&l=2042&fd=98

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fjs%2Fscript.js&l=2042&fd=98
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fjs%2Fscript.js&l=2042&fd=98 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fstyle.css&l=4574&fd=107
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fstyle.css&l=4574&fd=107 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

bid.bidclickmedia.com/load

104.21.37.74

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 04:08:23 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyvimzGHeRnQidVZ5FMrWMzv2yi2cNMmno2iDvEJePgzvkCsS2qrsC8A2y9mE9Prk0Bf%2F6pnezwMGv%2FaqPqaoIK%2BKPWoIqoWQGQLJ%2Fp%2ByY3Yd%2B%2BvzuhiabSO88iwl%2BueNwBTuObrsDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88069699abd756af-OSL
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/load

104.21.37.74

302 Found

732 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with very long lines (316)
Size
732 B (732 bytes)
Hash
6406e5c4b795cf549addfd9ea6310533
3b861d3b57d9d29ded3e97415de00c1318a30dd2
c08b0b7ae14b8d7271c32d8537b10b345e1a65a8fd1150f4e4a7a174a6ac0d8b

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 04:08:23 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrjMMuu%2FMt3SQAWmS3DuYhzZvFjex3PU3oYGIWZIj9UJLp8sWYOUF6G4usbqVVWZY8tLyFVG1J7MwsTQQw6iY5kZdUHXZwEi%2BckRzZsoUbvHLDdd8m3t97PW2Z5v0bWgLmEvKkv0FAk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696995bb056af-OSL
alt-svc: h3=":443"; ma=86400

astronomybreathlessmisunderstand.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHrMnBVH3JsqACArLpHv%2BMrN7CK67kWDc7I%2BioCDVVdWTMtVdbVXX9GROwaCseBm9eO18k2xQF39OuwiuMllQCCxmPOVgrqJeFoQ9KKLMGDb4oPu9V99X8L3v1Xub7pBU4ejBuZd0XypFZxsVv%2FzMa0FwprwkE9cr91rNN5v1M2XTPd1uVvxnyy8Itqpnq37g%2B4EflBekEZHuzU5AyPR6O6i0%2FUq9WgkadfTM%2F3vrPFjqgXcPyaOQfDxz2zsJyUZI4i%2FPCbua6fTU%2BdgpmmmDLt95JVlNdJ4gPi4j4yFKdo7Y0HZ%2F4RZ0sj2VC929TwzlmHjf30KY7ByJRNjdmuoMFUSCkD%2BIvDuCUCNIOgLTG5B8nwCM48IykvjaBW1yuvYfSifomMzc%2BwMyH5OZn08iiT8%2Fq2SvfEUrl0mdWPSiArI3guyMkLpdZP0SZL4Llr0Dye%2BQ2XtLSOKtZas0JC%2Bms0s5goxGUGIAaj24ySc9uMiDSz3E%2FKDMgiCY8zmjfqvNWI3PibDJ%2FYDORQEN%2FGYLjk3kDZClAzA1ADPrSM06VuUAxn0Hu1LAcg82GxPv0jq6vEAuCHJLkFOCXBLkGUHeLba5slVbXOPKujA4ytWjXCuGOuts0m2ddURCQM0Ahheb6SF5ZOKP91SpilVxUI543Q%2BbrSr1G6JOaVRvtXm13fSDWsOntNmElQWkLU1H7ssxeTq6gVSOyUM%2FEIR0F1btgsnHQN0ToHkBulKgn3wRU5lUupLrPq0kIgPXBdJsBtmat6kOyePTJS1vOAi2N3%2F36xO%2F%2FfXB32CmQGoKvCVvE3TU1eFlnZOtyzq35KvlNJOx7NPJAq9kNBMnPn1RrOXa8MVzdvDJc2wCTMrrLwubLdGEy6RjyWdnJefCLGjDBPlm0b4qwovOrpx1JnHp0sXnFxbj1AhrpU5GoHL%2F%2FMdgckwe%2FvaN6cs89fovkGYE4wrEbo8cBaTeBUvXYdO9%2Bbvv%2F%2Fjrh%2F%2B8DasJjDrmhKmH3BVDUw2PD5UkUOK4p2EBK%2Fbm79y89Pu7T95EKO7bMTR0cpvKYtNeRceUQLMNJHGBrinQVQWoGsC6B4ZZavbmf6pNA6EqDUNlSluhMuqjqcmTn4WVB%2BWaz%2BdCEYm5UNQb9UgwHjYaoc8iFtZ4q8WQ2XF0%2Bs8b%2FwIAAP%2F%2FAQAA%2F%2F9XP5s7cwQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHrMnBVH3JsqACArLpHv%2BMrN7CK67kWDc7I%2BioCDVVdWTMtVdbVXX9GROwaCseBm9eO18k2xQF39OuwiuMllQCCxmPOVgrqJeFoQ9KKLMGDb4oPu9V99X8L3v1Xub7pBU4ejBuZd0XypFZxsVv%2FzMa0FwprwkE9cr91rNN5v1M2XTPd1uVvxnyy8Itqpnq37g%2B4EflBekEZHuzU5AyPR6O6i0%2FUq9WgkadfTM%2F3vrPFjqgXcPyaOQfDxz2zsJyUZI4i%2FPCbua6fTU%2BdgpmmmDLt95JVlNdJ4gPi4j4yFKdo7Y0HZ%2F4RZ0sj2VC929TwzlmHjf30KY7ByJRNjdmuoMFUSCkD%2BIvDuCUCNIOgLTG5B8nwCM48IykvjaBW1yuvYfSifomMzc%2BwMyH5OZn08iiT8%2Fq2SvfEUrl0mdWPSiArI3guyMkLpdZP0SZL4Llr0Dye%2BQ2XtLSOKtZas0JC%2Bms0s5goxGUGIAaj24ySc9uMiDSz3E%2FKDMgiCY8zmjfqvNWI3PibDJ%2FYDORQEN%2FGYLjk3kDZClAzA1ADPrSM06VuUAxn0Hu1LAcg82GxPv0jq6vEAuCHJLkFOCXBLkGUHeLba5slVbXOPKujA4ytWjXCuGOuts0m2ddURCQM0Ahheb6SF5ZOKP91SpilVxUI543Q%2BbrSr1G6JOaVRvtXm13fSDWsOntNmElQWkLU1H7ssxeTq6gVSOyUM%2FEIR0F1btgsnHQN0ToHkBulKgn3wRU5lUupLrPq0kIgPXBdJsBtmat6kOyePTJS1vOAi2N3%2F36xO%2F%2FfXB32CmQGoKvCVvE3TU1eFlnZOtyzq35KvlNJOx7NPJAq9kNBMnPn1RrOXa8MVzdvDJc2wCTMrrLwubLdGEy6RjyWdnJefCLGjDBPlm0b4qwovOrpx1JnHp0sXnFxbj1AhrpU5GoHL%2F%2FMdgckwe%2FvaN6cs89fovkGYE4wrEbo8cBaTeBUvXYdO9%2Bbvv%2F%2Fjrh%2F%2B8DasJjDrmhKmH3BVDUw2PD5UkUOK4p2EBK%2Fbm79y89Pu7T95EKO7bMTR0cpvKYtNeRceUQLMNJHGBrinQVQWoGsC6B4ZZavbmf6pNA6EqDUNlSluhMuqjqcmTn4WVB%2BWaz%2BdCEYm5UNQb9UgwHjYaoc8iFtZ4q8WQ2XF0%2Bs8b%2FwIAAP%2F%2FAQAA%2F%2F9XP5s7cwQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHrMnBVH3JsqACArLpHv%2BMrN7CK67kWDc7I%2BioCDVVdWTMtVdbVXX9GROwaCseBm9eO18k2xQF39OuwiuMllQCCxmPOVgrqJeFoQ9KKLMGDb4oPu9V99X8L3v1Xub7pBU4ejBuZd0XypFZxsVv%2FzMa0FwprwkE9cr91rNN5v1M2XTPd1uVvxnyy8Itqpnq37g%2B4EflBekEZHuzU5AyPR6O6i0%2FUq9WgkadfTM%2F3vrPFjqgXcPyaOQfDxz2zsJyUZI4i%2FPCbua6fTU%2BdgpmmmDLt95JVlNdJ4gPi4j4yFKdo7Y0HZ%2F4RZ0sj2VC929TwzlmHjf30KY7ByJRNjdmuoMFUSCkD%2BIvDuCUCNIOgLTG5B8nwCM48IykvjaBW1yuvYfSifomMzc%2BwMyH5OZn08iiT8%2Fq2SvfEUrl0mdWPSiArI3guyMkLpdZP0SZL4Llr0Dye%2BQ2XtLSOKtZas0JC%2Bms0s5goxGUGIAaj24ySc9uMiDSz3E%2FKDMgiCY8zmjfqvNWI3PibDJ%2FYDORQEN%2FGYLjk3kDZClAzA1ADPrSM06VuUAxn0Hu1LAcg82GxPv0jq6vEAuCHJLkFOCXBLkGUHeLba5slVbXOPKujA4ytWjXCuGOuts0m2ddURCQM0Ahheb6SF5ZOKP91SpilVxUI543Q%2BbrSr1G6JOaVRvtXm13fSDWsOntNmElQWkLU1H7ssxeTq6gVSOyUM%2FEIR0F1btgsnHQN0ToHkBulKgn3wRU5lUupLrPq0kIgPXBdJsBtmat6kOyePTJS1vOAi2N3%2F36xO%2F%2FfXB32CmQGoKvCVvE3TU1eFlnZOtyzq35KvlNJOx7NPJAq9kNBMnPn1RrOXa8MVzdvDJc2wCTMrrLwubLdGEy6RjyWdnJefCLGjDBPlm0b4qwovOrpx1JnHp0sXnFxbj1AhrpU5GoHL%2F%2FMdgckwe%2FvaN6cs89fovkGYE4wrEbo8cBaTeBUvXYdO9%2Bbvv%2F%2Fjrh%2F%2B8DasJjDrmhKmH3BVDUw2PD5UkUOK4p2EBK%2Fbm79y89Pu7T95EKO7bMTR0cpvKYtNeRceUQLMNJHGBrinQVQWoGsC6B4ZZavbmf6pNA6EqDUNlSluhMuqjqcmTn4WVB%2BWaz%2BdCEYm5UNQb9UgwHjYaoc8iFtZ4q8WQ2XF0%2Bs8b%2FwIAAP%2F%2FAQAA%2F%2F9XP5s7cwQAAA%3D%3D HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ec990070c62428ff8a391a8503ec146
Strict-Transport-Security: max-age=0; includeSubdomains

astronomybreathlessmisunderstand.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/pixel/sbs?c=1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 326387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 526404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=c2d4f0f5-2efc-4005-b477-574a4b5aaa72&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=c2d4f0f5-2efc-4005-b477-574a4b5aaa72&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=c2d4f0f5-2efc-4005-b477-574a4b5aaa72&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9912530d1039d08bf5acf29a2136b69d
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/style.css

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
1.2 kB (1190 bytes)
Hash
6e37e8eb72d0e626bd912db4993e9319
aa878bce133e5b09603e724a9c50b985ae5144f2
ab588d8a18e7730d63f5bd86c9ace0530bf35163dfae8ba6f221a93ff57c94cb

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 09:36:08 GMT
etag: W/"66335e88-11de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 474575
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6npOvhAF8VcMwdVoPP2RSIXIh8gund5HBYpk5QvWfaYN3dGLVyLvCmGvAp3KVOIA%2BrThijNN%2F0QTV9CK9xXJ0MEYDhs287RXeHfVBc4Ldfanb0ghmTCPGieHf7G5NnFHb6LLdiAp3Bo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806969fff930b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=0080561a1bf24becf91a92a6892d9663

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080561a1bf24becf91a92a6892d9663
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
edf9cc7fa20ce6986d0d0b0bfc6232c0
82dd0929eed5fd46e2c731ee74b4756b77eba588
377300f3ab9cb77383f8e1e7a75ca6234d1c57383c7fd63bceeee91217bb9c14

HTTP Headers

GET /gid.js?userId=0080561a1bf24becf91a92a6892d9663 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:25 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080561a1bf24becf91a92a6892d9663; expires=Thu, 08 May 2025 04:08:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.11.245

200 OK

7.5 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
104.21.11.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
7.5 kB (7451 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:25 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87sJat2qq9m1jOu0kXa6KE%2Bz3YwO5jcmQsuzII4Vb8UdDaVsLpL6g6DL9tr3GxfbidDlJPNGJb8WsoqPXo5FqG%2Fd9JcKom3Hp4o3sGE9qIXQkMpmrtt%2BDx%2FYPmnmng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696a6090d56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dog.seetron.net/api/settings/59846

135.181.208.216

200 OK

33 B

URL GET HTTP/2
dog.seetron.net/api/settings/59846
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

HTTP Headers

GET /api/settings/59846 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

104.21.37.74

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCteEHxthGe926fTRfG%2Bm07G0Cgq2jGbLijarGMDiRZFzKjwG0EZ0fH4kLV%2BoiYP2mUSuE0Ck8jfO8aXu7HYT7WBJle1P7cD88lawa1n0tir5FKAIBBpe6dEWIn94CdhqYD05%2Ft4%2BW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696952c7d56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/twitter.js

172.67.39.148

200 OK

645 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (655), with no line terminators
Size
645 B (645 bytes)
Hash
671b3272826b2e03f7f5ecc6846a4f83
bcd620154cd6381ddf84b4e17e53ad716f3acbea
b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggiKokhYH%2FRwG5kRNsQxxkES41zx0pRhTrFCFihLqsTSZDy5P6xBR0gPdEzsNoj600eU8miSvk2pNojpOEm0ToV01dZ%2BWv9rYzF%2F0crLCtKrUyFE67PnrnzZvkmGvUV%2BiiVGrF6naj2jHKv3CePNqH%2B%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5561
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696953d28568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:21 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 647395
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8806968f5f7456c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

str40.vidoza.net/nvl4ea4mpyfeieno3uvanefdmuzca4a2tldo54bnagbz5zxq4fmjmb6rn2da/v.mp4

0.0.0.0

0 B

URL GET
str40.vidoza.net/nvl4ea4mpyfeieno3uvanefdmuzca4a2tldo54bnagbz5zxq4fmjmb6rn2da/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4ea4mpyfeieno3uvanefdmuzca4a2tldo54bnagbz5zxq4fmjmb6rn2da/v.mp4 HTTP/1.1
Host: str40.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 08 May 2024 04:08:23 GMT
content-type: video/mp4
content-length: 551447628
last-modified: Thu, 28 Mar 2024 05:59:55 GMT
etag: "6605075b-20de6c4c"
content-range: bytes 0-551447627/551447628
X-Firefox-Spdy: h2

zv.7vid.net/api/spots/70102?s1=198638&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50

135.181.208.216

200 OK

67 B

URL GET HTTP/2
zv.7vid.net/api/spots/70102?s1=198638&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subject1111.spinna.online
FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED
ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT

File type
XML document, ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25

HTTP Headers

GET /api/spots/70102?s1=198638&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=eyO3K7kuwj7CBdP0BycN; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

static.addtoany.com/menu/svg/icons/whatsapp.js

172.67.39.148

200 OK

1.1 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
d822c46f36a55fdbfcc5029e62e19937
c575da68fa99eeb33863f281395755cbf20004d4
062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSU96ixWaD28Nb8I9Aj5jZKa%2BNYvW5VNkLrER1jYJS3ugzz7lGmzEIqiV3kXv434fWEdsYyUJ20xzAKnVVSufqyGQTOoBYND5UVCAwOpt8%2F%2B06wSA2ntzjWDOs%2FtjtYxzfNBdlx7"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1296
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696954d34568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/page.js

172.67.39.148

200 OK

3.0 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3132), with no line terminators
Size
3.0 kB (3003 bytes)
Hash
40486591ae8ea6d1423aeb13f1fd509b
f847af56588642de93c6fe0d2ce182303f312455
16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgezfhqgqVTMRSCdIrsKRfYkTxH%2FPj8LGo%2FZi7bo9fU4bzjrWOUuM%2FuqWdESz21N5bpaJYUt1gOALJJNuyaI4ehXqxRbTvLTpK26n%2FiZMmvypcd9Sxrz%2Bq3mFCmK6Ma%2FchKwisEm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13811
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8806968f5ca65690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=45343aa9-7d93-4d01-aa04-a86d17b94b20

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=45343aa9-7d93-4d01-aa04-a86d17b94b20
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=45343aa9-7d93-4d01-aa04-a86d17b94b20 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1403
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 08 May 2024 04:08:25 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638

135.181.208.216

200 OK

636 B

URL GET HTTP/2
dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjecta.bdsmz.tube
FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05
ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT

File type
ASCII text, with very long lines (772), with no line terminators
Size
636 B (636 bytes)
Hash
4cce94d8dedfbb7b419917f31b26df82
8c5fbe160faf22628524a86b3066384cfb6497a6
14558d604d258062613b6d07a0221fb70f9d1ec8cc2da971043f1bddf1436c41

HTTP Headers

GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&sid=1ca19d70-aaf3-4c34-9a0e-5ef47c1edf50&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=198638 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=w7UVpdZYOjsj6zUU5Y49; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

172.67.39.148

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDW4diA%2BEdy8OJCA%2BpLQ3gmSCi7vKsIXChBvTfZhzGq8tW7aSgoBp4ko5y0Wfi66JNOUEgnNTCRlGyJjb1nGdgevGDDRtPFAHoY%2BbgJySZ8EQL4gSUts1vSKtTOhLXaOnaC5J7u8rg4y8pfyPKUkaxP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5369
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696939c5e568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

astronomybreathlessmisunderstand.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type
JSON text data
Size
12 kB (11536 bytes)
Hash
bbe938b885c38aab7c44a141df5ffa4d
b57e04e7906c273eee8c7094ba3816323497c888
01c555462fc47cf7b84c9edb3a62109a75b31f2fd5b9c9bec547aaa5d5eea2f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Thu, 09 May 2024 04:08:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 09 May 2024 04:08:23 GMT; secure; SameSite=None
uncs=1; expires=Thu, 09 May 2024 04:08:23 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 09 May 2024 04:08:23 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 09 May 2024 04:08:23 GMT; secure; SameSite=None
slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]; expires=Wed, 08 May 2024 04:08:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 372ca3c09ccc870de8c586bb90ce2002
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

416 kB

URL GET HTTP/2
videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type

Size
416 kB (416358 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-65a66"
expires: Fri, 07 Jun 2024 04:07:55 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

myliveforyoudreder.com/vidozza.js

172.67.151.245

200 OK

1.6 kB

URL GET HTTP/2
myliveforyoudreder.com/vidozza.js
IP
172.67.151.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectmyliveforyoudreder.com
FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7
ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1742), with no line terminators
Size
1.6 kB (1615 bytes)
Hash
1b10623dcc365c3e40aa543ee9be6c3d
ee99261cffbbf896eba3c60d867480042fbaadc5
54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f

HTTP Headers

GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2261
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbnBR86ernaMZ4uQhVnwgCKR3POIdU73IX%2FdLtMUR0ZsumCVJq%2FgTiU8XsVITNTBBDqBv%2Fq%2BY8I0WUyiM8WYFHLEE9KpF2Y0tDCszn6fbL7VCR5Be1cC1pcC%2FkRrLHpiffZfUHlKSP1%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696957b14569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419

139.45.197.236

200 OK

94 kB

URL GET HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
94 kB (93619 bytes)
Hash
a43736339c987b4b271240ccd69f4110
612611faf786f1af482a6d2fd79a52feaf76f352
d99de0b583a8b859f19663901470f7ff1e61bb5bd70aa4b400d487f21ea2062d

HTTP Headers

GET /apu.php?zoneid=5902452&var=5708419 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:25 GMT
content-type: application/javascript
x-trace-id: a02a360a5bd1d59778d0e01ed97962ed
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080563dc2284f58f29090322fa9aa90; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
oaidts=1715141305; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.o333o.com/vast-im.js

143.204.55.90

200 OK

310 kB

URL GET HTTP/2
cdn.o333o.com/vast-im.js
IP
143.204.55.90:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type

Size
310 kB (310487 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2XqqFVne8beJyrKeqLbzklcfpmdI6iYna365xLcBFirJUv0ET9jE5g==
age: 2313400
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

cdn.itskiddien.club/?rb=-l3jn079_H7V46nRkKKbQSkjOUwldN5Sq3jW21CpnC32ySIzwjxPpnRPTrBa827jDwjhIJA5DtoS8c-3MdbN7ypqZAsPxki_tNAi6FvTM7XfPxSqqFrBnWeHnB7nJq1VU1Ib-T7egsJlHPAIZht67NwtpA_0GqrQDAGbn0N9rXhw4v662QimAw29ss8G31g7ps7KsJH6_40dc8mt1RHkwuYyPx7VpAWdb5jNyyq59NyvUV_tST9vLSHfTxK-PAO7nVJP4eo09UTYnNnc&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=5d95f9cf-88dd-441f-be4e-72502dca9d06&userId=0080561a1bf24becf91a92a6892d9663&m=link

139.45.197.236

200 OK

2.9 kB

URL GET HTTP/2
cdn.itskiddien.club/?rb=-l3jn079_H7V46nRkKKbQSkjOUwldN5Sq3jW21CpnC32ySIzwjxPpnRPTrBa827jDwjhIJA5DtoS8c-3MdbN7ypqZAsPxki_tNAi6FvTM7XfPxSqqFrBnWeHnB7nJq1VU1Ib-T7egsJlHPAIZht67NwtpA_0GqrQDAGbn0N9rXhw4v662QimAw29ss8G31g7ps7KsJH6_40dc8mt1RHkwuYyPx7VpAWdb5jNyyq59NyvUV_tST9vLSHfTxK-PAO7nVJP4eo09UTYnNnc&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=5d95f9cf-88dd-441f-be4e-72502dca9d06&userId=0080561a1bf24becf91a92a6892d9663&m=link
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2963), with no line terminators
Size
2.9 kB (2934 bytes)
Hash
bebe6f688606efad1fc8606d5a6a848c
f9c8c8c93949f27b74b154c4bb89d419c47720e8
3eca50a55ed3871357d9becb7b6f8f31873740cdd57ba04b62d3600da15595bb

HTTP Headers

GET /?rb=-l3jn079_H7V46nRkKKbQSkjOUwldN5Sq3jW21CpnC32ySIzwjxPpnRPTrBa827jDwjhIJA5DtoS8c-3MdbN7ypqZAsPxki_tNAi6FvTM7XfPxSqqFrBnWeHnB7nJq1VU1Ib-T7egsJlHPAIZht67NwtpA_0GqrQDAGbn0N9rXhw4v662QimAw29ss8G31g7ps7KsJH6_40dc8mt1RHkwuYyPx7VpAWdb5jNyyq59NyvUV_tST9vLSHfTxK-PAO7nVJP4eo09UTYnNnc&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=5d95f9cf-88dd-441f-be4e-72502dca9d06&userId=0080561a1bf24becf91a92a6892d9663&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=0080563dc2284f58f29090322fa9aa90; oaidts=1715141305
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:25 GMT
content-type: application/json
x-trace-id: d9814a238e2c8a48381913d081d21333
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080561a1bf24becf91a92a6892d9663; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
oaidts=1715141305; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 04:08:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

618 kB

URL GET HTTP/2
videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
ASCII text, with very long lines (63495)
Size
618 kB (618399 bytes)
Hash
ffba0e4b3edaa1a4c6bc7ef04bcf0ba9
3507ae56cc30b273cf17d0cf4de234dafa4db0eb
57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c

HTTP Headers

GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-96f9f"
expires: Fri, 07 Jun 2024 04:05:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

42 kB

URL GET HTTP/2
videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (42324), with no line terminators
Size
42 kB (42324 bytes)
Hash
764aafd976dd9cd9f33279bfafa02908
e9ad856ec00bccfdcbe17b79113681685c943b8d
2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa

HTTP Headers

GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:27 GMT
vary: Accept-Encoding
etag: W/"662ca993-a554"
expires: Fri, 07 Jun 2024 03:59:06 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/close.png

188.114.96.1

200 OK

6.0 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/img/close.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 02 Feb 2024 15:34:06 GMT
etag: "65bd0b6e-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 490901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQLBsIiboSmN38wihaUTbSwAislY66z1jw7aKmklPFlzP%2F3D%2BGjaW%2BlIS6uneMBMmUsgKA1al1QSEUSfGmChGMLRdEDWsHq8IfANsBLdNHJNITwvVLDw8qjl%2B3X5Rm6xMN8tPGgZNGyk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696a0d8c9b512-OSL
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/sub/31pnK5n

104.21.37.74

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fhs3Vygqo76Kws6Bs7blfvIaIj8%2BM6D97Mjw3OEH2pkmemwDgXjfO8jGjK5VuPvC1rPlCcthFrJOf7wAB%2FcrU6hIQ4yhivkK%2FRYXmKBG%2FTVL2YrQIN1sBbXEnVd9Mna8IhX8hKOW1nc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696951c7056c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/animate.css

188.114.96.1

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/unibet/social-box-confetti/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78693 bytes)
Hash
5982c5377696d20476871062646b253f
8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

HTTP Headers

GET /sb/notifications/gambling/unibet/social-box-confetti/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: text/css
last-modified: Fri, 02 Feb 2024 15:34:04 GMT
etag: W/"65bd0b6c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 474575
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=it4xg62HOHiqlYQinWyNoAxIPv5gTXSRvOaCn%2F1PW5O7USV3wonYKsYymgmyJNabFItgonEmyF%2FqR%2B1lSH0H4bsLDN%2FONnQ8BFJqOekWebLidIujjP%2Fi6xb0EuXoCbvLccX%2BOVIjfJwC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806969fef8e0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/telegram.js

172.67.39.148

200 OK

360 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/telegram.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (370), with no line terminators
Size
360 B (360 bytes)
Hash
d455b7099e753a3680d5e481a7b56a9d
146fdec3f2e51dabdd15fc8acda6d73823b0d44d
4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a

HTTP Headers

GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMJGe1UEbwEs5HbBF8m%2BObmMrUHG3OMVxSIiGFVJ0SBsWQtY4ktOVYoKCkEfNMvA2hFAWUXImpgCZn%2FIPhH%2BmAGHYgiMjn5Ua2dPP6e4%2FusvRjDnGR%2Bq0snIiikFzrjU%2FXCNvb6W8C6UnsFjYJvUV0rv"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5561
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696953d27568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/images-newtheme/adb_logo.png

78.142.18.54

200 OK

8.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/adb_logo.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c

HTTP Headers

GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-2074"
expires: Fri, 07 Jun 2024 04:04:22 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

86 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 21928c28c4fc3b150dac844e971d3c75
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 08 May 2024 04:08:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOH%2B5Q9C6xwXcBeXQSsryFxY4%2F8YKjvvPYMlt3kY05C%2BQT3ZrOvzbrVHe8hFb8VkfgHeNFjkdy9TO3ayMeTsqh3vzKH6tqYPuUEoUa8I3P4Wjxz2vUD%2BxG0M0nhJEMDj7qxsXuR2kREIR%2FH1fadpkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88069699fd971bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ossgogoaton.com/tag.min.js

172.67.184.45

200 OK

81 kB

URL GET HTTP/2
ossgogoaton.com/tag.min.js
IP
172.67.184.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectossgogoaton.com
FingerprintDE:B3:2A:B0:2A:4A:C3:F8:A3:3F:5B:C6:96:E6:F1:41:55:B4:87:1E
ValiditySat, 04 May 2024 10:37:16 GMT - Fri, 02 Aug 2024 10:37:15 GMT

File type
JavaScript source, ASCII text, with very long lines (65494)
Size
81 kB (81050 bytes)
Hash
43d7cfde39f6a0d86f3dd9dadd585edd
2a8f4de42716406465227c86f37b24b55c1b0233
62c6cba138d72f64de8743bd8bd9cbd22fb9c903aa86a5825f6837d1cc419826

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:24 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: aa5b61d2a1571140187f22da22a0d07d
cache-control: max-age=86400
last-modified: Tue, 07 May 2024 03:17:22 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 09 May 2024 03:13:42 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uum2KZ5WLusjsxKZj4WAQ4FTU9lo6YkHi16jcgtnHCCxBt1XfK1fbXid1uhC2LYgg5U4anTPI7U%2FebgnG6GzI8TFToUndeViRvfFg4jHe8nbFWIpb2q1zx4Oyv33ge7pIWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696a28ab7568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/locale/ru.js

172.67.39.148

200 OK

2.1 kB

URL GET HTTP/3
static.addtoany.com/menu/locale/ru.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (2170), with no line terminators
Size
2.1 kB (2130 bytes)
Hash
7581051e137324f383ce692c383a90ac
7c66ac218fd109304436e9588d602c7aaab63b82
428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c

HTTP Headers

GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Pns6TtwvXJrabXBg5qD34U9tGeMGrEdyUXo1Ifn5UQb5j%2FCb0kNzo4kU4t%2BwBPaHA8Py5yVUYqQOtvtjiUJeOTkgqF2%2B8WrkfDd3KIvQdWwPMR2W2eJHhLs1mdCyT2pxQI6S5LuakxUHp8hEEzVcw4J"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28223
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696953d20568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/facebook.js

172.67.39.148

200 OK

429 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
429 B (429 bytes)
Hash
874e1638740e061f9fa55eda3180724c
108a7e30fa0f7d50b961845ec970a2745f3c821f
d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6B%2FV6ADt517psBnU6gY21U1Bic9HzuXd7VQoHHzOpIzDwZJWTz9ICNXIC3sHbp8LbOg8q2%2FF%2BORds3rmW9O1Ls0y6Q7edGN6XzyiY6nnZTscstDrjHgjuWo%2BViAul%2B3fVrY3dDtWjAtHYik3CIlkPl%2B8"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8918
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696953d25568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/reddit.js

172.67.39.148

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjHweqxafNQq1n%2FESzRf2k9F%2FrYlbdwvbqiAi31q1bs4dxVMeUPA7nKp8T0F58E7TOkAh%2FfYESagksyAdIk6odC8nuIMY%2Fii8dgMTHCakMh4qso5JAISV52DVvEx%2FDl%2BX8CDPGH228RHXIBwZtZJQppE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8918
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696953d26568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aistekso.net/401/5708419

139.45.197.244

200 OK

91 kB

URL GET HTTP/2
aistekso.net/401/5708419
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (90813 bytes)
Hash
7d175a79887c6be6f6aa5a287cc02ec8
34884a4854e0e42275f483eeb6d3f3feb85fed2d
b5f2077b9feff5f12009f39db5019d416e8ade960614408b89840092d0b7d92c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:25 GMT
content-type: application/javascript
x-trace-id: 7a40fcc73bd73bd4f1b1215b004f019e
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0300565446664c54f0e30ef0c9a44585; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/viber.js

172.67.39.148

200 OK

1.0 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/viber.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1027), with no line terminators
Size
1.0 kB (1003 bytes)
Hash
b216786a6e2822572e4c78284416fd02
b3a072140d798b6734431ff6a890da7cb8c701ce
265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370

HTTP Headers

GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GF6l98r1SQYqjDtri4QPzTS5LMOpdVchUnK6BVf%2BlLdjgGTOroVtLoEgBZGV4DnC%2F8H50pBgMuYKNEVy7bN4602BG8Zh2ixMmsk5rDi0fS%2FzgSJQkky1xyzinR9KyteZiB1mtIVLwxRzIrwIJnPctQZD"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5561
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880696954d33568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.42

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 04:08:24 GMT
date: Wed, 08 May 2024 04:08:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

videzz.net/js/jquery.min.js

78.142.18.54

200 OK

96 kB

URL GET HTTP/2
videzz.net/js/jquery.min.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-1762a"
expires: Fri, 07 Jun 2024 04:03:28 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/js/videojs.stm.5.min.js?0.00660743972046163

78.142.18.54

200 OK

7.2 kB

URL GET HTTP/2
videzz.net/js/videojs.stm.5.min.js?0.00660743972046163
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
JavaScript source, ASCII text, with very long lines (7493), with no line terminators
Size
7.2 kB (7205 bytes)
Hash
559fdbbfb2f700ef277f69b35a097d54
df1d4bf430b37e066e4e3187d621c954d581c160
d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5

HTTP Headers

GET /js/videojs.stm.5.min.js?0.00660743972046163 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-1c25"
expires: Fri, 07 Jun 2024 04:08:21 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2

allvideometrika.com/f.php?sid=212515

172.67.214.245

200 OK

0 B

URL GET HTTP/2
allvideometrika.com/f.php?sid=212515
IP
172.67.214.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectallvideometrika.com
Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13
ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:23 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9iURxr%2BEy67iHAOpExoe7oco72bGk0wr183KWn7%2FzgrCT%2BXn9KSaud3tXpi1m8wuOaKQfyCIWftXlutFRuQN%2FYww82FWbJis9X7TJo5Z%2B8g1shCJUtnJzFpYcuFFWDOqzeh4N5z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88069697ebf156c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fanimate.css&l=78693&fd=104
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Fcss%2Fanimate.css&l=78693&fd=104 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

harassmentgrowl.com/pixel/purst?dl=0&th=0&sc=0&rs=2183&rd=2183&fd=762&bv=24.5.6485&tmpl=136

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
harassmentgrowl.com/pixel/purst?dl=0&th=0&sc=0&rs=2183&rd=2183&fd=762&bv=24.5.6485&tmpl=136
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectharassmentgrowl.com
FingerprintEF:3A:DF:32:71:10:91:85:74:56:59:09:21:58:8E:10:A1:16:D1:8A
ValidityMon, 06 May 2024 12:54:15 GMT - Sun, 04 Aug 2024 12:54:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2183&rd=2183&fd=762&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: harassmentgrowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 772eb46b94590ea64d0956fd7fccb192
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 08 May 2024 04:08:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGbdUZHovDVoHPCGFehaXeEqdD%2BB%2F4tiEVrsWzp7EUNhAzlir2v7qo6%2Fv8gWNwjIZNQ88WBHTK%2BlrJYybPL3ThuC0Xz2qgnDvjY19N05mbh5Fp%2F6WAVrnY%2B6YIhi%2BvN5iixAlt8LOLhVvsW2t3Gm0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880696956b3b569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

astronomybreathlessmisunderstand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Findex.html&l=1738&fd=175

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
astronomybreathlessmisunderstand.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Findex.html&l=1738&fd=175
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectastronomybreathlessmisunderstand.com
FingerprintDB:F1:11:8A:FD:9C:37:6B:1C:13:3D:8D:D7:1D:F5:09:0E:2B:DD:48
ValidityMon, 06 May 2024 12:49:33 GMT - Sun, 04 Aug 2024 12:49:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Funibet%2Fsocial-box-confetti%2F1%2Findex.html&l=1738&fd=175 HTTP/1.1
Host: astronomybreathlessmisunderstand.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210997,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=c2d4f0f5-2efc-4005-b477-574a4b5aaa72&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=c2d4f0f5-2efc-4005-b477-574a4b5aaa72&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=c2d4f0f5-2efc-4005-b477-574a4b5aaa72&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 04:08:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3738f7ad892fc82e7cfe922879986840
Strict-Transport-Security: max-age=0; includeSubdomains

veepteero.com/88/104

139.45.197.242

200 OK

3.0 kB

URL GET HTTP/2
veepteero.com/88/104
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3232), with no line terminators
Size
3.0 kB (2974 bytes)
Hash
a3328d70c4759d57046577081cefeaa6
e2da1f762024169ac792ae85ac2b591c343ef7a0
156148958fd4a9a64c4a92f69b319ad21359778de143134826a176cb107684e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:24 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

veepteero.com/?rb=Vy2uSiK9f_pgKZA9RdJPGEoLajALG0sMm5R8D01fQZaumczor_fF_mpJrzO0cDlPm7tdyxXjlsHOKUKu1yWSWOHFvHTzUhYzoWqcNO5M6ItkeBqtMy_7lxEhmN1abEKYaM-0opyMXFHulpag0wCkcm-mzeF2u2DjvcPM2Ku-iq59zMXocGcloNpBY-YNDXItD_z-vlQYMmaD2JTgr2SsLDAwYvIIpMzhipO4GfRQzF0qLkP3AcoqLS92sE_zIhzVdit8ow%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&bs=7ea5120f-ec14-4f2f-8f87-fc426f53af6c&wasm=1&userId=0080561a1bf24becf91a92a6892d9663&m=link

139.45.197.242

200 OK

2.3 kB

URL GET HTTP/2
veepteero.com/?rb=Vy2uSiK9f_pgKZA9RdJPGEoLajALG0sMm5R8D01fQZaumczor_fF_mpJrzO0cDlPm7tdyxXjlsHOKUKu1yWSWOHFvHTzUhYzoWqcNO5M6ItkeBqtMy_7lxEhmN1abEKYaM-0opyMXFHulpag0wCkcm-mzeF2u2DjvcPM2Ku-iq59zMXocGcloNpBY-YNDXItD_z-vlQYMmaD2JTgr2SsLDAwYvIIpMzhipO4GfRQzF0qLkP3AcoqLS92sE_zIhzVdit8ow%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&bs=7ea5120f-ec14-4f2f-8f87-fc426f53af6c&wasm=1&userId=0080561a1bf24becf91a92a6892d9663&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2325), with no line terminators
Size
2.3 kB (2303 bytes)
Hash
12c6d4409e4013e09aebb7e8808f4294
ab2bfbbb2c8701473d7c141a9d3ebd95961ef709
75806b0da52c982457fc5d475dbf96d582dd2c67761d930a199586dc640556da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=Vy2uSiK9f_pgKZA9RdJPGEoLajALG0sMm5R8D01fQZaumczor_fF_mpJrzO0cDlPm7tdyxXjlsHOKUKu1yWSWOHFvHTzUhYzoWqcNO5M6ItkeBqtMy_7lxEhmN1abEKYaM-0opyMXFHulpag0wCkcm-mzeF2u2DjvcPM2Ku-iq59zMXocGcloNpBY-YNDXItD_z-vlQYMmaD2JTgr2SsLDAwYvIIpMzhipO4GfRQzF0qLkP3AcoqLS92sE_zIhzVdit8ow%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.10-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-zmjt062n2cm9.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.10-auto&navlng=en-US&pnt=0&pnrc=0&bs=7ea5120f-ec14-4f2f-8f87-fc426f53af6c&wasm=1&userId=0080561a1bf24becf91a92a6892d9663&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 04:08:25 GMT
content-type: application/json
x-trace-id: 8c56eb950e03c0be7cae2930583e0366
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080561a1bf24becf91a92a6892d9663; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
oaidts=1715141305; expires=Thu, 08 May 2025 04:08:25 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 04:08:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

str40.vidoza.net/nvl4ea4mpyfeieno3uvanefdmuzca4a2tldo54bnagbz5zxq4fmjmb6rn2da/v.mp4

109.202.101.218

206 Partial Content

1.2 MB

URL GET HTTP/2
str40.vidoza.net/nvl4ea4mpyfeieno3uvanefdmuzca4a2tldo54bnagbz5zxq4fmjmb6rn2da/v.mp4
IP
109.202.101.218:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
1.2 MB (1196014 bytes)
Hash
97887988dbe0ca938a573825e1aee146
b2b488648a2f8f3e2a198a3d533fb8b3406dc6e1
d3d2b223a23789fac5d59ea6517cf3b323e639ab7568b4f0402bc7c38e618588

HTTP Headers

GET /nvl4ea4mpyfeieno3uvanefdmuzca4a2tldo54bnagbz5zxq4fmjmb6rn2da/v.mp4 HTTP/1.1
Host: str40.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 08 May 2024 04:08:22 GMT
content-type: video/mp4
content-length: 551447628
last-modified: Thu, 28 Mar 2024 05:59:55 GMT
etag: "6605075b-20de6c4c"
content-range: bytes 0-551447627/551447628
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/0YDX8OE

104.21.37.74

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/0YDX8OE
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
af2b6f5e906532aa6d51ed7dcbb8fed7
5ddca712e64ecb7520e561656c87079ec18e3db1
eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3

HTTP Headers

GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S18aegKJBUj5nBd9a%2F293EgPiC9nk4Cxbn5lifQwNSL7VpY83cLQTDwZXsyLjmlEKPz13elsha2PMvNph56GSiID6x6afL%2FTa4wm3HIEPKR73xI%2B74Ur3NBrn%2BRI7xCV2yFZDLLPFF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880696951c7b56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/modules/core.BRQnzO8v.js

172.67.39.148

200 OK

72 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71454 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:08:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK8gUdgRP8GeYnLNHjDu6u8caDNHdfO2sQNKdIoJNqcMjR7wKzBSRPIzKBAhIZ8GUNx3vYpRT%2B9Wl0bTiXTo1YqoNOdrpxq%2F84ur0eWSRu%2B8ofOTPc9x7M1JwH%2F7P4Z%2FP3le3Hg2mdvhb0ePe1lTNo51"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5564
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 88069693ac61568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

170 kB

URL GET HTTP/2
videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/embed-zmjt062n2cm9.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33
ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT

File type
ASCII text, with very long lines (50421)
Size
170 kB (169541 bytes)
Hash
bf9af199b5ef61988f82fa239ebf61da
d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc
e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d

HTTP Headers

GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-zmjt062n2cm9.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 04:08:21 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:32 GMT
vary: Accept-Encoding
etag: W/"662ca998-29645"
expires: Fri, 07 Jun 2024 04:03:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (72)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML