| cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js | 104.17.25.14 | 200 OK | 30 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js IP104.17.25.14:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32132) Hash0652da382b6fceb033dfe2b6c06d4d11 002da8cbe90fcf32fbdebb72386125079e3805ee 7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
GET /ajax/libs/jquery/1.9.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 29505
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-16b8c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8113
expires: Wed, 16 Apr 2025 06:36:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C66r2l%2B6kjtIPHCGwofhzFzgIn9WqyGs5A5v9Juulb%2FmRKkU6wNmvzaulVmSHepBu9LSDlo8vkrh2cI7PXYJkH7ufl1h7srfFQ4%2BMWpbeeX%2FuL2nr9HBM4jOCy%2FTyYsmN8FkHUqH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a48ef05931568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| valueslinear.com/52/ba/41/52ba419ba307b72ff4090aea25de5317.js | 192.243.61.225 | 200 OK | 17 kB |
URL GET HTTP/1.1valueslinear.com/52/ba/41/52ba419ba307b72ff4090aea25de5317.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerLet's Encrypt Subjectvalueslinear.com Fingerprint1B:5F:42:9F:A7:B8:88:69:0E:18:50:43:65:11:E1:69:A0:24:C0:4E ValidityTue, 02 Apr 2024 11:12:23 GMT - Mon, 01 Jul 2024 11:12:22 GMT
File typeJavaScript source, ASCII text, with very long lines (40619), with no line terminators Hash386fea7ac43b9ea5ae0986b9238386c9 0e768dad6f406ab3b0e3b5cf0b4256cb40512889 1b4769520b5f730fe5cf67c0c033a68f18f72e00e59ec60f7ceb128333ae4479
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /52/ba/41/52ba419ba307b72ff4090aea25de5317.js HTTP/1.1
Host: valueslinear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:36:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da3d69afd9078c3c3813e21323b1ead1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| vid142.site/assets/mcloud/min/embed.js?v=661f2fa5 | 172.67.199.60 | 200 OK | 90 kB |
URL GET HTTP/3vid142.site/assets/mcloud/min/embed.js?v=661f2fa5 IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9591) Hashacb8b970d932c2a643dba5c09c83cbbd bb96e7f2aa06dd0f6acb68d28f5d46c83268df94 c3deb3814ee4baede6bb7c37e0de63be0bdaf0e7d79a038f5a16c4b917f11782
GET /assets/mcloud/min/embed.js?v=661f2fa5 HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 02:10:45 GMT
etag: W/"661f2fa5-2fade"
m-cache: HIT
expires: Fri, 17 May 2024 02:10:48 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 793537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hu4dIcJv4eM0LEVCEiMyHZcKhrDJQMMxXAJLogbT8XDwKCr67tiqpCvJ7hGTAvUjg2ZEePNwpqU1y%2BPXv%2F63VldLjggLWJJyTM72DG4sIcexKfrhhzIEnSfxdQD2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a48ef05a12b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash862578ef1a335f9e4c381441706e0a81 ebbfd05a050abb594fad0fefe837472a2ca3b76b afcf034d1d6f46bd2808e6fc161e7fdb03667eb829d00dcb73b6ab4861e4b6b8
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid142.site
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/
Cookie: uid_id2=c08c2fb8-d12a-4fd6-88c3-b4240fda3984:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vid142.site
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| vid142.site/favicon.ico | 172.67.199.60 | 200 OK | 0 B |
IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=c08c2fb8-d12a-4fd6-88c3-b4240fda3984%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: image/x-icon
content-length: 0
cache-control: max-age=14400
cf-cache-status: HIT
age: 4985
last-modified: Fri, 26 Apr 2024 05:13:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NN%2F05Akt0wWft1g63HrSPFxVBNOcHaFAsS2OF5y5sJ%2B%2FmSUjsCuU%2FNfQv4rZZTW%2FPkXpwTwV9yeSm7tIXO4%2B%2Ba8Wp6cPWCGAkoGCYvHuFX7rDthxWQA0fflrNxtOWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a48ef61fb1b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| vid142.site/assets/mcloud/min/embed.css?v=661f2fa5 | 172.67.199.60 | 200 OK | 5.4 kB |
URL GET HTTP/3vid142.site/assets/mcloud/min/embed.css?v=661f2fa5 IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
File typeASCII text, with very long lines (8530), with no line terminators Hashf697d2037c680007ec4be61a7aba171d 1ec3830bd96f59b7c0f8817c2fc7834a8f02f9c7 1813e9be4a3e2484923c8d68b6985114709ad906c66a1e1ffb1438f30d46333c
GET /assets/mcloud/min/embed.css?v=661f2fa5 HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: text/css
last-modified: Mon, 08 Apr 2024 02:37:41 GMT
etag: W/"66135875-2152"
m-cache: HIT
expires: Fri, 17 May 2024 02:10:48 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 793537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6uSeWc1j%2FyxFhi%2BtjDhjGd2CGeji9jSdjmkmrzf42Umq%2BPNq5nNmO4VSxLpUET1ksTRxBjrVuklU3cWISFgEkd%2Fu9RM%2B1XKoLiqgGrmBl9wqnoMBRJbUlfooxy6RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a48ef049fbb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== | 172.67.199.60 | 200 OK | 992 B |
URL User Request GET HTTP/2vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== IP172.67.199.60:443
CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
File typeHTML document, ASCII text, with very long lines (1059), with no line terminators Hashc98698c978365b9863375a52ef51356a 27dc93bb273789c8d457475743ee16eec09d5e41 58751b41eeda506ff4d428cac6fc0e629fd67ea4cefed8dab4b7e570e13d8e6e
GET /e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:36:24 GMT
content-type: text/html; charset=UTF-8
m-cache: HIT
x-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wThxNAv2ybtBHs8aGy8ksoiL6%2FoNxohcXz%2BJO%2FGofJyaQIcSteAfejdC%2BHwn5cHIrZTui%2BCq9hswi33o4cIn9gL4cWYfZA%2FxKnLij1EC83JE2U73Sbm%2BYfK9faMzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a48eee58f8b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vid142.site/mediainfo/XXFPuqkC5oLQroElKbttTTTHJvscmw4=,207,209,156,170,190,180,215,133,154,221,155,184,166,164,182,195?autostart=true&t=4xjRDfUvDFcMyA== | 172.67.199.60 | 200 OK | 8.1 kB |
URL GET HTTP/3vid142.site/mediainfo/XXFPuqkC5oLQroElKbttTTTHJvscmw4=,207,209,156,170,190,180,215,133,154,221,155,184,166,164,182,195?autostart=true&t=4xjRDfUvDFcMyA== IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
Hashdda637063babed9e547b6c184601870e 59fea41b192a803d60d99bdd8feed46e789764ff fbf9f1885d6ae7bedd2c616dd2522ababc010c1e69977c8be6ebd32ce7af8762
GET /mediainfo/XXFPuqkC5oLQroElKbttTTTHJvscmw4=,207,209,156,170,190,180,215,133,154,221,155,184,166,164,182,195?autostart=true&t=4xjRDfUvDFcMyA== HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: application/json
x-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKgZXVt5szBGr3hlL%2BBOL2NZtR%2B9zrt5RL4lJK%2FWJyPB%2F%2FnSLVfeqzdG3qT3h9zDQb7nKNR47k5CaxQdGn%2BX1I7JdhL%2BQ0ZYOchtcS4ktnLoltzK5ebzMt0d5Ss1Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a48ef57f0bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| vid142.site/assets/players/jwplayer-8.26.9/jwplayer.js?v1 | 172.67.199.60 | 200 OK | 50 kB |
URL GET HTTP/3vid142.site/assets/players/jwplayer-8.26.9/jwplayer.js?v1 IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65147) Hasha27042e4168b8224e40c7f36c3a36d1e ba1f8b5fc524e8e96a57682a00bb689d174fb600 a37e9266fd7dad068329b7af30e5c3c4982611b2be7cceb649aa9b61f4fc68cf
GET /assets/players/jwplayer-8.26.9/jwplayer.js?v1 HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 22:03:52 GMT
etag: W/"6508c948-1acd3"
m-cache: HIT
expires: Fri, 10 May 2024 04:14:38 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1390907
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpT%2Fc6rfHmMS2XuymvtiL0O2P%2FVQ6%2FbSJUhcCqyR7NwA%2FUXmEth6T1lXvX77Lk4vjdeQJ%2FDRNqFRqFW4SsJlqh6OVDGXICJQJa2POZOVaBnsJKk1v8HvCo5HmoKmlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a48ef04a04b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| vid142.site/views/4113965 | 172.67.199.60 | 200 OK | 6 B |
URL GET HTTP/3vid142.site/views/4113965 IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
Hash26ab0db90d72e28ad0ba1e22ee510510 7448d8798a4380162d4b56f9b452e2f6f9e24e7a 53c234e5e8472b6ac51c1ae1cab3fe06fad053beb8ebfd8977b010655bfdd3c3
GET /views/4113965 HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: text/html
m-cache: BYPASS
x-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEk1QEuQv69%2B9vDtTxknIynLdXjghCSxYVus96%2Blo3jLiHfRaiID6JqEpI0p4hL0zCegk5Rk%2FivkYKjgEkBmdMDmQLilJFxmgXfYR1COzbLyZj%2Fpm2VUz%2Bt9VLAfwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a48ef54ed9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=c08c2fb8-d12a-4fd6-88c3-b4240fda3984&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=52ba419ba307b72ff4090aea25de5317&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=c08c2fb8-d12a-4fd6-88c3-b4240fda3984&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=52ba419ba307b72ff4090aea25de5317&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=c08c2fb8-d12a-4fd6-88c3-b4240fda3984&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=52ba419ba307b72ff4090aea25de5317&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:36:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0cfb362f71d504996ca08182e9ca0e3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.108.76:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 06:36:26 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11b733ddfb6d53d449b2b880a3a882d9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| vid142.site/futoken | 172.67.199.60 | 200 OK | 257 B |
IP172.67.199.60:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerGoogle Trust Services LLC Subjectvid142.site Fingerprint30:DB:E2:03:25:AC:A4:38:4A:78:31:91:FF:C7:16:43:11:A9:4C:DD ValidityWed, 10 Apr 2024 03:06:57 GMT - Tue, 09 Jul 2024 03:06:56 GMT
File typeJavaScript source, ASCII text, with no line terminators Hashf667d6d28e0614af3b91aa31341e5dd5 479e9524af61d7d0877be704781d6f70cb8c7712 36742088531519e6ed3df1e16d5ed0d851b238fb26429dccc7355e01541bbdd3
GET /futoken HTTP/1.1
Host: vid142.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
m-cache: MISS
x-cache: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjit6QNV1NQj8EvXYTKidpoXNMKnlZzMXECVXhg116CZDqNDJEQZIaY1ANTs7b4MYd%2FVfroq9QTDl28mmrsK0bj9JMuBCPWqDpkXCr50ojlf9VmPqDnXyySdSYQLyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a48ef049feb529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://vid142.site/e/LNPEERD6OPXW?autostart=true&t=4xjRDfUvDFcMyA== CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vid142.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 06:36:25 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: efdf19b2c5d57ed3e26e140decff2fb6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 0
last-modified: Fri, 26 Apr 2024 06:36:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ut4pR%2BRQztJa%2B%2BI01J9VM7%2FU8Dx%2F3dIwtzVM78SHPfcu3lHOc8%2BYjREDRwt9WqMx0FTg5XcDnMZW62lAaw3N53TVrFu0AXY5cDXl0tVQPZUzL8zKtIeMPp2GqQ%2FLoQd0k0%2BhMUm2QmL6JFGgXFnokA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a48ef419be5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|