| www.videzz.net/js/pop.js?v=1.0 |  78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2www.videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
GET /js/pop.js?v=1.0 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-23"
expires: Thu, 06 Jun 2024 02:11:43 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2www.videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
GET /js/ads.js?v=1.0 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-d3"
expires: Thu, 06 Jun 2024 02:11:47 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2www.videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-2074"
expires: Thu, 06 Jun 2024 02:11:46 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2www.videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
GET /images-newtheme/attention.png HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-18e9"
expires: Thu, 06 Jun 2024 02:12:03 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 |  142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash14fe7563a931a73ee0f1dac3f46fd140 f696ce9f922240f02a9481dea05ec39b864b7258 a98465ab5af8e90c86f27d4281c43c19d10759044440fb3fa8a39cf4d46154d9
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 02:16:55 GMT
expires: Tue, 07 May 2024 02:16:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/LrfK7A3.js |  135.181.208.216 | 200 OK | 77 kB |
URL GET HTTP/2dog.seetron.net/LrfK7A3.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /LrfK7A3.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/lx4oag1.js | 135.181.208.216 | 200 OK | 77 kB |
URL GET HTTP/2dog.seetron.net/lx4oag1.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /lx4oag1.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| yd.cottoidearldom.com/1clkn/14903 |  23.109.170.72 | 200 OK | 26 B |
URL GET HTTP/1.1yd.cottoidearldom.com/1clkn/14903 IP23.109.170.72:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectyd.cottoidearldom.com Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 02:16:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Wed, 08-May-2024 02:16:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Wed, 08-May-2024 02:16:55 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css |  104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:55 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 445680
expires: Sun, 27 Apr 2025 02:16:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8OrVZz1Q8U9hMveTtEGx7uEN6ddqaMwOkpEv4Lvwfu0OTRSgoqptEApmx5cRrR1oZa16WpD9yDKr6A1H52DHAE%2FF8qWjgZ7%2B8UXjkQgW%2Bv6%2BKjqJdBp%2Bf7oIbWMlxVoJ6ahklDF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87fdb5f3281a56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hash089597062875ecf409fc9dce045d7c4d a84841a3b13ba97f1e056ea9452fbb776e0382b6 f66742c65cd662a4ae50ae6865d43e73fb4a80ec659d7ee835d17d932dd175be
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 02:16:55 GMT
expires: Tue, 07 May 2024 02:16:55 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 00:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js | 172.240.108.76 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP172.240.108.76:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44171), with no line terminators Hashf28ba4203e986e7790072ee46b398b6d 588f626f4805638962edbacb90ac166e784150dd 4302eef1e5d63f7baddb2f7ffd25baf61c5cf89f93306da4bd3db4e7ba7123a4
GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e3d8cf944cd5b753f260e0e209ded97
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| s.o333o.com/adgpt.js |  85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash1c746578e95683e8b5c861e2c85d81b0 d689114a6d40b4a92b56d12e0eb33e9aeb1a4349 67752d648603b1a5bb6f8856a09b777cfa84dbaed795194ea4018908778fe336
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 07 May 2024 02:16:56 GMT
Last-Modified: Tue, 07 May 2024 01:56:35 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gxttaXfbjlqqBPZ1lbPVV-5s0B0uXF-JBiyC2D8cJkPJvNW1zvE_XA==
Age: 1221
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a4f1bd54caf30030d5d3d2241f31009d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 02:16:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYOVo%2Fu%2Bp%2FtwYEgQO4VFL4e%2BbmCbzvUm5OWLu3gVvYBDiqh7pY4J%2FXU8AycjVE8rL4VpjJnnyCRsCZto0bYtaVU8c98KVVNlcXWHmYdp0oa7HicTxjkIdmF8C9CwDvTfT6Us5qnlIMhjM5zFHgZ4lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb5f63e86b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.31 | 200 OK | 89 kB |
IP143.204.55.31:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash468d5d1a0a14707f65f85fc09f737288 1bce97e71db7599b0e190d1a6c3406bce9923348 7f34fc48c7d7609dfc6114d0a0d9d616d416a6a3dff71e732ff35bff5f74a635
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: diQF370hj1nfx-0mrN83t2itnFRlKZuRt1QFppuUXrotl6DQQ8D3eQ==
age: 2220314
X-Firefox-Spdy: h2
|
|
| www.videzz.net/js/videojs.stm.5.min.js?0.358530190504421 | 78.142.18.54 | 200 OK | 40 kB |
URL GET HTTP/2www.videzz.net/js/videojs.stm.5.min.js?0.358530190504421 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Hashfd0caa4748ee13a7512fab20da3f92e2 1524ad867c3f7d75d9f09fc09d6a772d1d20f7f9 7430bdc8ff73fd12672289b82cc308c30b9125b849bce9ab60842123bef39055
GET /js/videojs.stm.5.min.js?0.358530190504421 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1c25"
expires: Thu, 06 Jun 2024 02:16:55 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 95 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash9fad1a1e8d4bf92d4c13d15b2fe728e1 51761832d6a688b8504de755cf7874447bca27e5 29b942378b3c43989e73a4587cbe0dc95308902f21cfc468162e862ee5202817
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 02:16:56 GMT
expires: Tue, 07 May 2024 02:16:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| disclosestockingsprestigious.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js | 172.240.108.68 | 200 OK | 30 kB |
URL GET HTTP/1.1disclosestockingsprestigious.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6313d4d8ca7880cdd6fb6d547144c393 9980ab32dd7a65a57a6ffbf2e3d5f6fae44d37de 19eed203533d00445e9bf4c9b931354b46703a1f6222a32bec35982fa4e26f71
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9731d9935331fb3f925f78874a61ea27
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 648 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40BSo1EO1EoqciTCmYzoyeUABHbQpNyIbJd8FHZolKXiPKm9wtWY3WlGRzMSbTuZ55vqQILXBdMl%2FDmkVXZlErNnK24nFOKAmxRF9QkqSR0e1xudJdapb2BDKkr4cMLxePCN3jWcADg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f63d30b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.11.207 | 200 OK | 77 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.11.207:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e80bc97184233e851a810f5c87dfc70d
cdn-cache: HIT
cf-cache-status: HIT
age: 118970
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5fa2d4bb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 104.22.70.197 | 200 OK | 7.3 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (360), with no line terminators Hash48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeCbB0600BKxz8uKGzIyWHW9IG2Pdqs2cEY5Huikq9nAOXbaddu%2BRI4TAtasdhVmSBS9rLEKtBFJDVimn57rVATunyps3aptI5O3HUmwoiTJgS17qUnEp%2BbPdY8TAbNhuesL2hAN"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8be78abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 7.1 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashc1555c052dde7c63577b65ee2e032228 d3edbfc34af2949d589c6b978d7f3505d259def1 6355368aaf575ec49fad1013f7b100d3b4af0e08aa190538daaa7e1966141c31
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbgamhF%2Fsrcu%2Fmkkw4BSM7qyCBCDmNdVqB5Kc8Q82T%2FLCi86JMrzGSaTyNb1tx0TEWAV%2BXA%2BvMZWR2i7aRUvfgsVHxl9%2FBl8QIFiO5XGK9pM5XtgultmjdLpxrwR7LVmVMJfblrDchw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f61d21b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 104.22.70.197 | 200 OK | 9.6 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (645), with no line terminators Hashca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zevOTF4Amsd%2FgMHdKS%2Fp3BFQnRUXIk9p7HKhiwdmhgSv005XkiwbM4%2BTYzx0moC6Y21RfpQ4v75M1Byb%2BMQI9Fh5qMBzR5b6wH0u0PF%2FftrUDfhrVQpLqkQ%2BnewfFvG9sK%2F4gX1%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8be79abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashe755aa50ab78ba623dcbad842a86600f ee172e9db5eb7bc1fd1235f41adca0e2ff5c8f83 331febd7074f284cd9c5333a4f27b9d2884e7bb91f71113de8b7309c3abbb756
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: uid_id2=3f5271ee-0a34-4a50-bde1-cf51f32b6171:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 6.5 kB |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hash97b069debedfcd78ac78df47d89f84be e218fa010d50b99f423f0593768612efc98c27b4 4ebb424eea62542d3a0f4c5ea3255acd7c62a5efdd112d6b2958eb81b26a21d5
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPEbjaJvyXTc0wQ68wr8wMVAvNe%2FepUBXi6wrT1mwAqq%2FX0%2BWKd5%2FQOpSUdjHBe8wa%2FATjmXGXVN9mJOfNF8iXyVQyTSVdOw8F5hNqkCbc8OUTiaCkZyU4yU8eFGcHLSj3EHCssGdSY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f9e9a7568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6c4b468bae6d853403145f12c604c428
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 02:16:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FcBAUmFQmougpJFR9iGC2d0NOrQJFQMSjsIqDVrnzI3DmtewGek5vs8j9Wjeoqaml4szSi%2BaevTd5N8ag0DIS55wh1fYeXRy8u7ENNyjYzw5CXRreW9sY%2BAhRVWyEV31WiWiljBGj2eI0q6wrA7gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb5facd1456aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| disclosestockingsprestigious.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHuNBFMR1D4oIAyIqLJPunpmeGfcQdjeJBONm3V1RUJDqrupJmequpqp%2FJnMKBmRvjl689nyTbFAXdS960VUnC4oBIeMpB3Pz4GnBhT3LjGGDD7rfe%2FV9Bd%2F7Xn00zI6Ji4weLb6h%2BkJKOt%2Bs2dWX33Gc89VVEWe9aq%2Ftve81zld1%2FmrHq9mvVF%2FjwYaad23Hth3bqS4LzUPVm5%2BCEMmtjlPr2LWGW3OaDfT0%2F3uTWTDUAsuPyRkINpm7a52FCMaIo28WudlIVXJuKcokTZVGzvbeijdiVcSITstQWwjjvRM2lDlcvgMV787kQuUPib6YEOuXO%2FDjvROR8POdmU5fgsfw2eMo8jG4HEPQMQK1DcEOCRAwXF5DHN28rHRBN%2F9D6RSdkLkH9yGKCZn78yzi6KuLUvSq15TMUqFig15YQvTGEN0xkmwfab8CUewjSD%2BEYL%2BT%2BQeriKOdNSMVBCtnswsxhgjHkHwAaixk009YyEILWWIhYkfVwHGcls0Carc7QVBnLe57zHZoK3SoY3ttZMFU3gBpMkAgBwj0FhK9hQ3xyWHzDHT2E8x6CcMsmHRCrDe3kLMSBScoDEFBCQpBUKQERV7uMmlcU95k0mS%2Bc5Ldk1wvRyrtDumuSrs8JqB6AM3KYXJMnppaZL1QcbHBj6oha9i%2B13ap3eQNSsNGu8Pcjmc79aZNqefBiBLCVGZT98WEvBh%2Bh0RMyBO%2FEvh0H0buIxBPg2bPgxYl6HqJfvx1REVcywVTfVqLeQqmSiTpHNJNayiPyXOzPa1tG%2FDgYOGfS88%2B9v0FhkCXSHSJD8Rdgq68MbqqCrJzVRWG3F5LUhGJPp3u8FpKU%2F7oF6%2FzzUJptrJoBp9fCKbAtLx1nZt0lcZMxF1DvrwoGON6WemAkx9WzNvcv5KZ9YuZjrNk9cql5ZUo0dwYoeIxqDhc%2BgyBmJAnf3xv9jjPvfsXhB5DZyWi7ICcBITaR5BswSQHC%2Fdeuo5727dhFIGWpxw%2FsVBk5Ui7%2FumhFASSn%2FbUL2H4wcLf979dGv72M3z%2B0I6RptPbVJRDcwNdXQFNtxFHJXJdIpclqBzAZI%2BM0kQfLPxRnwV8WRn5Uld2fKnlpzOTp78MRhxVW%2FW6Tb1O02m1KG%2F5Dbcdeg6j1G14rufROlIzCTsfP%2FMvAAAA%2F%2F8BAAD%2F%2F4oKlIB2BAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHuNBFMR1D4oIAyIqLJPunpmeGfcQdjeJBONm3V1RUJDqrupJmequpqp%2FJnMKBmRvjl689nyTbFAXdS960VUnC4oBIeMpB3Pz4GnBhT3LjGGDD7rfe%2FV9Bd%2F7Xn00zI6Ji4weLb6h%2BkJKOt%2Bs2dWX33Gc89VVEWe9aq%2Ftve81zld1%2FmrHq9mvVF%2FjwYaad23Hth3bqS4LzUPVm5%2BCEMmtjlPr2LWGW3OaDfT0%2F3uTWTDUAsuPyRkINpm7a52FCMaIo28WudlIVXJuKcokTZVGzvbeijdiVcSITstQWwjjvRM2lDlcvgMV787kQuUPib6YEOuXO%2FDjvROR8POdmU5fgsfw2eMo8jG4HEPQMQK1DcEOCRAwXF5DHN28rHRBN%2F9D6RSdkLkH9yGKCZn78yzi6KuLUvSq15TMUqFig15YQvTGEN0xkmwfab8CUewjSD%2BEYL%2BT%2BQeriKOdNSMVBCtnswsxhgjHkHwAaixk009YyEILWWIhYkfVwHGcls0Carc7QVBnLe57zHZoK3SoY3ttZMFU3gBpMkAgBwj0FhK9hQ3xyWHzDHT2E8x6CcMsmHRCrDe3kLMSBScoDEFBCQpBUKQERV7uMmlcU95k0mS%2Bc5Ldk1wvRyrtDumuSrs8JqB6AM3KYXJMnppaZL1QcbHBj6oha9i%2B13ap3eQNSsNGu8Pcjmc79aZNqefBiBLCVGZT98WEvBh%2Bh0RMyBO%2FEvh0H0buIxBPg2bPgxYl6HqJfvx1REVcywVTfVqLeQqmSiTpHNJNayiPyXOzPa1tG%2FDgYOGfS88%2B9v0FhkCXSHSJD8Rdgq68MbqqCrJzVRWG3F5LUhGJPp3u8FpKU%2F7oF6%2FzzUJptrJoBp9fCKbAtLx1nZt0lcZMxF1DvrwoGON6WemAkx9WzNvcv5KZ9YuZjrNk9cql5ZUo0dwYoeIxqDhc%2BgyBmJAnf3xv9jjPvfsXhB5DZyWi7ICcBITaR5BswSQHC%2Fdeuo5727dhFIGWpxw%2FsVBk5Ui7%2FumhFASSn%2FbUL2H4wcLf979dGv72M3z%2B0I6RptPbVJRDcwNdXQFNtxFHJXJdIpclqBzAZI%2BM0kQfLPxRnwV8WRn5Uld2fKnlpzOTp78MRhxVW%2FW6Tb1O02m1KG%2F5Dbcdeg6j1G14rufROlIzCTsfP%2FMvAAAA%2F%2F8BAAD%2F%2F4oKlIB2BAAA IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHuNBFMR1D4oIAyIqLJPunpmeGfcQdjeJBONm3V1RUJDqrupJmequpqp%2FJnMKBmRvjl689nyTbFAXdS960VUnC4oBIeMpB3Pz4GnBhT3LjGGDD7rfe%2FV9Bd%2F7Xn00zI6Ji4weLb6h%2BkJKOt%2Bs2dWX33Gc89VVEWe9aq%2Ftve81zld1%2FmrHq9mvVF%2FjwYaad23Hth3bqS4LzUPVm5%2BCEMmtjlPr2LWGW3OaDfT0%2F3uTWTDUAsuPyRkINpm7a52FCMaIo28WudlIVXJuKcokTZVGzvbeijdiVcSITstQWwjjvRM2lDlcvgMV787kQuUPib6YEOuXO%2FDjvROR8POdmU5fgsfw2eMo8jG4HEPQMQK1DcEOCRAwXF5DHN28rHRBN%2F9D6RSdkLkH9yGKCZn78yzi6KuLUvSq15TMUqFig15YQvTGEN0xkmwfab8CUewjSD%2BEYL%2BT%2BQeriKOdNSMVBCtnswsxhgjHkHwAaixk009YyEILWWIhYkfVwHGcls0Carc7QVBnLe57zHZoK3SoY3ttZMFU3gBpMkAgBwj0FhK9hQ3xyWHzDHT2E8x6CcMsmHRCrDe3kLMSBScoDEFBCQpBUKQERV7uMmlcU95k0mS%2Bc5Ldk1wvRyrtDumuSrs8JqB6AM3KYXJMnppaZL1QcbHBj6oha9i%2B13ap3eQNSsNGu8Pcjmc79aZNqefBiBLCVGZT98WEvBh%2Bh0RMyBO%2FEvh0H0buIxBPg2bPgxYl6HqJfvx1REVcywVTfVqLeQqmSiTpHNJNayiPyXOzPa1tG%2FDgYOGfS88%2B9v0FhkCXSHSJD8Rdgq68MbqqCrJzVRWG3F5LUhGJPp3u8FpKU%2F7oF6%2FzzUJptrJoBp9fCKbAtLx1nZt0lcZMxF1DvrwoGON6WemAkx9WzNvcv5KZ9YuZjrNk9cql5ZUo0dwYoeIxqDhc%2BgyBmJAnf3xv9jjPvfsXhB5DZyWi7ICcBITaR5BswSQHC%2Fdeuo5727dhFIGWpxw%2FsVBk5Ui7%2FumhFASSn%2FbUL2H4wcLf979dGv72M3z%2B0I6RptPbVJRDcwNdXQFNtxFHJXJdIpclqBzAZI%2BM0kQfLPxRnwV8WRn5Uld2fKnlpzOTp78MRhxVW%2FW6Tb1O02m1KG%2F5Dbcdeg6j1G14rufROlIzCTsfP%2FMvAAAA%2F%2F8BAAD%2F%2F4oKlIB2BAAA HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37e5382c84da00fb81a9385d6a28ec11
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHUkgmU8qkmU%2FK7%2BFSRX3zRpCHb5lvG2Dn70jf1%2Fxyj%2FvE13Fkuq0RvkdfSQ2IIZEoWrZ93zByFCjqqbyynBI8YJ%2BroacpjHwufn%2BA6H2zVFQ9zoef5CuNfVgUzznRfAxZdS%2BT5XMPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f9a994568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4560h2v9104348843za200&_p=1715048215626&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1706841748.1715048217&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1715048216&sct=1&seg=0&dl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2216 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4560h2v9104348843za200&_p=1715048215626&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1706841748.1715048217&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1715048216&sct=1&seg=0&dl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2216 IP216.239.32.36:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je4560h2v9104348843za200&_p=1715048215626&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1706841748.1715048217&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1715048216&sct=1&seg=0&dl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2216 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.videzz.net
date: Tue, 07 May 2024 02:16:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xmlclick.adcannyxml.com/nrtb/click?bid=-KQ3wEYaHngB25B2LWWFU01StA6ZlywXuY1o0V4EmoALXLsw8UuefDeJAfjzI-Tf_0_9
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 732 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with very long lines (316) Hash6406e5c4b795cf549addfd9ea6310533 3b861d3b57d9d29ded3e97415de00c1318a30dd2 c08b0b7ae14b8d7271c32d8537b10b345e1a65a8fd1150f4e4a7a174a6ac0d8b
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FEbO8O9uoiy%2Fbgk7yx1jdVIQXLfNM2zias1prLIBiDOacB2RU8A2QA%2FDGIM29pH%2BGRz6SYXf700LynX03nGviMYRqIvlAJkwhFVQ7KBsuWSlqetVVVXn7tpvL4K9EI7eUfGAa9QV1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5fa09ad568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PfO1IDLcXFJ3pa7OEKI26EXrPHmMOxhC7atdp9caGRaCUekNrssW6IeiFcH2myUQoO1Nyt5mdBxFcz%2Bsd56Y2OFHN8%2FhZTqu4upKMx6lmHqd%2BNFugCIr1GihXCy4YoO6a60KtIeI8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5fa89e0568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1706841748.1715048217>m=45je4560h2v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=328770420 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1706841748.1715048217>m=45je4560h2v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=328770420 IP142.250.74.163:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1706841748.1715048217>m=45je4560h2v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=328770420 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 02:16:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjtkMbbil9oEsJsriX8sG57PIkHOCkKAbUqQw25pdOiuJxE80UM8B0WMu%2B%2Bp%2BLViOUjyy4nJfsjalHY8pI6cmhkZYzdu8%2BtbUobDDH%2B9pESYE5X0kWb2wWjduvFpz8SxWylFdcPz3dY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5fa29bb568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xml-click-oax.adstork.com/nrtb/click?bid=MeBBR0i7MlDnb6EHMOwLJmsvhDsDC58YhQMA86_8VT2RTFNYWwaJ-j5oNWaxLr5U_0_42
|
|
| disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=666 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=666 IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=666 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js | 104.17.25.14 | 200 OK | 5.1 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP104.17.25.14:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17660) Hash12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 450649
expires: Sun, 27 Apr 2025 02:16:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V76b3AZUcrZFJCthqm7JltlUAgQ2fMLnAyGFxRfPEANRoRNCUngBo%2FeA9uZp1xROyGOTC0XgeBgkKjgPXAPJ9PyFlJCYarlC%2BJem2gIqFwkRbyEEIPbnCBIu8aS4vzzWGpmXYyPB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87fdb6021d90712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif | 188.114.97.1 | 200 OK | 206 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeGIF image data, version 89a, 480 x 360 Size206 kB (206291 bytes) Hash0b33face774f2203446507ce5f075538 1dd3522529bce7739df0687f47f5bc84356698a0 ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2
GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:57 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 545844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlF5noIw3rjPPee0dLMH%2F%2F8qqq%2Fg2%2BhMa9dFXSRLzK5%2FwTBDCQS7%2BGu%2BKtUCBSGlNserstpnf4CgowoZSD%2BddL56cxzy7IWY4ZVyk3gZQxRo3DmCxJgP9hfz9JvZQ9QiKxM%2BlUKdR1Jy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60218eb56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xmlclick.adcannyxml.com/nrtb/click?bid=-KQ3wEYaHngB25B2LWWFU01StA6ZlywXuY1o0V4EmoALXLsw8UuefDeJAfjzI-Tf_0_9 | 23.226.122.79 | 302 Found | 55 B |
URL GET HTTP/2xmlclick.adcannyxml.com/nrtb/click?bid=-KQ3wEYaHngB25B2LWWFU01StA6ZlywXuY1o0V4EmoALXLsw8UuefDeJAfjzI-Tf_0_9 IP23.226.122.79:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerUnizeto Technologies S.A. Subject*.adcannyxml.com Fingerprint94:3C:B1:37:BD:FA:9C:E1:1E:F4:57:BB:30:0F:66:33:53:31:41:24 ValidityMon, 18 Mar 2024 07:29:56 GMT - Tue, 18 Mar 2025 07:29:55 GMT
File typeHTML document, ASCII text Hash397f81a4f18e04a060c75e5b71f7cee1 557f585b9711a7f867cff5a443ed2bce8eefcf8b bb44fc266d7d490de9db213118e1a22f9edf87f963b26ba9a02e923a9b5a4b1f
GET /nrtb/click?bid=-KQ3wEYaHngB25B2LWWFU01StA6ZlywXuY1o0V4EmoALXLsw8UuefDeJAfjzI-Tf_0_9 HTTP/1.1
Host: xmlclick.adcannyxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
content-length: 55
location: https://t.bawixi.xyz/1/?zid=9776
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 | 188.114.97.1 | 206 Partial Content | 34 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash69e52ff16a779d8ab66a1156cc50ab23 27f8897a2acc3bcfd319c267d137aaa4650fb3c5 2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61
GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 07 May 2024 02:16:57 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 545835
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M50sWpiEoe67ythOJPPJRbwDtaoiNywkH58kVa8R0BYJ6R9CZSSP%2B7o5XrJUiKS%2BdqUHhVSwkvYEx%2FostKtQ%2BGrkUyZH0SpuXbSxs4tIGi6fGLICe%2FclTm4jOKQGiY5zIcFzfiXLN0uk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60238f956cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiN2FzeDN5ejIzbGl4MDQzZm53eXEzIn0sImV4dCI6eyJkdCI6MTcxNTA0ODIxNzY0MH19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiN2FzeDN5ejIzbGl4MDQzZm53eXEzIn0sImV4dCI6eyJkdCI6MTcxNTA0ODIxNzY0MH19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiN2FzeDN5ejIzbGl4MDQzZm53eXEzIn0sImV4dCI6eyJkdCI6MTcxNTA0ODIxNzY0MH19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Tue, 07 May 2024 02:16:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=1144409305770136267&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=a0e4d0faae6e1541371b706c55b10cc0&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 104.22.70.197 | 200 OK | 1.2 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1108), with no line terminators Hash0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVqM0CD7r%2FEPX9vu6oldgZRODqJF1mPQZx0I9rZKSi17p30EDfSMf%2Bans0A7nlF8tWG3G9%2FFdGpaHcrg6wOSoBzqD7%2BgJgEhtEqYHN8HaR6Hb7mE8M84%2Fo7gIOmGBROz2fM%2FNJH5"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8be7cabcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQLVOXnmyo27hsH6P747P%2BmRYfMx9WqkSjYS%2FKIR%2Bw%2BGallURXSSHm25xmfjnW7IKelKfovUf24hhfgXTiIIFQF69sVWzPCDptpsux%2FidhllKKDr6p7OorehjUlEpNiI2lMKT7P%2BZTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5fac9fa568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dog.seetron.net/api/users/424503?host=www.videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 | 135.181.208.216 | 200 OK | 603 B |
URL GET HTTP/2dog.seetron.net/api/users/424503?host=www.videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typegzip compressed data, from Unix Hashce281bc7de61c9e919d904b44fb3dc30 2a1f37b60f1b8300fcdfae466618f62883150183 8f2a6daa996d6fa2c44b38f67d52a8fa2a948bcee98505319d6b9e682db90b56
GET /api/users/424503?host=www.videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:57 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=UBVqlbQ7LA6K8QjcCHHA; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels= | 109.206.175.252 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels= IP109.206.175.252:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.0=1; expires=Wed, 08 May 2024 02:16:58 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css | 188.114.97.1 | 200 OK | 5.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash49a38187f94418e173e4bcc50c96dc4b b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293 92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0
GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ceP1qLOhByYblsTfrxZfGFR5OPThhWKUMTLcVqmQKHbY7T%2FjRpMOK%2B2uSdxtU06kfi3%2FjXBQtPqaRQH3bzRpJwJBS6KWFgp4HtKeIEPKG0hKY9PVXegRukEB452fR9jS1OABJpK9t7tB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb601c8d656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ossgogoaton.com/tag.min.js | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/2ossgogoaton.com/tag.min.js IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectossgogoaton.com FingerprintDE:B3:2A:B0:2A:4A:C3:F8:A3:3F:5B:C6:96:E6:F1:41:55:B4:87:1E ValiditySat, 04 May 2024 10:37:16 GMT - Fri, 02 Aug 2024 10:37:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hashb84d3d901b49988e405238852b2988f4 31b40df70a927128fa95a1faea54401b2ede9820 87a87959a6bf36f96a04239692cbb20f2322789c597fcfef5f350544c2863f6a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 9aea81d191b9a6c72c7edfeae6ae54db
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:58:54 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 07 May 2024 20:56:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 19249
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hG%2BUM6Kk6Qdx%2BybQDYt0ijI97p6S6IoBmREE36jPROo77b6W8UV%2FK%2BnioNSYz2%2B7WZijt4Op8llI3ntlgZ2qX6mS9MjNFEUPXzOueSN44v0X%2Bm2A%2BjJSkQkk2L%2BJ6Aondc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6035c7256b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=405 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=405 IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=405 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 233301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t.bawixi.xyz/1/?zid=9776 | 188.114.96.1 | 200 OK | 352 B |
IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbawixi.xyz FingerprintAF:9E:B4:BC:30:9E:5D:F1:48:C5:77:67:A5:95:F2:70:E6:E5:A8:91 ValidityThu, 14 Mar 2024 01:23:09 GMT - Wed, 12 Jun 2024 01:23:08 GMT
File typeHTML document, ASCII text, with very long lines (438) Hash898192419bc88c1e79db7ca558090847 8059213b9c60570107ca3ba32872dbbf0135e317 1a2db7cd57586b6a1341c4aca787cb6a719069605a562a5d7beff30252bff147
GET /1/?zid=9776 HTTP/1.1
Host: t.bawixi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2RcchtgToTlfWVXEOOiuTtbpLhQ8cewBgIvBp512txCTfsv9HMi9abSdALvxSJ9fxAHH80Vl7o52Qs9%2FcroGI%2FfzCMsftmZcvWx4XJVupNH3z8RX5HW7jiRdfhV%2FrI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60348010b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiN2FzeDN5ejIzbGl4MDQzZm53eXEzIn0sImV4dCI6eyJkdCI6MTcxNTA0ODIxODI3NH19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiN2FzeDN5ejIzbGl4MDQzZm53eXEzIn0sImV4dCI6eyJkdCI6MTcxNTA0ODIxODI3NH19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxOTUyNTEzMTgyIiwic3NwIjozNzU4LCJzcG90X2lkIjo1NTg3MjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTU4NzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiN2FzeDN5ejIzbGl4MDQzZm53eXEzIn0sImV4dCI6eyJkdCI6MTcxNTA0ODIxODI3NH19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Tue, 07 May 2024 02:16:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=3819960005354121961&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ebe160c7722e086fd9955aed08cbe992&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=3f5271ee-0a34-4a50-bde1-cf51f32b6171&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=3f5271ee-0a34-4a50-bde1-cf51f32b6171&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=3f5271ee-0a34-4a50-bde1-cf51f32b6171&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6406cab323f411ee809de90eb6432e55
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 433318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html | 172.67.74.218 | 200 OK | 481 B |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html IP172.67.74.218:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash988cd00695890a395de736ef1f43180a fc35045adb5a0bb89e9150574db517cffb44b0c9 100f83963832c14a85c4d7095f0279b0962b83ee6323481ece9b1b2b39515036
GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:57 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LoNfTtjI8wfgRuXl3h4ZDUJTKBnWUcMSZgizhbnamkGmk59PTglEmWcKVWDERWMjD59t6N%2BafyCfQDKoseFwjrmVOydk4GR0o4yaX%2FD2KxxHgzVZ8nkwx3TIKVafZ5RjmE3GjCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb5fd0abb569b-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=408 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=408 IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=408 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| disclosestockingsprestigious.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHuNBFMR1D4oIAyIqLJPu%2BcuMewj7FwnGzbq7oqAg1VXVkzLVXU1V1%2FRkTsGA7M3Ri9eeb5IN6qLuRS%2B66mRBMSBkPOVgbh48LbiwZ5kxbPBB93uvvq%2Fge9%2Brj4buiFTh6OHFN3RfKkXnGxW%2F%2FPI7QXC2vCIT1yv3Ws33m%2FWzZdN9td2s%2BK%2BUXxNsXc9X%2FcD3Az8oL0kjIt2bn4KQ6a12UGn7lXq1EjTq6Jn%2F99Z5sNQD7x6RU5B8MnfXOw3Jxkjiby4Ku57p9Myl2CmaaYMu330rWU90niA%2BKSPjIUp2j9nQ9mDpDnSyM5ML3X1IDOWEeL%2FcQZjsHotE2N2e6QwVRIKQP468O4ZQY0g6BtNbkPyAAIzj8iqS%2BOZlbXK68R9Kp%2BiEzD24D5lPyNyfp5HEX51Xsle%2BppXLpE4selEB2RtDdsZI3R6yfgky3wPLPoTkv5P5BytI4u1VqzQkL2azSzmGjMZQYgBqPbjpJz24yINLPcT8sMyCIFjwOaN%2Bq81YjS%2BIsMn9gC5EAQ38ZguOTeUNkKUDMDUAM5tIzSbW5ScHjVMw7ifYtQKWe7DZhHhvbqLLC%2BSCILcEOSXIJUGeEeTdYocrW7XFTa6sC4PjXD3OtWKks86Q7uisIxICagYwvBimR%2BSpqUXeC6Uq1sVhOeJ1P2y2qtRviDqlUb3V5tV20w9qDZ%2FSZhNWFpC2NJu6Lyfkxeg7pHJCnviVIKR7sGoPTD4N6p4HzQvQtQL95OuYyqTSlVz3aSURGbgukGZzyDa8oToiz832tLplIdj%2B4j8Xnn3s%2B3MczBRITYEP5F2Cjroxuqpzsn1V55bcXk0zGcs%2Bne7wWkYz8egXr4uNXBu%2BfNEOPj%2FHpsC0vHVd2GyFJlwmHUu%2BPC85F2ZJGybID8v2bRFecXbtvDOJS1euXFhajlMjrJU6GYPKg0ufgckJefLH92aP88y7f0GaMYwrELt9chyQeg8s3YRN9xfvvXQd97Zuw2oCo044Yeohd8XIVMOTQyUJlDjpaVjAiv3Fv%2B9%2Fe2n4288IxUM7RoZOb1NZDO0NdEwJNNtCEhfomgJdVYCqAax7ZJSlZn%2Fxj9osEKrSKFSmtB0qoz6dmTz9OVh5WK75fCEUkVgIRb1RjwTjYaMR%2BixiYY23WgyZnUTtj5%2F5FwAA%2F%2F8BAAD%2F%2FwreQWh2BAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHuNBFMR1D4oIAyIqLJPu%2BcuMewj7FwnGzbq7oqAg1VXVkzLVXU1V1%2FRkTsGA7M3Ri9eeb5IN6qLuRS%2B66mRBMSBkPOVgbh48LbiwZ5kxbPBB93uvvq%2Fge9%2Brj4buiFTh6OHFN3RfKkXnGxW%2F%2FPI7QXC2vCIT1yv3Ws33m%2FWzZdN9td2s%2BK%2BUXxNsXc9X%2FcD3Az8oL0kjIt2bn4KQ6a12UGn7lXq1EjTq6Jn%2F99Z5sNQD7x6RU5B8MnfXOw3Jxkjiby4Ku57p9Myl2CmaaYMu330rWU90niA%2BKSPjIUp2j9nQ9mDpDnSyM5ML3X1IDOWEeL%2FcQZjsHotE2N2e6QwVRIKQP468O4ZQY0g6BtNbkPyAAIzj8iqS%2BOZlbXK68R9Kp%2BiEzD24D5lPyNyfp5HEX51Xsle%2BppXLpE4selEB2RtDdsZI3R6yfgky3wPLPoTkv5P5BytI4u1VqzQkL2azSzmGjMZQYgBqPbjpJz24yINLPcT8sMyCIFjwOaN%2Bq81YjS%2BIsMn9gC5EAQ38ZguOTeUNkKUDMDUAM5tIzSbW5ScHjVMw7ifYtQKWe7DZhHhvbqLLC%2BSCILcEOSXIJUGeEeTdYocrW7XFTa6sC4PjXD3OtWKks86Q7uisIxICagYwvBimR%2BSpqUXeC6Uq1sVhOeJ1P2y2qtRviDqlUb3V5tV20w9qDZ%2FSZhNWFpC2NJu6Lyfkxeg7pHJCnviVIKR7sGoPTD4N6p4HzQvQtQL95OuYyqTSlVz3aSURGbgukGZzyDa8oToiz832tLplIdj%2B4j8Xnn3s%2B3MczBRITYEP5F2Cjroxuqpzsn1V55bcXk0zGcs%2Bne7wWkYz8egXr4uNXBu%2BfNEOPj%2FHpsC0vHVd2GyFJlwmHUu%2BPC85F2ZJGybID8v2bRFecXbtvDOJS1euXFhajlMjrJU6GYPKg0ufgckJefLH92aP88y7f0GaMYwrELt9chyQeg8s3YRN9xfvvXQd97Zuw2oCo044Yeohd8XIVMOTQyUJlDjpaVjAiv3Fv%2B9%2Fe2n4288IxUM7RoZOb1NZDO0NdEwJNNtCEhfomgJdVYCqAax7ZJSlZn%2Fxj9osEKrSKFSmtB0qoz6dmTz9OVh5WK75fCEUkVgIRb1RjwTjYaMR%2BixiYY23WgyZnUTtj5%2F5FwAA%2F%2F8BAAD%2F%2FwreQWh2BAAA IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuHuNBFMR1D4oIAyIqLJPu%2BcuMewj7FwnGzbq7oqAg1VXVkzLVXU1V1%2FRkTsGA7M3Ri9eeb5IN6qLuRS%2B66mRBMSBkPOVgbh48LbiwZ5kxbPBB93uvvq%2Fge9%2Brj4buiFTh6OHFN3RfKkXnGxW%2F%2FPI7QXC2vCIT1yv3Ws33m%2FWzZdN9td2s%2BK%2BUXxNsXc9X%2FcD3Az8oL0kjIt2bn4KQ6a12UGn7lXq1EjTq6Jn%2F99Z5sNQD7x6RU5B8MnfXOw3Jxkjiby4Ku57p9Myl2CmaaYMu330rWU90niA%2BKSPjIUp2j9nQ9mDpDnSyM5ML3X1IDOWEeL%2FcQZjsHotE2N2e6QwVRIKQP468O4ZQY0g6BtNbkPyAAIzj8iqS%2BOZlbXK68R9Kp%2BiEzD24D5lPyNyfp5HEX51Xsle%2BppXLpE4selEB2RtDdsZI3R6yfgky3wPLPoTkv5P5BytI4u1VqzQkL2azSzmGjMZQYgBqPbjpJz24yINLPcT8sMyCIFjwOaN%2Bq81YjS%2BIsMn9gC5EAQ38ZguOTeUNkKUDMDUAM5tIzSbW5ScHjVMw7ifYtQKWe7DZhHhvbqLLC%2BSCILcEOSXIJUGeEeTdYocrW7XFTa6sC4PjXD3OtWKks86Q7uisIxICagYwvBimR%2BSpqUXeC6Uq1sVhOeJ1P2y2qtRviDqlUb3V5tV20w9qDZ%2FSZhNWFpC2NJu6Lyfkxeg7pHJCnviVIKR7sGoPTD4N6p4HzQvQtQL95OuYyqTSlVz3aSURGbgukGZzyDa8oToiz832tLplIdj%2B4j8Xnn3s%2B3MczBRITYEP5F2Cjroxuqpzsn1V55bcXk0zGcs%2Bne7wWkYz8egXr4uNXBu%2BfNEOPj%2FHpsC0vHVd2GyFJlwmHUu%2BPC85F2ZJGybID8v2bRFecXbtvDOJS1euXFhajlMjrJU6GYPKg0ufgckJefLH92aP88y7f0GaMYwrELt9chyQeg8s3YRN9xfvvXQd97Zuw2oCo044Yeohd8XIVMOTQyUJlDjpaVjAiv3Fv%2B9%2Fe2n4288IxUM7RoZOb1NZDO0NdEwJNNtCEhfomgJdVYCqAax7ZJSlZn%2Fxj9osEKrSKFSmtB0qoz6dmTz9OVh5WK75fCEUkVgIRb1RjwTjYaMR%2BixiYY23WgyZnUTtj5%2F5FwAA%2F%2F8BAAD%2F%2FwreQWh2BAAA HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2fc4a62f9e062b5e7cf5beb925c16732
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| latest-557263.vgntexr2l.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715048160000-10430 | 206.54.181.250 | 200 OK | 359 B |
URL GET HTTP/1.1latest-557263.vgntexr2l.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715048160000-10430 IP206.54.181.250:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subject*.vgntexr2l.ru Fingerprint88:E4:F5:CB:28:8B:FA:CF:EC:FB:82:BC:38:3C:83:51:01:1F:4B:0C ValidityMon, 06 May 2024 13:14:04 GMT - Sun, 04 Aug 2024 13:14:03 GMT
File typeHTML document, ASCII text Hash5f7a2f2b5820d57531a2be1e024bb6c2 b34176715472954fa763ea699d9493a4908ada3d ac0a44ab08600cba41e57e77f445bf2ddbcea3839156bda00be534a6123c41a4
GET /click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715048160000-10430 HTTP/1.1
Host: latest-557263.vgntexr2l.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
set-cookie: clickId_557263=1715048160000-217; path=/; samesite=none; secure; httponly
date: Tue, 07 May 2024 02:16:58 GMT
connection: close
transfer-encoding: chunked
|
|
| disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=421 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=421 IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=421 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| mcpuwpsh.com/popunder/in/click/?mid=3819960005354121961&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ebe160c7722e086fd9955aed08cbe992&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=3819960005354121961&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ebe160c7722e086fd9955aed08cbe992&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=3819960005354121961&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=ebe160c7722e086fd9955aed08cbe992&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Tue, 07 May 2024 02:16:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=0080553b92224207e797375709a679b7 |  139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080553b92224207e797375709a679b7 IP139.45.195.8:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash4bad063fc959ff6ad124da7e3060af9e 91769f7c32fb3070b0842fa44703b613cbd1af33 c1d8a8c12b0fc3dfa8ed8ed23560d7f9e1602f203b6699ba20df538aed157d8e
GET /gid.js?userId=0080553b92224207e797375709a679b7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080553b92224207e797375709a679b7; expires=Wed, 07 May 2025 02:16:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/9J/Mr.jpg | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3porn13.com/thumbs/AA/9J/Mr.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectporn13.com Fingerprint58:FC:38:73:36:76:B0:01:FD:A4:8D:7A:C1:D7:76:23:7F:55:F6:2A ValidityMon, 11 Mar 2024 02:37:58 GMT - Sun, 09 Jun 2024 02:37:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 352x236, components 3 Hash216873c1c07519bdf845f887e8d47bc4 08122edef6e704341b1ffd5c9c6c64a1301e44e7 d90dbde33940dc7c9cad89f5834c301accdaaaf6bbaad0130b56aa58911c8e27
GET /thumbs/AA/9J/Mr.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: image/jpeg
content-length: 53837
last-modified: Fri, 19 Aug 2022 16:07:33 GMT
etag: "62ffb545-d24d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 550223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCMs19OEJ9Lyk4pvQqw0grEeFvpfF%2BzMfHSQvXrgLeuzYX65L6%2B83nkADVus1gqNTl%2FmA7CCshTrCgJRj70649R6ad0TLxLyfuK%2BvxEgbyDp6Avbm%2FlMUKVjfU%2BT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6089afc5687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Ug/ys.jpg | 188.114.96.1 | 200 OK | 27 kB |
URL GET HTTP/3porn13.com/thumbs/AA/Ug/ys.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectporn13.com Fingerprint58:FC:38:73:36:76:B0:01:FD:A4:8D:7A:C1:D7:76:23:7F:55:F6:2A ValidityMon, 11 Mar 2024 02:37:58 GMT - Sun, 09 Jun 2024 02:37:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x171, components 3 Hashbbcaf5cb7e0d9a078f7d2d62fb3aaad8 95ce03abf9618f05f521c48fe487bbdb7d06e5af 12414585deb56a9d483d9b23eea3a32dc04c1646385fc385b3edd78bc52b34c8
GET /thumbs/AA/Ug/ys.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: image/jpeg
content-length: 27104
last-modified: Fri, 19 Aug 2022 16:16:31 GMT
etag: "62ffb75f-69e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 554352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0aSOBp5XoUBfUQ%2F57nFUVbqXtUAF05tvtYkUfcyX83NEB%2Bk6aAI5gjYSAwcUedU3HEl81DF9cvOzk7G5G9uKPG%2BLi%2BXevd9cGSIatxidY6f8BJOjwjZS78RITK83"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb608ab005687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels= | 109.206.175.252 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels= IP109.206.175.252:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Cookie: 849.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.0=1; expires=Wed, 08 May 2024 02:16:59 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Montserrat+Alternates:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 21 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Montserrat+Alternates:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashf5105f23d3eebf1becd546b87494ba6e 5234e840f66c63264022245a09d2f44a45b3eb39 6905e1c3846154035baa412ff7f7246abb55f3e88a433865f0669c7592086d14
GET /css2?family=Montserrat+Alternates:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 02:16:58 GMT
date: Tue, 07 May 2024 02:16:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| hadesex.com/thumbs/AA/62/5w.jpg | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3hadesex.com/thumbs/AA/62/5w.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash1b417aaaccda6865698de32d8d9c2463 7db57373d18850a5f772a8387b01b162a9837081 4d7e546f8d9cc2e493b91d41d3f86fabd2fb4ab5c9de2b595193f1603c6c43e5
GET /thumbs/AA/62/5w.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 40360
last-modified: Wed, 10 Apr 2024 12:20:38 GMT
etag: "66168416-9da8"
expires: Thu, 30 May 2024 20:14:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540134
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cy0vAQpn513Bd0DQ5SHr0MWc1Lt8dt%2FCtVK06iP3ZT5%2Fm4TN1OjrevyzMFm5bIabswhHoRhakSNOJjV4%2F4R9%2BnkLm7S03EXv6l7dHIqtoW21H5gM1Yp%2BZXXKA997Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60acad9b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| topsites.hadesex.com/main.css?v=4.6 | 188.114.96.1 | 200 OK | 81 kB |
URL GET HTTP/3topsites.hadesex.com/main.css?v=4.6 IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeassembler source, ASCII text, with very long lines (1663), with CRLF line terminators Hash67a60fc3237cab1af285087013d3dfd7 361611ddf508c4caac1a36ae71b4aa78080421b6 9c2025fe9271763ec886f52dd6c8cff71c8b51c4029b302d7a44d32a4b2e8d09
GET /main.css?v=4.6 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 13:05:54 GMT
vary: Accept-Encoding
etag: W/"66168eb2-cece"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 7eea4ea1eb9f3a7193752d1932635b4a
cf-cache-status: HIT
age: 550222
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4M%2FQZvpbVEanjNTb3EiCV4qST1bBAuVQkLutoFKPPyvirkHjGep0Ob8G9TpFIyFRDgT4GDTdyBPjaqcHRq6swpAJaSueF1W5Dw4bWanrU%2FxARFrUjcRNH%2F1m5Prxz8aBiElThFYbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60829e9b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| losanalos.com/thumbs/AA/uv/eS.jpg | 188.114.96.1 | 200 OK | 48 kB |
URL GET HTTP/3losanalos.com/thumbs/AA/uv/eS.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlosanalos.com Fingerprint63:FB:8C:B1:C5:86:06:91:58:F7:EF:08:8E:39:64:F6:03:6F:10:F0 ValiditySun, 10 Mar 2024 17:52:00 GMT - Sat, 08 Jun 2024 17:51:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 27395x27382, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 1022x576, components 3 Hash59dae67198d1f5c90225f32b9053eff9 e3418b3baf85e60701d4a2be97ad3122395bc564 b6168fe47f08850f4df5fa8833104ae97195d407045ae26c15dd2f27252b4859
GET /thumbs/AA/uv/eS.jpg HTTP/1.1
Host: losanalos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 47509
last-modified: Tue, 14 Nov 2023 08:08:28 GMT
etag: "65532afc-b995"
expires: Thu, 30 May 2024 17:26:44 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxuRvjQ8S%2FlnXwgnh2R%2F4MVgCGUD2jnX4TWB8m8udmaSrtrDs%2FxroDpf8gooeBtbG%2FkKPynKuGtJJEgcSMeid%2FG0ZqWWeJPtqIsmWSXAeTARChw1tOKrL7wWhQsYcAv4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60baa39b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/Cu/pr.jpg | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3hadesex.com/thumbs/AA/Cu/pr.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hashcf6f01bb7bfe1f87557cc0dfdd27f500 bb34a1c93102a400c7c0da369aaf6ef7316da2a0 3dc1596e9305d5b070b3efac730fdf591b6f02c5eb74e966c4197ef8e79a727f
GET /thumbs/AA/Cu/pr.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 37047
last-modified: Wed, 10 Apr 2024 12:30:02 GMT
etag: "6616864a-90b7"
expires: Thu, 30 May 2024 20:32:39 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 539060
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cIyXkftDfPrWzo6gwGGA%2BYP5Goz%2BE5oSqnxecBYOiPRrm5u6Xouz1D3w9MMNKl%2F5Lx%2FD2nDWkOQ5N6wz6%2FQ52m2cRfczJiQpxMvLfffVSFRFp46ymAmHrmOI5O%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60b4b00b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jbdsm.com/thumbs/AA/ST/TF.jpg | 104.21.58.198 | 200 OK | 10 kB |
URL GET HTTP/2jbdsm.com/thumbs/AA/ST/TF.jpg IP104.21.58.198:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectjbdsm.com Fingerprint2B:BB:8E:8C:56:78:E5:1A:BC:92:22:23:75:89:BE:12:41:04:F2:82 ValiditySun, 17 Mar 2024 12:36:04 GMT - Sat, 15 Jun 2024 12:36:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashc5a9cc983d7d5875cb85fbee46480811 63e7860fbeae3c2aa07d2b98409591f130eabe86 3a925c9ffc86a9095f41b1806c3154900c2d13fad86a05e68534913858f41848
GET /thumbs/AA/ST/TF.jpg HTTP/1.1
Host: jbdsm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 10107
last-modified: Thu, 25 Apr 2024 12:48:01 GMT
etag: "662a5101-277b"
expires: Sun, 02 Jun 2024 00:25:14 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352305
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZtTx8R%2BgxJ1S20B2YfDsW3R446Hof1kukgtPEvQi1BrzBZkY6fhmE5oyACwUPsc66XI%2BoHV%2FbfwK9ZwBtsvlCelbXDG3IR%2BLKusc0V9t2vr%2FDnCacE%2Baih4AVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60c5c59b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jbdsm.com/thumbs/AA/1f/ib.jpg | 104.21.58.198 | 200 OK | 15 kB |
URL GET HTTP/2jbdsm.com/thumbs/AA/1f/ib.jpg IP104.21.58.198:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectjbdsm.com Fingerprint2B:BB:8E:8C:56:78:E5:1A:BC:92:22:23:75:89:BE:12:41:04:F2:82 ValiditySun, 17 Mar 2024 12:36:04 GMT - Sat, 15 Jun 2024 12:36:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash52562025f2c8d0ef9cbef815efda368f e1557178f387e5f5ae0bde78f62a437305f85abe 3ee412f1e15213020c7b37fa3e674ae324251bf7549a17f831942a71ee38cc23
GET /thumbs/AA/1f/ib.jpg HTTP/1.1
Host: jbdsm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 15043
last-modified: Thu, 25 Apr 2024 12:29:47 GMT
etag: "662a4cbb-3ac3"
expires: Sun, 02 Jun 2024 00:25:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352289
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46m0Sp4bRNqndwMyyG554IvlLLjruwW7T1tdmrTXmww8TT9b0Smc%2BLQngZgVB0sgYFTRkJi9ZnXzqdzizkrUaviGZpyQ4VZHJ2hri6JbOSpUFE0rVY2P0MWa0Wo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60c8c6ab4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/LJ/yT.jpg | 172.67.207.38 | 200 OK | 96 kB |
URL GET HTTP/2handjobxxx.com/thumbs/AA/LJ/yT.jpg IP172.67.207.38:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthandjobxxx.com FingerprintA0:93:30:B2:D9:96:39:C3:D4:47:03:A0:33:52:5F:7F:A8:9A:0C:D3 ValiditySun, 10 Mar 2024 15:51:35 GMT - Sat, 08 Jun 2024 15:51:34 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash7d33ea68ad6b4676d38ffba2e5f6029d 1d935ebd32eaf892a29ea20acdf252fe4d64cfcc a98d911301204f642407999ccf3af4ba8380e1ecb503b709952a57a5a02967c6
GET /thumbs/AA/LJ/yT.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 95540
last-modified: Sat, 27 Apr 2024 08:57:06 GMT
etag: "662cbde2-17534"
expires: Wed, 05 Jun 2024 19:05:50 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 25869
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YEKOomiWVI9UaVqQLSfkuicMe3KmdxjHGTH8HHbrvc2IOAjAHYL7%2BJSH7sAgFM32aY1Qhn9IIu0fIDVjHYkJmiKZFoNTUWunqgknNjNice8OE3kw5GPrCBzUdWgmQJP4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60ccbfd712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/2V/xX.jpg | 172.67.188.32 | 200 OK | 95 kB |
URL GET HTTP/2groupsexxx.com/thumbs/AA/2V/xX.jpg IP172.67.188.32:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectgroupsexxx.com Fingerprint02:80:EC:5E:33:44:58:6A:36:93:8A:BA:CD:88:F3:A4:E2:A6:EA:7F ValiditySun, 10 Mar 2024 15:56:53 GMT - Sat, 08 Jun 2024 15:56:52 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashf28f795ee64834b5368139ad20c876fd 8ff22163ef5183111fad8db10f3b2cd69db974bd 3c9a145919f1939235b3e22146449eacaf2e0016b12277c67926ccf5bd7fa8c0
GET /thumbs/AA/2V/xX.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 94740
last-modified: Fri, 26 Jan 2024 12:57:31 GMT
etag: "65b3ac3b-17214"
expires: Thu, 30 May 2024 20:11:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540313
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGSwR5qEw8Lcf4xFm5JYI7XzWfmYCDsfKHXTk2YVEitaLuBDHvRGphBEmaY5Qs9kRinJVyyU5Qu77ts4HnTd7lYaw8440H8oA9yNjGGsSDOjgOCjaE3Y5jXi4IBG2vKkMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60ccb43b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/hz/gk.jpg | 172.67.148.113 | 200 OK | 57 kB |
URL GET HTTP/2femdomqueen.com/thumbs/AA/hz/gk.jpg IP172.67.148.113:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectfemdomqueen.com Fingerprint18:45:B4:39:A3:A7:59:D0:43:E8:17:F2:B4:A5:43:03:6E:42:60:16 ValidityMon, 22 Apr 2024 09:36:30 GMT - Sun, 21 Jul 2024 09:36:29 GMT
File typeJPEG image data, baseline, precision 8, 596x448, components 3 Hash41a667e59c817109e3f505d4ee9733d4 6a3fd100121cb80a5e9c6cba53a113536c6f2cbb adcaa4c722763b9a6ed8b0cafbc203b6fc964f4c5a889f9ca5ed5990355fba3a
GET /thumbs/AA/hz/gk.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 56752
last-modified: Sat, 02 Feb 2019 15:35:09 GMT
etag: "5c55b8ad-ddb0"
expires: Thu, 30 May 2024 17:26:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550206
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ju18DR5TzlrNzQoSzEnIO%2F%2FeSkbZZnC79%2FGLBfVJpQtRdDRjlKTJTdBWrhWuaqxI1bOF4yVOFdEusjTXnDZC6VFOWVB9I7zodoB2mAWj3c%2F1mBq0s3m4l3edF4Jsk89t5Jw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60cce4fb50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/oP/Fv.jpg | 172.67.223.1 | 200 OK | 91 kB |
URL GET HTTP/3voyeurix.com/thumbs/AA/oP/Fv.jpg IP172.67.223.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectvoyeurix.com Fingerprint7E:24:A8:31:90:36:2C:3F:6E:51:A5:42:E9:5A:22:D1:06:E6:EE:C8 ValidityMon, 22 Apr 2024 10:24:14 GMT - Sun, 21 Jul 2024 10:24:13 GMT
File typeJPEG image data, baseline, precision 8, 1136x640, components 3 Hash2a744953fa262e373cac677aa11772f3 41f702c33fac7f0cfa8c99c9f3509a00e50dd9a3 5a49244caab029409e65c07dd1146dad020c461fb164641c46e59cb99c7549ed
GET /thumbs/AA/oP/Fv.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 90769
last-modified: Tue, 01 Oct 2019 20:28:14 GMT
etag: "5d93b6de-16291"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kgnplq0uLFZ0HKFCe9Xuzh65%2Fw%2B1uc91E7AG36ez%2Fqs1AWMIN5Tffl%2FPE3%2BcoJzVNCXLGM6zGDmIUWodcLuJUXOblg9DUDTPgERndA%2Bsbk4XUS9j2iHScFxDukd4vU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60ccf0056c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/os/gj.jpg | 172.67.207.38 | 200 OK | 176 kB |
URL GET HTTP/2handjobxxx.com/thumbs/AA/os/gj.jpg IP172.67.207.38:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthandjobxxx.com FingerprintA0:93:30:B2:D9:96:39:C3:D4:47:03:A0:33:52:5F:7F:A8:9A:0C:D3 ValiditySun, 10 Mar 2024 15:51:35 GMT - Sat, 08 Jun 2024 15:51:34 GMT
File typeJPEG image data, baseline, precision 8, 1364x668, components 3 Size176 kB (176281 bytes) Hash0dcc693420ce623aa2752f0dc4e7b665 325e085ecdaa7e360dae3811de9d1f8592d6a740 b68001ef1b957c3f9ac6ed3ac9f4518feadc08b17e8c8c0f8ce5209b00ce6da9
GET /thumbs/AA/os/gj.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 176281
last-modified: Fri, 26 Jan 2024 14:10:55 GMT
etag: "65b3bd6f-2b099"
expires: Thu, 30 May 2024 16:17:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrQGXQdfcN6u%2B9n0yI3A0gZQN%2BPCdjMNC4wrUQGBzb%2F17o7B%2B1Uz0g345dXZnV%2F1TAyj5NNzj81ZXrdjD4tVEAYupQ12xSaTmZABmRwRlJO3sRmtocdIlKvwoaiiOlY1bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60ccbfe712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/17/Iu.jpg | 172.67.188.32 | 200 OK | 89 kB |
URL GET HTTP/2groupsexxx.com/thumbs/AA/17/Iu.jpg IP172.67.188.32:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectgroupsexxx.com Fingerprint02:80:EC:5E:33:44:58:6A:36:93:8A:BA:CD:88:F3:A4:E2:A6:EA:7F ValiditySun, 10 Mar 2024 15:56:53 GMT - Sat, 08 Jun 2024 15:56:52 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 1280x720, components 3 Hashbd8bd08d73c81a141d6de394d7fa0481 dd4516afcdfa9c3f45f9d554a587523c790f0f6d b185952d445bf6252ca80a6511a571f78b29935f6dd9d67478c0a10f5367faee
GET /thumbs/AA/17/Iu.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 89035
last-modified: Tue, 14 Nov 2023 08:13:52 GMT
etag: "65532c40-15bcb"
expires: Thu, 30 May 2024 16:17:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrkztNAWmyU7CMMt69sl6jKVcCTQGsGVTp0E%2BeOZAlQSvW62LhCQGDolAHaUjhSvDoQp5b8qSlwSiDVkCBwN6qslkcM4pZgTcLn8bKW8rGkwuA1Ko6%2F%2FXIjsZFUQeMyRGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60ccb42b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/ax/ge.jpg | 172.67.223.1 | 200 OK | 170 kB |
URL GET HTTP/2voyeurix.com/thumbs/AA/ax/ge.jpg IP172.67.223.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectvoyeurix.com Fingerprint7E:24:A8:31:90:36:2C:3F:6E:51:A5:42:E9:5A:22:D1:06:E6:EE:C8 ValidityMon, 22 Apr 2024 10:24:14 GMT - Sun, 21 Jul 2024 10:24:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3 Size170 kB (169814 bytes) Hash9e76c1a94e94b4c30a32c7781a159a7f 071b7c8123bc9f05653d750b7a2a69489a7b65ed b9a592ea6bd05a5b1bfaa8a6f034c34652081b147676c00c43dd7c1e311b017c
GET /thumbs/AA/ax/ge.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 169814
last-modified: Wed, 28 Feb 2024 16:00:58 GMT
etag: "65df58ba-29756"
expires: Thu, 30 May 2024 17:26:35 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJ99zkzAYCOWyxg9pNMhsK%2F2PQix1D3AKwZXcow3NlK0cRBf9icqTT2XuGjtWOZC3vU7U1oWmgTJUYyaJg4afM9ogPyF53WePxaYjmLH96lStxrv%2FCOu%2BOJmn%2FPoydg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60ccf0156c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| javsecrets.com/thumbs/AA/wC/jb.jpg | 104.21.63.231 | 200 OK | 23 kB |
URL GET HTTP/2javsecrets.com/thumbs/AA/wC/jb.jpg IP104.21.63.231:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectjavsecrets.com FingerprintFE:9D:63:71:A7:6A:42:40:5D:EA:08:5C:AC:B3:0A:04:A6:42:F5:21 ValiditySun, 31 Mar 2024 20:26:38 GMT - Sat, 29 Jun 2024 20:26:37 GMT
File typeJPEG image data, baseline, precision 8, 568x320, components 3 Hash3e78ba8af22ec26cbf1bf02e09b7daa8 fcb6b2d566e34438020304ecdea119a5b598d745 4601e553163f315ee063d48674c0b6d81f33779c0f13f2d688245052d120e4e8
GET /thumbs/AA/wC/jb.jpg HTTP/1.1
Host: javsecrets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 23086
last-modified: Thu, 30 Nov 2023 11:15:04 GMT
etag: "65686eb8-5a2e"
expires: Thu, 30 May 2024 20:11:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540304
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CN0v3Lj0KvSHV4oWHPWDJXidI%2BjnFZf0PO8o0D2enwuTfyr8HUQroAUumIHobFdGHpucXl46jM6%2FvzjS7AtO0VSJ5mON4xP3xmZsDG%2BRurROdstQxAEIiHmp7TZ96%2Foz3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60dede056bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xcumwebcam.com/thumbs/AA/ch/zV.jpg | 188.114.97.1 | 200 OK | 115 kB |
URL GET HTTP/2xcumwebcam.com/thumbs/AA/ch/zV.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectxcumwebcam.com Fingerprint85:FC:8E:26:56:ED:EC:5F:6C:0C:68:68:3F:1F:05:F1:A1:50:34:A8 ValidityMon, 22 Apr 2024 06:49:07 GMT - Sun, 21 Jul 2024 06:49:06 GMT
File typeJPEG image data, baseline, precision 8, 892x668, components 3 Size115 kB (114582 bytes) Hash2fef68128813a75c3b9f5bf6c5dd494d 0c341e4801a77284c76e9e9811e294cc5eb98b81 57371c8ad97caebb40372dc76b1acf9ea71516b15396bf3bd5d38a20ae7cdcce
GET /thumbs/AA/ch/zV.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 114582
last-modified: Sat, 16 Feb 2019 19:13:00 GMT
etag: "5c6860bc-1bf96"
expires: Thu, 30 May 2024 20:11:47 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540312
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZiZ941dID9BvPmr%2FgBYjwiAMJtchZtxL8IaXX04ZgmmUsYn0mB%2FDYT4O5YY81USNLuPGpy2qwmMQCTmvC0bAuMdqOwEWy5o1zIn5on0XxBi%2FlEXcEyn9iXoFJFhMz5mgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60def0c56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| md-static.com/js/jquery.min.js | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3md-static.com/js/jquery.min.js IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectmd-static.com Fingerprint78:3D:4B:7D:5D:B4:38:28:82:3D:3E:65:79:F4:48:9E:D3:A5:91:60 ValiditySun, 05 May 2024 15:59:00 GMT - Sat, 03 Aug 2024 15:58:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /js/jquery.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 23:02:39 GMT
vary: Accept-Encoding
etag: W/"5eb09f0f-15d84"
expires: Thu, 30 May 2024 17:26:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 550214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hY8aiFXaJ027Yey%2BTAw7ZgZGu4Ev36P2YWo8k%2B9uDEbfJPtwljdFo2RnayGui4TcItMqZf8GQAYMRrvuIieSVGK7Nbv6RkeGBrVScze2LyTlK7IJwqPzQ86bE7j8j9w%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb609180a56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| javsecrets.com/thumbs/AA/dw/T6.jpg | 104.21.63.231 | 200 OK | 63 kB |
URL GET HTTP/2javsecrets.com/thumbs/AA/dw/T6.jpg IP104.21.63.231:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectjavsecrets.com FingerprintFE:9D:63:71:A7:6A:42:40:5D:EA:08:5C:AC:B3:0A:04:A6:42:F5:21 ValiditySun, 31 Mar 2024 20:26:38 GMT - Sat, 29 Jun 2024 20:26:37 GMT
File typeJPEG image data, baseline, precision 8, 640x480, components 3 Hash9da89252cd39b76ea3ffd570b651441a 2a7c6c5a20da422951454be10f220361108444c5 7ac19b1d197e5216b52f168b1c28529e1127ae94c78c35a30b1a7dfcbd383d43
GET /thumbs/AA/dw/T6.jpg HTTP/1.1
Host: javsecrets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 62837
last-modified: Fri, 01 Dec 2023 11:21:28 GMT
etag: "6569c1b8-f575"
expires: Tue, 04 Jun 2024 00:25:33 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 179486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02d2ill398I5lUyHmtwkBjdzmuanxVj2iF2iYd1W0IejCQn1kb%2FEKKsbyhNbno0M%2B9%2FWfFreH9r1KGR7qxv2wqbKLT8mlckynfmk7KO6nLvzEdHboGTd9oTmqTxqsQGhCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60dede156bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t.yunaga.xyz/1/?spot_id=5011 | 188.114.96.1 | 302 Found | 159 B |
URL GET HTTP/3t.yunaga.xyz/1/?spot_id=5011 IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectyunaga.xyz Fingerprint23:B7:72:6D:6F:C6:6F:96:9E:1F:5C:29:0F:31:FC:36:7F:1E:84:40 ValidityTue, 19 Mar 2024 23:59:20 GMT - Mon, 17 Jun 2024 23:59:19 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash9c208974c815b016b440d07ea83c14ed dc6bf64b5c4afa333200fcd859a1d4738a020856 1de4d1050c7a385d09afe86e3ee18ea3c84725d6af96c2a5e60fac2143c4d070
GET /1/?spot_id=5011 HTTP/1.1
Host: t.yunaga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Cookie: _trd_=82d778003444ec; _uqt3157949621=1; _uqp3178561817=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html
location: https://yahoo.com
set-cookie: _trd_=82d778003444ec; Expires=Wed, 07-May-25 02:16:58 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqt3157949621=2; Expires=Wed, 08-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqp3178561817=2; Expires=Wed, 08-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yeXiRHujyeLBDPncqJ%2FmrVk99wvHDfXK9UEpDUS0fO8Jf2eYBQhP%2FfQm0U%2BJnp3KYAGHZ9X9ojO6oBDx1RdLAZemUnMjY8K0ptNWg3OiecduAi2eGEaAOM%2F6IGGN04o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb606fbc456c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| myretrocollection.com/thumbs/AA/gr/4Y.jpg | 188.114.97.1 | 200 OK | 53 kB |
URL GET HTTP/3myretrocollection.com/thumbs/AA/gr/4Y.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmyretrocollection.com FingerprintC1:EB:81:51:C9:EE:A3:94:D8:73:87:A0:C4:3A:69:D8:8A:DD:CB:33 ValiditySun, 10 Mar 2024 08:05:49 GMT - Sat, 08 Jun 2024 08:05:48 GMT
File typeJPEG image data, baseline, precision 8, 900x676, components 3 Hashab0f34dd00b7555cfd8fe04d9380acb7 d35314e2c24c150a32d0092bfb5ffeeeeadfcf48 2bd5b536aa27caf7c6d049526b988127488a6c67d8205b3ea965d5a9b9996f1c
GET /thumbs/AA/gr/4Y.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 52991
last-modified: Tue, 30 Jan 2024 16:03:05 GMT
etag: "65b91db9-ceff"
expires: Thu, 30 May 2024 17:26:28 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550231
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cT0ceA8pTDKT3oeQZuodbZCWRFlSn9Vy1gnUY926c24nhEVmtzvTvE84lLlfssoYSFgOYasYFt5iitKEtTOS4%2BKSOR%2Fi4TAsak%2B9N2oDwd86bqzzhkJ7J4ukET1FETC6A3iuZYvJZq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60e9d08b4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/JE/tE.jpg | 188.114.96.1 | 200 OK | 107 kB |
URL GET HTTP/2lovefootjob.com/thumbs/AA/JE/tE.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlovefootjob.com Fingerprint6A:CE:FD:27:C8:DA:CF:1B:E2:B4:D3:FB:96:8E:5E:C1:DC:F9:6B:83 ValidityWed, 24 Apr 2024 18:50:36 GMT - Tue, 23 Jul 2024 18:50:35 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size107 kB (107120 bytes) Hash24adcb7e287d8786a0bc83a386ef02d7 c9496020f4cc92442594456e3cc473c57c205b10 f6256a3bdc6fad5b489f0c1d6029992dd2229905d5051e4e6e64aec81124e3d1
GET /thumbs/AA/JE/tE.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 107120
last-modified: Wed, 28 Feb 2024 16:15:43 GMT
etag: "65df5c2f-1a270"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49oTZRZtdhvq252YuTvoOBgGgoPWk33u0xQRJl%2FlKDbJIzrX4qX%2FJaPBXi7k2zeXSxhntrBrcShSANOzIi%2Fc39GePRQ7ibY1RSQJS6qXSN3f2QnXzXF3a7f1IDh1V9aNgMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60e9a08b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/vF/22.jpg | 172.67.148.113 | 200 OK | 74 kB |
URL GET HTTP/3femdomqueen.com/thumbs/AA/vF/22.jpg IP172.67.148.113:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectfemdomqueen.com Fingerprint18:45:B4:39:A3:A7:59:D0:43:E8:17:F2:B4:A5:43:03:6E:42:60:16 ValidityMon, 22 Apr 2024 09:36:30 GMT - Sun, 21 Jul 2024 09:36:29 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1280x720, components 3 Hash6c26a7798904e772181a4f83d859ed83 0443b3bcbe9d642adb8caee45d8e013211438dd8 ff3c7358808da522a1f42b64fa27f14eb2b2283a92f2ff6480efacb929a23560
GET /thumbs/AA/vF/22.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 73606
last-modified: Mon, 09 Feb 2015 20:06:20 GMT
etag: "54d9133c-11f86"
expires: Thu, 30 May 2024 18:38:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545927
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdS8V9evKtlpJry%2Bv3juBWX2qinqLKqqXq21Lb2bcSIdT68XTtzsJowJ91SyAJM%2B3PzN%2BRcMcV%2BeRdCsIra1Xf4ilaZ8l3qAQO2Acyfd8nhGFwTRFQI%2F3F6lSStKaRuPH1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60eeee8b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/Ar/tR.jpg | 188.114.97.1 | 200 OK | 94 kB |
URL GET HTTP/369ebony.com/thumbs/AA/Ar/tR.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subject69ebony.com Fingerprint29:61:7B:E4:F9:8C:1A:41:DA:D9:26:37:24:D1:2D:21:AE:7A:0D:3F ValiditySun, 10 Mar 2024 16:12:51 GMT - Sat, 08 Jun 2024 16:12:50 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashcae8a97a867412a5d55f7f67b732bd80 28b84e2dcc964892e1bf3f591419ed9814b6b382 3305ebc505be119c037b4e3c7dd7d928d01ab5125068f66363d3de8683fe6125
GET /thumbs/AA/Ar/tR.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 94022
last-modified: Tue, 19 Mar 2024 17:11:25 GMT
etag: "65f9c73d-16f46"
expires: Thu, 30 May 2024 20:11:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Fegk1TGSsQcsbcqup0z4JOiWPxbA4c5Lbw6osEXbso6OwF6mbLDFQjPn4FLi0C%2Bow4QwuPO%2FGMF%2FTUCldfN5VuISf0ZhPqxM%2FEUHcbruE3WIzXKuT%2F7SDVUkJoPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60f5e6356bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| milftop.com/thumbs/AA/ss/Zt.jpg | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/2milftop.com/thumbs/AA/ss/Zt.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmilftop.com FingerprintCB:43:17:77:B5:0D:0E:2F:AE:EA:D6:19:F6:B2:80:50:DF:B0:BC:10 ValiditySun, 10 Mar 2024 16:21:41 GMT - Sat, 08 Jun 2024 16:21:40 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashdf3af938901acdb8931181b65da5e234 1a5a971691451bcab67154df1b2cb79002eebe94 312060a8739ce7effdcd1431a95e93e13b4b06d2788f6b98bd951553503d1a9f
GET /thumbs/AA/ss/Zt.jpg HTTP/1.1
Host: milftop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 17754
last-modified: Sun, 05 May 2024 20:31:01 GMT
etag: "6637ec85-455a"
expires: Wed, 05 Jun 2024 03:39:47 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 81433
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F89jV3PxxVmZrOX%2BLJDWvvZeKNCcULkBHVhTzPmJI1aoa8kUjgUauoy9WjvM0ZaeA3QbVPiPLWhfpvSr6Smi1sRCtLk4qIFPz2SRALEHBoRyMnZgHgOXFdewtu%2BJzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60faf21b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| happy-granny.com/thumbs/AA/xC/wp.jpg | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/2happy-granny.com/thumbs/AA/xC/wp.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthappy-granny.com Fingerprint20:1E:A8:F5:1D:E7:E4:0D:AE:D2:C4:CF:B8:6C:B0:F1:83:C4:4E:D5 ValiditySun, 31 Mar 2024 12:31:02 GMT - Sat, 29 Jun 2024 12:31:01 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 600x450, components 3 Hash77236f13861b744218b8f6f72791d552 ccd227bd53434f100c271b1ef8f6ca6f328cfd45 8b5d38bc988040bc73926e0654717f187991123e827297cbd59c01d16a1b6bde
GET /thumbs/AA/xC/wp.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 19430
last-modified: Tue, 30 Jan 2024 14:34:18 GMT
etag: "65b908ea-4be6"
expires: Thu, 30 May 2024 17:26:39 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kor1UIBYYpAOAs2QCotAt6w2eJ4z6%2FBP0VFKBzoXepKKVKsG3aaKtVElAPs3ctvZILugo5Rr6mjPayHmbIIaVP49vTNNMTEaP4sv%2BmVH079arq3gxolf467CNUYcO4FwmeKm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60fbbce0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/qi/Y4.jpg | 172.67.195.23 | 200 OK | 13 kB |
URL GET HTTP/269indian.com/thumbs/AA/qi/Y4.jpg IP172.67.195.23:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69indian.com Fingerprint02:44:AF:DF:DC:35:9B:8E:2F:BA:31:BF:8A:2B:42:28:10:1D:89:D8 ValiditySun, 31 Mar 2024 19:47:58 GMT - Sat, 29 Jun 2024 19:47:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hashc248d9edb45dbb1c4381336afb3f4e28 f1f4ae609741fbd18830b8fc0398eee29061de85 f7ed439f6f7db4e9c994803eb1ffab8fbeecc833d7418f6a3d8d1ada8c4908ed
GET /thumbs/AA/qi/Y4.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 12930
last-modified: Thu, 25 Apr 2024 11:48:15 GMT
etag: "662a42ff-3282"
expires: Thu, 30 May 2024 20:11:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXq9t%2BPqfzFs4%2FQr8Yydx0nbTCO85YhwrSm%2B0L6wD5drD54yJtBWyWj0raF1aiOjNhazUMnQMw7%2FLQoTyCdiQs94SQYFl8WyXojheZpo5YWjO6e88H4ZY7%2FvEYwTgYY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60feaec1c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/j3/6c.jpg | 172.67.195.23 | 200 OK | 16 kB |
URL GET HTTP/269indian.com/thumbs/AA/j3/6c.jpg IP172.67.195.23:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69indian.com Fingerprint02:44:AF:DF:DC:35:9B:8E:2F:BA:31:BF:8A:2B:42:28:10:1D:89:D8 ValiditySun, 31 Mar 2024 19:47:58 GMT - Sat, 29 Jun 2024 19:47:57 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 280x210, components 3 Hash4871bfb4d87d71443c5ad2d59424adc3 9f9c22bf0398fbe29812edb6676455eb4c069cf0 0ce76de4168d670bb23e432e4b2d4ba21b94645edbdf7345dcf79a33aaef30b5
GET /thumbs/AA/j3/6c.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 15812
last-modified: Thu, 25 Apr 2024 10:19:41 GMT
etag: "662a2e3d-3dc4"
expires: Thu, 30 May 2024 17:26:39 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kq0HoqXXRaLoIktheHTVTrMTxM58cDBCXzGoPEQFTny0L7FVxqOLsPQAwldQgs1kJB4NWHfkjVJ%2FjAREUtgSOCntBWiHCxowTV0jgtuPl%2FP%2B6ng30WtBb5dze7tENww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6101af31c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| milftop.com/thumbs/AA/ov/YK.jpg | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/2milftop.com/thumbs/AA/ov/YK.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmilftop.com FingerprintCB:43:17:77:B5:0D:0E:2F:AE:EA:D6:19:F6:B2:80:50:DF:B0:BC:10 ValiditySun, 10 Mar 2024 16:21:41 GMT - Sat, 08 Jun 2024 16:21:40 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash81d8e05362159c72c3eb74753fee5c1f fd1487f9feef8aec149ea877523736472397a717 09ba581412cf09b452825f869d639eb7056e6128168e3212a836f378f9963274
GET /thumbs/AA/ov/YK.jpg HTTP/1.1
Host: milftop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 14427
last-modified: Tue, 24 Oct 2023 12:03:52 GMT
etag: "6537b2a8-385b"
expires: Thu, 30 May 2024 18:38:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545929
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PGp2e4A9MHnOHbEbNd1VWAA29rwEET7gyta%2FIMAJh9xPyHSYCTMxc68rV%2F93nS%2FoscBxsrLoQUOsDKdWaSUFPo9VWrW5mTxQrL6uCX5wAkZudCZ5EzNb1A7rPc0zMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6102f50b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/df/F_.jpg | 188.114.96.1 | 200 OK | 174 kB |
URL GET HTTP/3interracial69.com/thumbs/AA/df/F_.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectinterracial69.com FingerprintDD:FC:81:F0:71:82:92:28:46:22:7A:1C:70:F0:13:FF:44:1A:0E:A8 ValiditySun, 10 Mar 2024 13:37:49 GMT - Sat, 08 Jun 2024 13:37:48 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size174 kB (174301 bytes) Hash0e2eb4904271c0975d1cc71512a8104c 700fa8b264bddfe438a79d023a7c0670d4a51fef caab98e273b5f0aa00c3b1e8b8ea5816fb5291b5f51dd5a8cc84dee8a1b48271
GET /thumbs/AA/df/F_.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 174301
last-modified: Fri, 01 Mar 2024 03:42:03 GMT
etag: "65e14e8b-2a8dd"
expires: Thu, 30 May 2024 20:11:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540308
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RZtd9e7KlMijcJJY4lksfTwuCGkacN1zt6coRUDtcTFXNies49vpGvoHgZ7w1eyCufe4RiwbjkWFChlJ0CxJa81ZtJZ6YS8ZxD5DsOSvstcxSu1AUml4K%2FFWB%2FOPBYxy%2B6fbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6100b5c0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/U6/O3.jpg | 188.114.96.1 | 200 OK | 92 kB |
URL GET HTTP/2lovefootjob.com/thumbs/AA/U6/O3.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlovefootjob.com Fingerprint6A:CE:FD:27:C8:DA:CF:1B:E2:B4:D3:FB:96:8E:5E:C1:DC:F9:6B:83 ValidityWed, 24 Apr 2024 18:50:36 GMT - Tue, 23 Jul 2024 18:50:35 GMT
File typeJPEG image data, baseline, precision 8, 1136x640, components 3 Hash02a72fb2a470a7ecbf346d0d584baa25 a1fdb39a02f810ac3550d3f60731fbed5fc687e0 8b957352bd53613e45895d033a712c104e7018da4441b578d9b932dda61363ee
GET /thumbs/AA/U6/O3.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 92124
last-modified: Tue, 08 Oct 2019 16:09:32 GMT
etag: "5d9cb4bc-167dc"
expires: Thu, 30 May 2024 16:18:02 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554338
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JquHbJjMOnTyfc9B9I76VWvF5HcEpKYSShz59fSGL9OaHPQRpobrXDetDvvTJi43zdB03ONqOWHuOHxpqA%2FNpzsOXAxRDXK%2BOz74cjuxM%2FCBhym9MBwQbxqqe9%2BoYK6RGY8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6105ad2b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| z-gay.com/thumbs/AA/QJ/y8.jpg | 104.21.72.129 | 200 OK | 14 kB |
URL GET HTTP/2z-gay.com/thumbs/AA/QJ/y8.jpg IP104.21.72.129:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectz-gay.com Fingerprint21:C3:26:D0:D3:95:70:79:33:64:5A:99:F5:6F:63:BE:8E:88:8E:80 ValiditySun, 14 Apr 2024 05:45:42 GMT - Sat, 13 Jul 2024 05:45:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashe57b6f26311b497b92bc7df2d35fcc06 10135ff49cadb1dfee01bd88935faf49909c798a cd2663389900afb96869f0ea6975b570b84db166185e1472d0a8b4cf9a3f1ef1
GET /thumbs/AA/QJ/y8.jpg HTTP/1.1
Host: z-gay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 13688
last-modified: Sun, 04 Feb 2024 07:19:13 GMT
etag: "65bf3a71-3578"
expires: Thu, 30 May 2024 18:38:15 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URCI6trEPFb5JrjFIKL6t0KfX9ns2MIzKc4SY4s1hBoOtobV4Z3cXy1F%2BBX1T2Mb68HYAd2oD0koIzSa4zDsv7Tht1C%2BfQtOZTVuYJOQtbMOLFgr770%2ByciywjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6107f5e1bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| z-gay.com/thumbs/AA/Ql/Tr.jpg | 104.21.72.129 | 200 OK | 24 kB |
URL GET HTTP/2z-gay.com/thumbs/AA/Ql/Tr.jpg IP104.21.72.129:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectz-gay.com Fingerprint21:C3:26:D0:D3:95:70:79:33:64:5A:99:F5:6F:63:BE:8E:88:8E:80 ValiditySun, 14 Apr 2024 05:45:42 GMT - Sat, 13 Jul 2024 05:45:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x423, components 3 Hash5b911e346222ec2cb7bd4759901ef130 4d227bc22edf9515d4f912e884278006ef796977 4c87cd92f2be9969e6137cd8047042ab17260303f36670d4aef7973c2226046c
GET /thumbs/AA/Ql/Tr.jpg HTTP/1.1
Host: z-gay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 24259
last-modified: Thu, 08 Feb 2024 04:50:24 GMT
etag: "65c45d90-5ec3"
expires: Thu, 30 May 2024 16:18:05 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRg1bhbsco1C9u5uXDMbUKh4s%2BiBSW6L2AvbnSHvlcjgatj87mofFFn9ilqz4n%2FYL%2BFFqQAc45CLblSVyXs821%2FTwg9qFn0i1wktrulZwIlGI0MnyQqK2%2BJ3q3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6108f611bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/1z/_P.jpg | 188.114.97.1 | 200 OK | 288 kB |
URL GET HTTP/269ebony.com/thumbs/AA/1z/_P.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subject69ebony.com Fingerprint29:61:7B:E4:F9:8C:1A:41:DA:D9:26:37:24:D1:2D:21:AE:7A:0D:3F ValiditySun, 10 Mar 2024 16:12:51 GMT - Sat, 08 Jun 2024 16:12:50 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size288 kB (288381 bytes) Hash03c7a52d867d1821dabbd607b472334c dfcb156529387624cdfaac36207cd00d055430a6 9e1982c4cf6c7163a07df61029f09b4f588b4722c58389a60919cb6eeb293e45
GET /thumbs/AA/1z/_P.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 288381
last-modified: Tue, 14 Nov 2023 08:17:10 GMT
etag: "65532d06-4667d"
expires: Thu, 30 May 2024 20:11:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540305
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FiiTznJRP9AVw0bWRJVZOsXu7i3PpRV5Eiv6n0kTtuZCtmUHjwXddxb1lc1ou6ZZUOW3hisYT9S7b0xKAAUfH4BWWT4OxP6JowGiG8ZFhy288jmWnv85JJilpNFUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6109ed156bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/n0/m6.jpg | 104.21.69.189 | 200 OK | 49 kB |
URL GET HTTP/269lesbi.com/thumbs/AA/n0/m6.jpg IP104.21.69.189:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69lesbi.com Fingerprint70:D0:18:CC:FB:44:C9:FE:2B:84:AD:CF:C5:A2:90:24:B3:1C:3D:B2 ValiditySun, 10 Mar 2024 17:19:39 GMT - Sat, 08 Jun 2024 17:19:38 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3 Hash2bf48be9b4af401bf6150f944d46a6ce 545ced166d8b0c12d92427bf7d2cfe86d5f41e6d 67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e
GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQSkHzLK1N%2BJjeo2zYxx7RmwM5Da%2BMZ%2FbkjkUpbDcojyGp75uLoDFTrs3dB6Op4gC6x6AdGiCmkloM2uRWgqH3TrVDxRfcJhN%2Fb4GMZgr8Zitb%2BrgJHxMBGvwhYwjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb610db6956c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| myretrocollection.com/thumbs/AA/xl/sZ.jpg | 188.114.97.1 | 200 OK | 61 kB |
URL GET HTTP/2myretrocollection.com/thumbs/AA/xl/sZ.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmyretrocollection.com FingerprintC1:EB:81:51:C9:EE:A3:94:D8:73:87:A0:C4:3A:69:D8:8A:DD:CB:33 ValiditySun, 10 Mar 2024 08:05:49 GMT - Sat, 08 Jun 2024 08:05:48 GMT
File typeJPEG image data, baseline, precision 8, 640x480, components 3 Hashaef9f3351dd76be26a042267239ac650 a6e5038903c1250b7ba2a3b056d3c0fbcc36e51f cc4b8a6429318d2001f5ff15e7089c2dcef0cc6985d200c8544ddcddc8dd3483
GET /thumbs/AA/xl/sZ.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 61171
last-modified: Sun, 14 Jan 2024 15:43:33 GMT
etag: "65a40125-eef3"
expires: Thu, 30 May 2024 16:17:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0MYx2a9PtJ8pFmv8VZb3%2FuAXQtFBtYav8udvY46u453ih7J3jQnbwleuWbWsob%2BgSNO3q1NDm6rQQ9m7iQrZS2nf6D%2BIBBoDtoKqDcGKRfLxXCdIgvFFvEoAJ2%2BNqlipTzHc2QAr3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb610ddbdb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/Ja/_h.jpg | 104.21.69.189 | 200 OK | 187 kB |
URL GET HTTP/269lesbi.com/thumbs/AA/Ja/_h.jpg IP104.21.69.189:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69lesbi.com Fingerprint70:D0:18:CC:FB:44:C9:FE:2B:84:AD:CF:C5:A2:90:24:B3:1C:3D:B2 ValiditySun, 10 Mar 2024 17:19:39 GMT - Sat, 08 Jun 2024 17:19:38 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size187 kB (187028 bytes) Hashaad6de5aa86142836db223f4ab28f95d 29098399e6a3fb1c2fb6f7c60864c56cf95e88aa ce6f85982c41f5156e2e16675afd1f6cbb79010e5908ed6e2e5b1dd4bccbbca8
GET /thumbs/AA/Ja/_h.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 187028
last-modified: Fri, 03 Nov 2023 08:29:15 GMT
etag: "6544af5b-2da94"
expires: Fri, 31 May 2024 15:00:13 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 472607
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D15izm6xIEkIkvzynhadNVEHgDe7%2Fm04emy78U%2FH2Q07cC7HXtpmhmcKNlQZ09lNl4O3kSXiOkwoWCIiiNe1s4yrqxri3JuuTZbnLg6EIqbRf7P2aoRh6AOzbK2olg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6112b9a56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/0a/OW.jpg | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3gftranny.com/thumbs/AA/0a/OW.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectgftranny.com Fingerprint60:95:A5:DF:04:C0:8E:A6:02:D4:1E:D6:FC:05:59:09:04:4B:2F:92 ValiditySun, 10 Mar 2024 12:05:15 GMT - Sat, 08 Jun 2024 12:05:14 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash7af619c0aba65d6aa2bc617e8792a661 4688bcd7dc099209c2e17ec09a01b475881c4859 10ef14602e54cbad461c81bbd68080c0a614ca18f801954f5fc99fb16c7c9654
GET /thumbs/AA/0a/OW.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 17070
last-modified: Fri, 15 Mar 2024 14:12:12 GMT
etag: "65f4573c-42ae"
expires: Thu, 30 May 2024 20:11:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540311
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqnNBqWsoeKvF773QCHTOdnw1HKoZO2Llmx5saTp%2BmnLoMSyz9RkWz8evWTs0CPwprf9kk7LIPJlSLzD6TsbZusxKul0imBhK42n9ZmfNYzQNoP%2BjVhtLBteXTF6ujY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6114d04b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| happy-granny.com/thumbs/AA/sb/DK.jpg | 188.114.97.1 | 200 OK | 42 kB |
URL GET HTTP/2happy-granny.com/thumbs/AA/sb/DK.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthappy-granny.com Fingerprint20:1E:A8:F5:1D:E7:E4:0D:AE:D2:C4:CF:B8:6C:B0:F1:83:C4:4E:D5 ValiditySun, 31 Mar 2024 12:31:02 GMT - Sat, 29 Jun 2024 12:31:01 GMT
File typeJPEG image data, baseline, precision 8, 892x668, components 3 Hash0746c11a8b5855a6bcae9f2c6feee53c 98221a768b5ef7efe475af6767e7e78b123d633a 943faea9324f3f89261da30ebebb2306b9123d0f27fd9020c3b38f6ed30e4878
GET /thumbs/AA/sb/DK.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 42228
last-modified: Tue, 30 Jan 2024 14:35:32 GMT
etag: "65b90934-a4f4"
expires: Thu, 30 May 2024 18:38:16 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545924
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=on9C9ssBD8LW%2FQqF1aXfi4ruOWyjkJPhxv4HsxPmTQfKM4xsZq9MCvfbSH4Fz1xQHx8mXDw2YxMqfGCglDYqyJ4NXFYm0qQJLaF8xj5auEX1GG1g9jkiDFVjQw4Nf988RSLv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6116c1c0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/1N/xV.jpg | 188.114.96.1 | 200 OK | 82 kB |
URL GET HTTP/2interracial69.com/thumbs/AA/1N/xV.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectinterracial69.com FingerprintDD:FC:81:F0:71:82:92:28:46:22:7A:1C:70:F0:13:FF:44:1A:0E:A8 ValiditySun, 10 Mar 2024 13:37:49 GMT - Sat, 08 Jun 2024 13:37:48 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hasha2296c4be9965b25ad5839da948e0223 b78ec463b385a8c65ac3fa8b625781c59d80a839 c278be2826e17903c4d502d237e544e516090ebe249bba8c7f5ffb7854ef6fba
GET /thumbs/AA/1N/xV.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 81812
last-modified: Fri, 16 Feb 2024 14:42:03 GMT
etag: "65cf743b-13f94"
expires: Thu, 06 Jun 2024 00:25:09 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 6711
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpkav7lZbP9DsBA%2F1IzXNXpA8txI1%2FQWHI2ccbGULmpXdjoNmPjpBxWQJtDl6Wpi6gRQBHSs5CQgVgHWgzgPbPt4L9rVmgIhnAFEKLSJbilaO6JF5eH5%2FwWgn2jOU3gTeaNNAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6116b9c0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/89/hH.jpg | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/2gftranny.com/thumbs/AA/89/hH.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectgftranny.com Fingerprint60:95:A5:DF:04:C0:8E:A6:02:D4:1E:D6:FC:05:59:09:04:4B:2F:92 ValiditySun, 10 Mar 2024 12:05:15 GMT - Sat, 08 Jun 2024 12:05:14 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash442082d9a9a019d6bb4d6ec6a4e505e1 a5a889db68dab7bb83ad10081f7bf245d2a03c4f e70f2f20b952be2c2739b0a9976ff797dd66ba824a3cb8a96afd0811fa79d29a
GET /thumbs/AA/89/hH.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 17659
last-modified: Wed, 01 May 2024 03:50:09 GMT
etag: "6631bbf1-44fb"
expires: Fri, 31 May 2024 09:54:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 490950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U87ttTrJ%2FUCAFxdDKE%2BLIGof1JgOmskNQqCdtcZpRT40XNY7M5ihYXy%2B1lfGbo6LyPcP5K1fRY%2FlfAbaayDVZe0TskVJzCWr965HfINNPpdLq7rrCL%2FKaTrsliqA5eY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6119d1fb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Ug/ys.jpg | 188.114.96.1 | 200 OK | 27 kB |
URL GET HTTP/3porn13.com/thumbs/AA/Ug/ys.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectporn13.com Fingerprint58:FC:38:73:36:76:B0:01:FD:A4:8D:7A:C1:D7:76:23:7F:55:F6:2A ValidityMon, 11 Mar 2024 02:37:58 GMT - Sun, 09 Jun 2024 02:37:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x171, components 3 Hashbbcaf5cb7e0d9a078f7d2d62fb3aaad8 95ce03abf9618f05f521c48fe487bbdb7d06e5af 12414585deb56a9d483d9b23eea3a32dc04c1646385fc385b3edd78bc52b34c8
GET /thumbs/AA/Ug/ys.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 27104
last-modified: Fri, 19 Aug 2022 16:16:31 GMT
etag: "62ffb75f-69e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 554354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXrhrl9xr1Cq4sUZR61v8pNHcljzc91dP6WoiD2lSy8sF347cZ0nYMs8xD9txfBgbk%2BY2TrpkWG4l0CMhoUFY4WafbQs5eNrcbglk1Iy2QRABn4Mt6EQVgg9t9CI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6121dd6712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| porn13.com/thumbs/AA/9J/Mr.jpg | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3porn13.com/thumbs/AA/9J/Mr.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectporn13.com Fingerprint58:FC:38:73:36:76:B0:01:FD:A4:8D:7A:C1:D7:76:23:7F:55:F6:2A ValidityMon, 11 Mar 2024 02:37:58 GMT - Sun, 09 Jun 2024 02:37:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 352x236, components 3 Hash216873c1c07519bdf845f887e8d47bc4 08122edef6e704341b1ffd5c9c6c64a1301e44e7 d90dbde33940dc7c9cad89f5834c301accdaaaf6bbaad0130b56aa58911c8e27
GET /thumbs/AA/9J/Mr.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 53837
last-modified: Fri, 19 Aug 2022 16:07:33 GMT
etag: "62ffb545-d24d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 550225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAVyNajQTaQzqobiwmF5q6%2FDSmBX2FcfpkiEbM5XgIrVODe1RYy60I6Vu3bI40AnbIxth1fyviG4q%2FmY%2BfYYAYH%2B9XvTewsKevgTRWrm9XgNvcHDPwSjhNjWYqT%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6123ddf712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| md-static.com/js/jquery.min.js | 188.114.97.1 | 200 OK | 52 kB |
URL GET HTTP/3md-static.com/js/jquery.min.js IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectmd-static.com Fingerprint78:3D:4B:7D:5D:B4:38:28:82:3D:3E:65:79:F4:48:9E:D3:A5:91:60 ValiditySun, 05 May 2024 15:59:00 GMT - Sat, 03 Aug 2024 15:58:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /js/jquery.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 23:02:39 GMT
vary: Accept-Encoding
etag: W/"5eb09f0f-15d84"
expires: Thu, 30 May 2024 17:26:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 550215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YHjUX8fs08Z2IsetbVwc4w0BZxrmVh4xlxxVlX%2B71tF93q9xmuA4hKsnFtHVDthTJKctWBBI8EpTYWJPrbBSIXoA4TxYfi6VQ1DypVPDXgx8wQe45R%2BP5PXUUd5ZqrfW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60f7c235688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| milftop.com/thumbs/AA/gQ/mO.jpg | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/2milftop.com/thumbs/AA/gQ/mO.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmilftop.com FingerprintCB:43:17:77:B5:0D:0E:2F:AE:EA:D6:19:F6:B2:80:50:DF:B0:BC:10 ValiditySun, 10 Mar 2024 16:21:41 GMT - Sat, 08 Jun 2024 16:21:40 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashddf73ac1724400fcbf7c622673c4e630 eb76d1e4551bd404e6feee6424b3ec59e77685c0 d064b1b209867efff14a2d6a5f0e03112d08800091b217dd4896b710f2f46492
GET /thumbs/AA/gQ/mO.jpg HTTP/1.1
Host: milftop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 11553
last-modified: Sat, 06 Jan 2024 14:37:53 GMT
etag: "659965c1-2d21"
expires: Thu, 06 Jun 2024 00:25:26 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 6694
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZ5VF4eYus75kvAllYXDEP1f2M3xm%2Fmhzebn%2FbSg2iBKOHOcU8viPa8LWDSN4VMOuXMiJW5JujywmygLnmO%2B%2BW93tq24soygWzBGEzYZ2fmakXfJy%2B0%2FixGlF2es6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6129810b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/Yn/UM.jpg | 188.114.96.1 | 200 OK | 123 kB |
URL GET HTTP/2lovefootjob.com/thumbs/AA/Yn/UM.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlovefootjob.com Fingerprint6A:CE:FD:27:C8:DA:CF:1B:E2:B4:D3:FB:96:8E:5E:C1:DC:F9:6B:83 ValidityWed, 24 Apr 2024 18:50:36 GMT - Tue, 23 Jul 2024 18:50:35 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size123 kB (123405 bytes) Hash4eb01c42fef2b5aebd30233d178400c3 9d2d51e35ae49ee7887310d29dee573bd9a9d969 2b8c44ee739a2ddc71a48e1c4877909a82520a7a63bf0ec767e9c2ee82861cfe
GET /thumbs/AA/Yn/UM.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 123405
last-modified: Thu, 29 Feb 2024 12:17:21 GMT
etag: "65e075d1-1e20d"
expires: Thu, 30 May 2024 18:38:17 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545923
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Njh2jOIbdxTo9WB5IGnzE7kului14expYphnR70tCeR%2FffgJE50VVcXURD0IYe9MEfafpQPMmGVb7jq2q6oQ4XjVYmhGOq7XvZJdP04yAbZ6ZbsISV%2BQyj%2BG55HTlTGadkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6129bc7b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| milftop.com/thumbs/AA/Ug/Ar.jpg | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/2milftop.com/thumbs/AA/Ug/Ar.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmilftop.com FingerprintCB:43:17:77:B5:0D:0E:2F:AE:EA:D6:19:F6:B2:80:50:DF:B0:BC:10 ValiditySun, 10 Mar 2024 16:21:41 GMT - Sat, 08 Jun 2024 16:21:40 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashaa4b8bc56a804c569bed2dce42b25db1 f0ce59568b79f42831efc8864cad8c59ab33053f d6df680135d28437ca98a0b63ad47bb18828c3aff2edd18ca2e85f701a079954
GET /thumbs/AA/Ug/Ar.jpg HTTP/1.1
Host: milftop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 12037
last-modified: Mon, 29 Jan 2024 15:32:24 GMT
etag: "65b7c508-2f05"
expires: Thu, 30 May 2024 20:12:04 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtqake8lJpO7Wbzl3KVw27VqDR56xeyTb5T7aQwxiwlU4Jcf5BG4eUtsXNud%2FfbHGvIvXMW5%2BLTosSz2uUUCYmcnLlfc5h188Dmz60Y0c0I3gfnRNqMdY%2Fl3Py%2FYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612b818b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/Ck/Eq.jpg | 104.21.69.189 | 200 OK | 100 kB |
URL GET HTTP/269lesbi.com/thumbs/AA/Ck/Eq.jpg IP104.21.69.189:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69lesbi.com Fingerprint70:D0:18:CC:FB:44:C9:FE:2B:84:AD:CF:C5:A2:90:24:B3:1C:3D:B2 ValiditySun, 10 Mar 2024 17:19:39 GMT - Sat, 08 Jun 2024 17:19:38 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash69d0525e6dd318fe570789cfa472f47a c1cfac11abd2323b55572976595a72eb1f04404a e8f24b71194ffc78fbc6af434afaaef305f23648485b8a6e07454c00f56ff60a
GET /thumbs/AA/Ck/Eq.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 99920
last-modified: Wed, 01 Nov 2023 10:05:19 GMT
etag: "654222df-18650"
expires: Thu, 30 May 2024 20:11:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540313
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuRKHFmQGrI5RHHLhbru3Ij0hNGQKQ%2BHz6%2BNGwitzF491ILL0uobMLlMrzvSKdKVUhXmIKExScQUFxhDnIYHE07Y6D2HBe9f2OgQm7H6hxHbNr%2FmMkuu6bjMxzN5QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612cc3d56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| happy-granny.com/thumbs/AA/Tk/c0.jpg | 188.114.97.1 | 200 OK | 99 kB |
URL GET HTTP/2happy-granny.com/thumbs/AA/Tk/c0.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthappy-granny.com Fingerprint20:1E:A8:F5:1D:E7:E4:0D:AE:D2:C4:CF:B8:6C:B0:F1:83:C4:4E:D5 ValiditySun, 31 Mar 2024 12:31:02 GMT - Sat, 29 Jun 2024 12:31:01 GMT
File typeJPEG image data, baseline, precision 8, 1200x676, components 3 Hashbe24d1947adbaf7a428e41b9606fd6e5 dbc807932e706c48103ff0660b00b2fc3263b4ec 8d02996a4d94705925063fb01c190be9eab75dacb3a6f70c56983ac7d5055dae
GET /thumbs/AA/Tk/c0.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 98755
last-modified: Tue, 30 Jan 2024 14:40:14 GMT
etag: "65b90a4e-181c3"
expires: Thu, 30 May 2024 20:11:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540314
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoC68HKJV8Bw1Qcz0oMui7MNaRj8AImML14zsjNyiWQPK3gLBecHgf3A98BjTjEEZEPqQF5E5UnRRvNe9wFkvf5gat%2BKcZAiBO5B9VhAjFqoRnw63D2yDzVGPfX%2B27te8QIm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612cc6a0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| z-gay.com/thumbs/AA/Yx/31.jpg | 104.21.72.129 | 200 OK | 15 kB |
URL GET HTTP/2z-gay.com/thumbs/AA/Yx/31.jpg IP104.21.72.129:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectz-gay.com Fingerprint21:C3:26:D0:D3:95:70:79:33:64:5A:99:F5:6F:63:BE:8E:88:8E:80 ValiditySun, 14 Apr 2024 05:45:42 GMT - Sat, 13 Jul 2024 05:45:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x240, components 3 Hashe8fbcf66ee99f8880d8b95e1ffe74fce 921117e323a3bfbd1bd7948ff5d9f45439ac4a93 b5a415604e6cdb22a5d07690b2aaa858985457f6a118d397fbe515154dd67500
GET /thumbs/AA/Yx/31.jpg HTTP/1.1
Host: z-gay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 14795
last-modified: Thu, 08 Feb 2024 08:16:13 GMT
etag: "65c48dcd-39cb"
expires: Thu, 30 May 2024 17:44:01 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 549179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFuj3VaeMy9IAkgVkfCR3fOlZvExxyLF%2BCF8wsWNyU00oDnVLiXPACxvCPE3olcQP5usL0yeHql4epI0RlOWWTDICcFvOrVQ%2BWReeEcXElnclQRGXvuySMH20C4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612cffb1bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| happy-granny.com/thumbs/AA/oO/af.jpg | 188.114.97.1 | 200 OK | 93 kB |
URL GET HTTP/2happy-granny.com/thumbs/AA/oO/af.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthappy-granny.com Fingerprint20:1E:A8:F5:1D:E7:E4:0D:AE:D2:C4:CF:B8:6C:B0:F1:83:C4:4E:D5 ValiditySun, 31 Mar 2024 12:31:02 GMT - Sat, 29 Jun 2024 12:31:01 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash64a7d17d14312430c8443024b091733b 1932f426c0181f4055bc4875a132beebfa3b01d5 5aae9b5815458acc2d7badd63d3353dc9ea12a9c076909e40de614131e6e0a18
GET /thumbs/AA/oO/af.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 92744
last-modified: Fri, 27 Oct 2023 14:47:22 GMT
etag: "653bcd7a-16a48"
expires: Thu, 30 May 2024 20:11:43 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKu8toYNChgdY3VvCwF863qHucViQG4xXOpDs3p%2BEFIgokSp2%2Flv1G3Q2A7fDn9lFmCRtYCrRV4ELecr3FZ57BK7e1LzPCLXWIFNetIYnMBzFz%2FbH6q%2BmK%2FGdbQ1OKXLbE2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612fc750b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/1u/zp.jpg | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/2gftranny.com/thumbs/AA/1u/zp.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectgftranny.com Fingerprint60:95:A5:DF:04:C0:8E:A6:02:D4:1E:D6:FC:05:59:09:04:4B:2F:92 ValiditySun, 10 Mar 2024 12:05:15 GMT - Sat, 08 Jun 2024 12:05:14 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash9e33c9c0a5f7224720c1f5991d006b32 371ebc9f3d6b1636119b9820d5a4a5604132f63f 4b3e1b1a2d400081915796037dc76718796b1195810f10da1ee5fa57be89de72
GET /thumbs/AA/1u/zp.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 14796
last-modified: Sun, 11 Feb 2024 06:58:44 GMT
etag: "65c87024-39cc"
expires: Thu, 30 May 2024 16:17:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUDTyfYujOzZYVm7OXepcObcpJYEeEYzVLktHGrnBaC1R%2BkCI8SdBqnzSswFGG1%2FTOdpZcsSmkURVMNBtZG3b4Hvn6L4fHLr5ANh%2BaToxT1E3UsXhTNWmDhvz65VN5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130da7b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/a7/GN.jpg | 188.114.96.1 | 200 OK | 284 kB |
URL GET HTTP/2interracial69.com/thumbs/AA/a7/GN.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectinterracial69.com FingerprintDD:FC:81:F0:71:82:92:28:46:22:7A:1C:70:F0:13:FF:44:1A:0E:A8 ValiditySun, 10 Mar 2024 13:37:49 GMT - Sat, 08 Jun 2024 13:37:48 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size284 kB (284191 bytes) Hash7b6cf457a0539a67e4de8bfcda6c4305 c8b3d416e8dc2f4c77e42038b23557074a288427 8c58afd442e620da8d2456d9127e7607a2e6247a822dda083b4f099b0f213a0f
GET /thumbs/AA/a7/GN.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 284191
last-modified: Tue, 12 Dec 2023 18:22:04 GMT
etag: "6578a4cc-4561f"
expires: Thu, 06 Jun 2024 00:25:07 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 6713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjLX%2BMb7sinMBuTVjiAFtz78G%2FGRX5Ov8Qujhu%2BoX8Tiq7IotpEUtyH6SuYR%2Fc%2FROYCWysbeSTRTpvRDwgauqrFLO8z8uAbi8h%2BWKBgDiF0fLtILWGH8hxMTmIu9rhxab37UfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130bfb0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| z-gay.com/thumbs/AA/Wz/4o.jpg | 104.21.72.129 | 200 OK | 11 kB |
URL GET HTTP/2z-gay.com/thumbs/AA/Wz/4o.jpg IP104.21.72.129:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectz-gay.com Fingerprint21:C3:26:D0:D3:95:70:79:33:64:5A:99:F5:6F:63:BE:8E:88:8E:80 ValiditySun, 14 Apr 2024 05:45:42 GMT - Sat, 13 Jul 2024 05:45:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash2aa11bfd8d13d766187877f33d96ce51 f3e5dca2add68bdfb872ab8f3069ec26c225375c 9936caab8b92f891698ceaab3d3fd2eee7d1201b043ce10bb9912fa0791f8be6
GET /thumbs/AA/Wz/4o.jpg HTTP/1.1
Host: z-gay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 10704
last-modified: Thu, 29 Feb 2024 17:53:27 GMT
etag: "65e0c497-29d0"
expires: Thu, 30 May 2024 17:26:43 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550217
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4TZP77zC8a7uWT7dyKSwNs%2BDVi6DlNT9%2BbfeUq3vjxwkEinHp%2B3vxywJS0lUJW1g3Nbnm6nO82xj319MsWfW%2BacJwBwbhQ98KeZpL6OLf0lrBqNSpE5G5xDGEgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb61308141bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/37/Dh.jpg | 188.114.96.1 | 200 OK | 39 kB |
URL GET HTTP/3hadesex.com/thumbs/AA/37/Dh.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash0ad5c3ad468756170049adf02f922b3c efeeaca312c786d76b639407bd2870c15862b1f3 fb5039c5195a6cb3de588624113dbaca3b01b010cedf7c45598c5e3868b44e52
GET /thumbs/AA/37/Dh.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 38919
last-modified: Fri, 12 Apr 2024 10:25:24 GMT
etag: "66190c14-9807"
expires: Thu, 06 Jun 2024 00:25:26 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 6694
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnGJix1L91xapvQZprJf7DoMBtijWeOS56bocwJEEX8wtz2E%2BFpgnElpCSCcImiMcx8iuKY4tEwOZMstYrHTQI7koSK6Mz0fAPg2B0VBvnXyRRHjtpXz6%2FunvC7gfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130db1b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jbdsm.com/thumbs/AA/EQ/M7.jpg | 104.21.58.198 | 200 OK | 13 kB |
URL GET HTTP/3jbdsm.com/thumbs/AA/EQ/M7.jpg IP104.21.58.198:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectjbdsm.com Fingerprint2B:BB:8E:8C:56:78:E5:1A:BC:92:22:23:75:89:BE:12:41:04:F2:82 ValiditySun, 17 Mar 2024 12:36:04 GMT - Sat, 15 Jun 2024 12:36:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash15d40f65613687e9c8470d11dea785c4 f6385b7a5bf5cc4cf1cc944718e62624b331645e 98e3a2ebcfd9461493740b69eeb3a7cfdd64f234559f8afaa4338113c57ffefa
GET /thumbs/AA/EQ/M7.jpg HTTP/1.1
Host: jbdsm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 13186
last-modified: Fri, 02 Feb 2024 15:06:42 GMT
etag: "65bd0502-3382"
expires: Sun, 02 Jun 2024 00:25:03 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 352317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2SJmJNbfSaWS%2FtuQ0BdAjx0AmE3RLI8qAmyOPOtL5o8k8Cm%2Fxn0T%2Bwue163UxeLjkNILZ6EIRhHvqgGgOnhd%2FBYv2zL9qLPLBo84yNQRBCxrN8mY8hbLcIJ8Tk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612abf856c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jbdsm.com/thumbs/AA/au/5w.jpg | 104.21.58.198 | 200 OK | 18 kB |
URL GET HTTP/3jbdsm.com/thumbs/AA/au/5w.jpg IP104.21.58.198:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectjbdsm.com Fingerprint2B:BB:8E:8C:56:78:E5:1A:BC:92:22:23:75:89:BE:12:41:04:F2:82 ValiditySun, 17 Mar 2024 12:36:04 GMT - Sat, 15 Jun 2024 12:36:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash86cef457d12d674fd3cc196d60dd804a 418ead1aacc3cafab8d97505cf10f8e967e5ab1a b61819f6589e4fcd18a74e4d3355a5fb58a5743e44290a7bcc189214497bd92d
GET /thumbs/AA/au/5w.jpg HTTP/1.1
Host: jbdsm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 18323
last-modified: Sat, 26 Aug 2023 20:30:32 GMT
etag: "64ea60e8-4793"
expires: Wed, 05 Jun 2024 12:25:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 49909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOkvfTlzQkLJUk5D%2B1fAb0isLbijuk2RlgpEIG4oDC8TGHV7jX47fZywCoubTsGOFvLkpBwCqLpKLAKPaJpy2XAeZUuoWcpgcbtrBaSKHjdbxBMDn8gp0OVj5ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6133c3656c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hadesex.com/thumbs/AA/Dd/SX.jpg | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3hadesex.com/thumbs/AA/Dd/SX.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hashdd6025fd9dd8b865e15310b5676f0877 0ade6881f851c5c86e6ec0f53fdc7f3fa2e7fd9c 641c9783645b7fe28624223f3ca9c1d7716dd189e4b7d8a9d8cdf0dd7d5c81c8
GET /thumbs/AA/Dd/SX.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 37201
last-modified: Mon, 29 Apr 2024 17:08:32 GMT
etag: "662fd410-9151"
expires: Thu, 30 May 2024 16:47:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 552545
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRmfh12WrU5eOIKDUaCOmo80%2F8slqjAZA9TsvbI0gBeQ0EchgyqNTDa%2B5ExcWTVG4dy76on3MgyuGBlZOL1%2Ft1e5ebPzU5cdGQdvl9M0kb4Wjrv3M6OqUvOV4Byfmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130db0b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lovefootjob.com/thumbs/AA/9X/4I.jpg | 188.114.96.1 | 200 OK | 25 kB |
URL GET HTTP/3lovefootjob.com/thumbs/AA/9X/4I.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlovefootjob.com Fingerprint6A:CE:FD:27:C8:DA:CF:1B:E2:B4:D3:FB:96:8E:5E:C1:DC:F9:6B:83 ValidityWed, 24 Apr 2024 18:50:36 GMT - Tue, 23 Jul 2024 18:50:35 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3 Hash73f71341cf4be9aa3dceddd02655661d 392820d89ed970a13af645612eb7404f27aa965f 1a865253447a81e92f47a7b26fcfab9162b9d7bfb50f5b4daf5ff16baa7f9840
GET /thumbs/AA/9X/4I.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 25296
last-modified: Wed, 28 Feb 2024 17:02:47 GMT
etag: "65df6737-62d0"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2I3ADUkzadcNt8Woiy1hhjAkIFYOo6HD5cTJ%2BvrhhefuTiGV9UqKRt2PTncfZVhKLpGrh%2BUjI0R%2BZJ74B4vhZOdxeMySPSPJA7%2FYC6G%2FrJ7agTIYQs7Uang4wf5tvwIkr50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130d545688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| femdomqueen.com/thumbs/AA/HB/gz.jpg | 172.67.148.113 | 200 OK | 65 kB |
URL GET HTTP/3femdomqueen.com/thumbs/AA/HB/gz.jpg IP172.67.148.113:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectfemdomqueen.com Fingerprint18:45:B4:39:A3:A7:59:D0:43:E8:17:F2:B4:A5:43:03:6E:42:60:16 ValidityMon, 22 Apr 2024 09:36:30 GMT - Sun, 21 Jul 2024 09:36:29 GMT
File typeJPEG image data, baseline, precision 8, 852x480, components 3 Hashb0a71a8fdcf3a8266f5d1b90026e2d45 3be70d85434ed37f81e4b588cb20521fca55a534 4c5877e3e8b8691addfb7ea3f3367de4d9cdaf930be7402f613b55c064150aa2
GET /thumbs/AA/HB/gz.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 64656
last-modified: Mon, 22 Jan 2024 11:32:05 GMT
etag: "65ae5235-fc90"
expires: Thu, 30 May 2024 20:11:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540315
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktYOqtgFqkatVxrYVvu%2BBMoG9hOCE0DhWiNswyOxdvK8S6Gw8tMd9bO1da%2BcyHqry6gzeui1V%2FMgSzTdLh9iRvQwwAqRl5pyOdQM9cm9GkHklsICFwdbN0hafexSXNIZnvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb61339cab4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 69ebony.com/thumbs/AA/LS/l1.jpg | 188.114.97.1 | 200 OK | 142 kB |
URL GET HTTP/369ebony.com/thumbs/AA/LS/l1.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subject69ebony.com Fingerprint29:61:7B:E4:F9:8C:1A:41:DA:D9:26:37:24:D1:2D:21:AE:7A:0D:3F ValiditySun, 10 Mar 2024 16:12:51 GMT - Sat, 08 Jun 2024 16:12:50 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size142 kB (142026 bytes) Hash8bd462f1b7d7f1c58a5b88ed9d937f4b c4b58e05c4354b077b9214630965950f880707b7 1423a31ba5234ca27d32e50f74fb92b8568b80a307d46a6b07253054108e5bbd
GET /thumbs/AA/LS/l1.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 142026
last-modified: Wed, 28 Feb 2024 16:33:46 GMT
etag: "65df606a-22aca"
expires: Thu, 30 May 2024 16:18:03 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554337
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVThb9lkpvcSQOD80ZA3a5XWzNl%2FWcCDFb2Yi3u2cEWyFevsDbmWeKmkuiP30%2FGRWKmwSbprVvKw%2BPbt%2F%2BMMOSviCsbc5IVAv9KgjIn4rJ4%2BS4MpEyv7XwHVAUW7ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612fd3556b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| voyeurix.com/thumbs/AA/eg/ZQ.jpg | 172.67.223.1 | 200 OK | 111 kB |
URL GET HTTP/3voyeurix.com/thumbs/AA/eg/ZQ.jpg IP172.67.223.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectvoyeurix.com Fingerprint7E:24:A8:31:90:36:2C:3F:6E:51:A5:42:E9:5A:22:D1:06:E6:EE:C8 ValidityMon, 22 Apr 2024 10:24:14 GMT - Sun, 21 Jul 2024 10:24:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3 Size111 kB (111049 bytes) Hashe2fd5e2818c64e8657cd9f8bcc57e291 b71449ff020d0885443d60a6eafb4caeab94ab86 8e6e83aef1b8a5f035580bb4b3a651c708559bd575d2f73cc3a088fce95b997d
GET /thumbs/AA/eg/ZQ.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 111049
last-modified: Wed, 28 Feb 2024 15:48:32 GMT
etag: "65df55d0-1b1c9"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHW7CRFmMxf17R%2BEAx1KeBOWP%2FRKlcAnmrHBsJ4NlK%2FH41ldo6orIMFSmJ%2F5zBUseMSbVKzkjpBlOyu6PZM2q%2BvJOOhcvgu8HeSGVUETRJ385i%2Fl0025VQXtmgjWHtM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb61308275694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| handjobxxx.com/thumbs/AA/84/fw.jpg | 172.67.207.38 | 200 OK | 76 kB |
URL GET HTTP/3handjobxxx.com/thumbs/AA/84/fw.jpg IP172.67.207.38:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthandjobxxx.com FingerprintA0:93:30:B2:D9:96:39:C3:D4:47:03:A0:33:52:5F:7F:A8:9A:0C:D3 ValiditySun, 10 Mar 2024 15:51:35 GMT - Sat, 08 Jun 2024 15:51:34 GMT
File typeJPEG image data, baseline, precision 8, 852x480, components 3 Hashe24333147cb38228cc92097285e442b1 69c32adccddedfbe5652705090a911ac15e09538 9faedf01a7863fe21a3b95bde2ce2e73ef8db6c13d48cbeb6a6b426fa95bf93b
GET /thumbs/AA/84/fw.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 76159
last-modified: Mon, 18 Mar 2024 17:58:16 GMT
etag: "65f880b8-1297f"
expires: Thu, 30 May 2024 17:26:34 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOMQHyLIFKUBlY3QUGmKA0KXVePyHwoOAvJg1%2BayZWtvVZReXwQ2ULiI69FE2dmwAOPzmig1lTo%2FJSAJ9%2BjYBEHCqOqEB9SW%2BzKu1kkUWyRbtqbp2aBJ5gLdxcNdZ9%2F0pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130b01b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| javsecrets.com/thumbs/AA/f3/w4.jpg | 104.21.63.231 | 200 OK | 82 kB |
URL GET HTTP/3javsecrets.com/thumbs/AA/f3/w4.jpg IP104.21.63.231:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectjavsecrets.com FingerprintFE:9D:63:71:A7:6A:42:40:5D:EA:08:5C:AC:B3:0A:04:A6:42:F5:21 ValiditySun, 31 Mar 2024 20:26:38 GMT - Sat, 29 Jun 2024 20:26:37 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashb771239947f4ed51078bf35ff3a37588 7abcc63a2faee3cc504748a29696e96e507b14b7 06df762347ed5bfc5e388d8ef840524df1606c43dc90e02c51afc00302dc3124
GET /thumbs/AA/f3/w4.jpg HTTP/1.1
Host: javsecrets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 81592
last-modified: Fri, 02 Feb 2024 10:08:43 GMT
etag: "65bcbf2b-13eb8"
expires: Mon, 03 Jun 2024 12:25:06 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 222714
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0PH448nqAoWv%2F3E%2BhglRoOLSvn1Js%2Fm7b2tdNFLJwuueJV39%2BJvu09PTp6PaYMXLFyiuT4%2F%2BR7On512Dl%2FP5vRtKviYFQGCJbJdILZN0kGcgqhK0dqSvZxsb2C5UiXp0ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612e8975697-OSL
alt-svc: h3=":443"; ma=86400
|
|
| javsecrets.com/thumbs/AA/Ba/8e.jpg | 104.21.63.231 | 200 OK | 12 kB |
URL GET HTTP/3javsecrets.com/thumbs/AA/Ba/8e.jpg IP104.21.63.231:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectjavsecrets.com FingerprintFE:9D:63:71:A7:6A:42:40:5D:EA:08:5C:AC:B3:0A:04:A6:42:F5:21 ValiditySun, 31 Mar 2024 20:26:38 GMT - Sat, 29 Jun 2024 20:26:37 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 244x180, components 3 Hashe51c90807001463b0e59b1e18077025f ef19aa016744951ea5575307154d280c1f010f82 87d5b3bbe857baf6850c6ed1ecf007fcd7d3cba3a6c6cd09981f27b7f43c4568
GET /thumbs/AA/Ba/8e.jpg HTTP/1.1
Host: javsecrets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 11729
last-modified: Fri, 03 May 2024 03:58:00 GMT
etag: "663460c8-2dd1"
expires: Sun, 02 Jun 2024 12:25:29 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 309091
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeblCl48vlhHGvoHHjkPxlzoKAwyD5J2vxFh%2Fpuj9v5Wi8lpmx2%2BJx7rWwu%2FcweGRrSX3NmcifhVYzQPKy5Lxo3MZogdQfZYo59T1X5YvmocHs8e1tZZpUCKiuAo0v2Jrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb61338b15697-OSL
alt-svc: h3=":443"; ma=86400
|
|
| voyeurix.com/thumbs/AA/oP/Fv.jpg | 172.67.223.1 | 200 OK | 91 kB |
URL GET HTTP/3voyeurix.com/thumbs/AA/oP/Fv.jpg IP172.67.223.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectvoyeurix.com Fingerprint7E:24:A8:31:90:36:2C:3F:6E:51:A5:42:E9:5A:22:D1:06:E6:EE:C8 ValidityMon, 22 Apr 2024 10:24:14 GMT - Sun, 21 Jul 2024 10:24:13 GMT
File typeJPEG image data, baseline, precision 8, 1136x640, components 3 Hash2a744953fa262e373cac677aa11772f3 41f702c33fac7f0cfa8c99c9f3509a00e50dd9a3 5a49244caab029409e65c07dd1146dad020c461fb164641c46e59cb99c7549ed
GET /thumbs/AA/oP/Fv.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 90769
last-modified: Tue, 01 Oct 2019 20:28:14 GMT
etag: "5d93b6de-16291"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2U4e7sohayFZkj5%2FA1C28nGh4Y57L4Ze4812xna5UfdGafHkF4dqrYfE3vBmc3AONFyj0kp0ziHB11LuioQLa4nUKRcriG6SB4mDfymeJ4vWL6KGJzUgjvNHwkM0JmM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb61458b55694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.yahoo.com/ | 87.248.119.251 | 307 Temporary Redirect | 0 B |
IP87.248.119.251:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintFB:A0:5A:E1:EC:89:4D:F2:05:92:12:26:0C:97:C8:C6:CF:19:2F:96 ValidityTue, 30 Apr 2024 00:00:00 GMT - Wed, 19 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.bawixi.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Tue, 07 May 2024 02:17:00 GMT
strict-transport-security: max-age=31536000
server: ATS
cache-control: no-store
content-type: text/html; charset=utf-8
content-language: en
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
location: https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=NhNHoyA&done=https%3A%2F%2Fwww.yahoo.com%2F
set-cookie: GUCS=ATYTR6Mg; Max-Age=1800; Domain=.yahoo.com; Path=/; Secure
content-length: 0
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 | 188.114.96.1 | 200 OK | 257 kB |
URL GET HTTP/2topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Size257 kB (257198 bytes) Hash30bd90c3bb7f9136432757f6ef71a8d3 54721d0de9442543af7cfe045bcb3b0bc1836b21 123a50c91bde0c7d3a4d08e9e44f0bc9c940add1e2df835c38d95c1aaf79abae
GET /?source=1952513182&site_id=558728&spot_id=558728 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: fab964e1767a171f9c66e7a715f26e85
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FjBtUNVlt%2FnhPxSgiQCDrEIk2Gwdd%2Ba7wz1arD4DYMHOqG6wawyx%2FEXcoxieMRvgAg27i9q2zEm%2FA9OS2g%2FxEXfsrfxDWAin34ZLO8Wwe9wm8WKFet8gxA45NbFqrXIH25T1xBNYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60b2afab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| topsites.hadesex.com/main.css?v=4.6 | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3topsites.hadesex.com/main.css?v=4.6 IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeassembler source, ASCII text, with very long lines (1663), with CRLF line terminators Hash67a60fc3237cab1af285087013d3dfd7 361611ddf508c4caac1a36ae71b4aa78080421b6 9c2025fe9271763ec886f52dd6c8cff71c8b51c4029b302d7a44d32a4b2e8d09
GET /main.css?v=4.6 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 13:05:54 GMT
vary: Accept-Encoding
etag: W/"66168eb2-cece"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 7eea4ea1eb9f3a7193752d1932635b4a
cf-cache-status: HIT
age: 550224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b975Ue6xrVbL3Nj6PqTBY7gqxMAwEUJZ5TH3W5yW8yHycAUiZFFgvPbyPCtX32NMUsWxlSKmU7Xn31QA%2BgvTj85tE5TP1ZlP3VuL%2BUOIEfeNs1xVHnjofLSflli%2B7mh0BBo94rDAuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60f3c31b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| losanalos.com/thumbs/AA/cv/5m.jpg | 188.114.96.1 | 200 OK | 182 kB |
URL GET HTTP/3losanalos.com/thumbs/AA/cv/5m.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlosanalos.com Fingerprint63:FB:8C:B1:C5:86:06:91:58:F7:EF:08:8E:39:64:F6:03:6F:10:F0 ValiditySun, 10 Mar 2024 17:52:00 GMT - Sat, 08 Jun 2024 17:51:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, baseline, precision 8, 975x548, components 3 Size182 kB (182167 bytes) Hash9e54c84c17ea8c9205d323f46ee0a264 a344973fe4ed63e30f7d4580df06c5e45ec20c51 18482d2fbeb46f5cc2ca72f7b5f645d4170ac4ce5926611e4530ebd43862be83
GET /thumbs/AA/cv/5m.jpg HTTP/1.1
Host: losanalos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 182167
last-modified: Wed, 28 Feb 2024 16:59:21 GMT
etag: "65df6669-2c797"
expires: Thu, 30 May 2024 18:38:13 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545927
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cV1CIwrm%2FbHeueyo1iXda6qpBBeHhaB%2F0ojrytgQ7lqWdjIhO0wzdlMdqsbfV%2BlFHug%2F9nacDD2fDZ5%2FVVlt8tOR10Oz9QZAqdSRDjB8oS4ml8ftX3%2B%2FtLdn3HchJY3g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130d1f5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| losanalos.com/thumbs/AA/uv/eS.jpg | 188.114.96.1 | 200 OK | 48 kB |
URL GET HTTP/3losanalos.com/thumbs/AA/uv/eS.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlosanalos.com Fingerprint63:FB:8C:B1:C5:86:06:91:58:F7:EF:08:8E:39:64:F6:03:6F:10:F0 ValiditySun, 10 Mar 2024 17:52:00 GMT - Sat, 08 Jun 2024 17:51:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 27395x27382, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 1022x576, components 3 Hash59dae67198d1f5c90225f32b9053eff9 e3418b3baf85e60701d4a2be97ad3122395bc564 b6168fe47f08850f4df5fa8833104ae97195d407045ae26c15dd2f27252b4859
GET /thumbs/AA/uv/eS.jpg HTTP/1.1
Host: losanalos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 47509
last-modified: Tue, 14 Nov 2023 08:08:28 GMT
etag: "65532afc-b995"
expires: Thu, 30 May 2024 17:26:44 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550216
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJmBsvin9LS9TFfn25exBXx%2Bpw4XRTcaCpAiyCIoa76O54rbWEL%2FDjpBL6o%2F1zxi%2F9VigxOypUdT1A8AddKJIsd5iXWvUokvgRnOoR4mpOHo3jGXXtTzl4UyxWxtOT8Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb614bdba5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 69ebony.com/thumbs/AA/Ar/tR.jpg | 188.114.97.1 | 200 OK | 94 kB |
URL GET HTTP/369ebony.com/thumbs/AA/Ar/tR.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subject69ebony.com Fingerprint29:61:7B:E4:F9:8C:1A:41:DA:D9:26:37:24:D1:2D:21:AE:7A:0D:3F ValiditySun, 10 Mar 2024 16:12:51 GMT - Sat, 08 Jun 2024 16:12:50 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashcae8a97a867412a5d55f7f67b732bd80 28b84e2dcc964892e1bf3f591419ed9814b6b382 3305ebc505be119c037b4e3c7dd7d928d01ab5125068f66363d3de8683fe6125
GET /thumbs/AA/Ar/tR.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 94022
last-modified: Tue, 19 Mar 2024 17:11:25 GMT
etag: "65f9c73d-16f46"
expires: Thu, 30 May 2024 20:11:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kadPJBoQ%2FThczj85WrozQPdp8B91R05Zd8pVtNIeBePUpoX4B19mpXnCIIGpgRffdZ5%2F2MOu%2ByWsTMBRl6ddmCn9tVYnVoy3lPR610pzH1dk0k%2FfYBOz%2F6%2FPqxMRTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6145da956b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| groupsexxx.com/thumbs/AA/Fp/LQ.jpg | 172.67.188.32 | 200 OK | 299 kB |
URL GET HTTP/3groupsexxx.com/thumbs/AA/Fp/LQ.jpg IP172.67.188.32:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectgroupsexxx.com Fingerprint02:80:EC:5E:33:44:58:6A:36:93:8A:BA:CD:88:F3:A4:E2:A6:EA:7F ValiditySun, 10 Mar 2024 15:56:53 GMT - Sat, 08 Jun 2024 15:56:52 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size299 kB (299241 bytes) Hashbfef495de2a253234039f69a0b5d433a 38a4db2a3d7259b1b068ba8e978acfb29b37f7b0 20decf461c72462f775c094d5ac989a5af760278aa58d70ca76455b59fab5e23
GET /thumbs/AA/Fp/LQ.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 299241
last-modified: Sat, 16 Mar 2024 17:10:03 GMT
etag: "65f5d26b-490e9"
expires: Thu, 30 May 2024 20:11:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540309
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBXOMa%2B03lm8M8%2BsMis%2Bor5m%2FEKQucfOU%2BoC8EWZLK5Uef%2FevrP0YEsom3qhnSIqqMBqyEYZECQdoUosk7u99x%2BHBGAmx4AiWGvblBdFQesjv3dyFYsnVnwnG9eo%2BGCjng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612f85d7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| groupsexxx.com/thumbs/AA/WO/Vg.jpg | 172.67.188.32 | 200 OK | 71 kB |
URL GET HTTP/3groupsexxx.com/thumbs/AA/WO/Vg.jpg IP172.67.188.32:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectgroupsexxx.com Fingerprint02:80:EC:5E:33:44:58:6A:36:93:8A:BA:CD:88:F3:A4:E2:A6:EA:7F ValiditySun, 10 Mar 2024 15:56:53 GMT - Sat, 08 Jun 2024 15:56:52 GMT
File typeJPEG image data, baseline, precision 8, 640x360, components 3 Hash26b0669bfd143b06ca52fef8395d7297 4c75093d0d31d3f4a652bc83fa96c72db291c25b 3536abd5a2397265674692c894ccb9abfc9d4afafecba311e1b926407c466e73
GET /thumbs/AA/WO/Vg.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 71326
last-modified: Wed, 28 Feb 2024 16:26:54 GMT
etag: "65df5ece-1169e"
expires: Thu, 30 May 2024 18:38:33 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545907
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atFQDHY5U3sSHjaZWeRrfCRRNg%2FgmbgBM0kouN%2Fvnbkm%2B%2BuyovLmiIIHfNLEoLth%2BcRbEPAizDCcKY1C%2Ft7WonBsOD9RDVkReTT41KQQYGIuJeGaJ2srWOweckl3RL2Nxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb612f85e7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| handjobxxx.com/thumbs/AA/DV/tg.jpg | 172.67.207.38 | 200 OK | 242 kB |
URL GET HTTP/3handjobxxx.com/thumbs/AA/DV/tg.jpg IP172.67.207.38:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthandjobxxx.com FingerprintA0:93:30:B2:D9:96:39:C3:D4:47:03:A0:33:52:5F:7F:A8:9A:0C:D3 ValiditySun, 10 Mar 2024 15:51:35 GMT - Sat, 08 Jun 2024 15:51:34 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size242 kB (241625 bytes) Hashd9ce36e6df92f87d9cd9b399585defaa 2593a1cc9a2007a41077a8f309c4d66c220d67cb 256280fca2683e52c974419fa4aa3e567d2ef6b9c8a39b34151daa5fb14511d6
GET /thumbs/AA/DV/tg.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 241625
last-modified: Mon, 13 Nov 2023 14:03:18 GMT
etag: "65522ca6-3afd9"
expires: Thu, 30 May 2024 20:12:04 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOvPRjqNeI%2BtimRSLCihs3RGWZeAyd7rc%2BSsvhucW%2Fkf0QAa9gkiQa0vY60xb%2FhrG3OThdlz%2B9BWhTUKD9%2F9pF33tcyjAY%2FQKLZusJVSi4gYD0fHGSfUZFyHB8wVNaMYKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6130b02b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 69indian.com/thumbs/AA/qi/Y4.jpg | 172.67.195.23 | 200 OK | 13 kB |
URL GET HTTP/269indian.com/thumbs/AA/qi/Y4.jpg IP172.67.195.23:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69indian.com Fingerprint02:44:AF:DF:DC:35:9B:8E:2F:BA:31:BF:8A:2B:42:28:10:1D:89:D8 ValiditySun, 31 Mar 2024 19:47:58 GMT - Sat, 29 Jun 2024 19:47:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hashc248d9edb45dbb1c4381336afb3f4e28 f1f4ae609741fbd18830b8fc0398eee29061de85 f7ed439f6f7db4e9c994803eb1ffab8fbeecc833d7418f6a3d8d1ada8c4908ed
GET /thumbs/AA/qi/Y4.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 12930
last-modified: Thu, 25 Apr 2024 11:48:15 GMT
etag: "662a42ff-3282"
expires: Thu, 30 May 2024 20:11:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2iYwA8ThPt0mDs8ODhLugwT5568FXUIE4oBGzUIjBS%2FZo12USMMLd5BgwNbZjm7HqNeI1EyeNUF3zSAuLADfioNH5eeDmj5CAVutQXIUqPJ3iK0pIM3%2Bq4Uy5gded5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb61459a756ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 69indian.com/thumbs/AA/j3/6c.jpg | 172.67.195.23 | 200 OK | 16 kB |
URL GET HTTP/269indian.com/thumbs/AA/j3/6c.jpg IP172.67.195.23:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69indian.com Fingerprint02:44:AF:DF:DC:35:9B:8E:2F:BA:31:BF:8A:2B:42:28:10:1D:89:D8 ValiditySun, 31 Mar 2024 19:47:58 GMT - Sat, 29 Jun 2024 19:47:57 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 280x210, components 3 Hash4871bfb4d87d71443c5ad2d59424adc3 9f9c22bf0398fbe29812edb6676455eb4c069cf0 0ce76de4168d670bb23e432e4b2d4ba21b94645edbdf7345dcf79a33aaef30b5
GET /thumbs/AA/j3/6c.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:01 GMT
content-type: image/jpeg
content-length: 15812
last-modified: Thu, 25 Apr 2024 10:19:41 GMT
etag: "662a2e3d-3dc4"
expires: Thu, 30 May 2024 17:26:39 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oss0JzEaS5ZzIWtcuKxqdlxzeBy%2FkmxczmGPSMr54qxfIc8rWjesCMKnaKH6WgocGK2ht2NkNsPHc6oGa4Tf60PhKvhH9FU7gE%2FcA9SE4FvnQxcBIFOOJ9Ttus2zxXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6156a0e56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| myretrocollection.com/thumbs/AA/xl/sZ.jpg | 188.114.97.1 | 200 OK | 61 kB |
URL GET HTTP/2myretrocollection.com/thumbs/AA/xl/sZ.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmyretrocollection.com FingerprintC1:EB:81:51:C9:EE:A3:94:D8:73:87:A0:C4:3A:69:D8:8A:DD:CB:33 ValiditySun, 10 Mar 2024 08:05:49 GMT - Sat, 08 Jun 2024 08:05:48 GMT
File typeJPEG image data, baseline, precision 8, 640x480, components 3 Hashaef9f3351dd76be26a042267239ac650 a6e5038903c1250b7ba2a3b056d3c0fbcc36e51f cc4b8a6429318d2001f5ff15e7089c2dcef0cc6985d200c8544ddcddc8dd3483
GET /thumbs/AA/xl/sZ.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 61171
last-modified: Sun, 14 Jan 2024 15:43:33 GMT
etag: "65a40125-eef3"
expires: Thu, 30 May 2024 16:17:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 554355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRACJSeYH9jtulfCUjQlaQO47kgFC40EPKXqhccEUu1NP1ixgZ3yLb%2B2GWHyFU9LPF576eDuf%2FqH7fJFe2RuII8879BaL4tJ%2BklGh9ob%2BOQiPXuBm%2Bz5zgqhLNdfr9a9D1Me2q5gLCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6145fab5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gftranny.com/thumbs/AA/0a/OW.jpg | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3gftranny.com/thumbs/AA/0a/OW.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectgftranny.com Fingerprint60:95:A5:DF:04:C0:8E:A6:02:D4:1E:D6:FC:05:59:09:04:4B:2F:92 ValiditySun, 10 Mar 2024 12:05:15 GMT - Sat, 08 Jun 2024 12:05:14 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash7af619c0aba65d6aa2bc617e8792a661 4688bcd7dc099209c2e17ec09a01b475881c4859 10ef14602e54cbad461c81bbd68080c0a614ca18f801954f5fc99fb16c7c9654
GET /thumbs/AA/0a/OW.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:01 GMT
content-type: image/jpeg
content-length: 17070
last-modified: Fri, 15 Mar 2024 14:12:12 GMT
etag: "65f4573c-42ae"
expires: Thu, 30 May 2024 20:11:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540312
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtjUNMMnL5l%2FgGoCY4f%2FUO6CLJlnhCgz933fp15ZtrTf%2BpnVH1aBjSs4QCiGqW3gXMgdLmUHBqBt1w%2BSUSOXDNe4BVBNpc8%2B0ftYOXw%2FpIhuuDFLAPJd7dUwF1leero%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6156bf756ab-OSL
alt-svc: h3=":443"; ma=86400
|
|
| femdomqueen.com/thumbs/AA/vF/22.jpg | 172.67.148.113 | 200 OK | 74 kB |
URL GET HTTP/3femdomqueen.com/thumbs/AA/vF/22.jpg IP172.67.148.113:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectfemdomqueen.com Fingerprint18:45:B4:39:A3:A7:59:D0:43:E8:17:F2:B4:A5:43:03:6E:42:60:16 ValidityMon, 22 Apr 2024 09:36:30 GMT - Sun, 21 Jul 2024 09:36:29 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1280x720, components 3 Hash6c26a7798904e772181a4f83d859ed83 0443b3bcbe9d642adb8caee45d8e013211438dd8 ff3c7358808da522a1f42b64fa27f14eb2b2283a92f2ff6480efacb929a23560
GET /thumbs/AA/vF/22.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 73606
last-modified: Mon, 09 Feb 2015 20:06:20 GMT
etag: "54d9133c-11f86"
expires: Thu, 30 May 2024 18:38:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3HDAtLowRMpbVuePoRGkODztvbCKkD2ldsjcxVfNkr8ej5mWApHIv9y6XizZFx%2F5lftLDBSsqHp3DALGrtHJBx%2FFIAsCYNB3mm9oGDZMAPiyswgapktQUQEEFyD3Jz8KCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb614ba47b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| myretrocollection.com/thumbs/AA/gr/4Y.jpg | 188.114.97.1 | 200 OK | 53 kB |
URL GET HTTP/3myretrocollection.com/thumbs/AA/gr/4Y.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectmyretrocollection.com FingerprintC1:EB:81:51:C9:EE:A3:94:D8:73:87:A0:C4:3A:69:D8:8A:DD:CB:33 ValiditySun, 10 Mar 2024 08:05:49 GMT - Sat, 08 Jun 2024 08:05:48 GMT
File typeJPEG image data, baseline, precision 8, 900x676, components 3 Hashab0f34dd00b7555cfd8fe04d9380acb7 d35314e2c24c150a32d0092bfb5ffeeeeadfcf48 2bd5b536aa27caf7c6d049526b988127488a6c67d8205b3ea965d5a9b9996f1c
GET /thumbs/AA/gr/4Y.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 52991
last-modified: Tue, 30 Jan 2024 16:03:05 GMT
etag: "65b91db9-ceff"
expires: Thu, 30 May 2024 17:26:28 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550232
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xER8TDkqHD%2FyukE7ZBHdYD%2FKFyyQAjhIVfKfcQ%2By7tILO5iuYs3GLCtnPI%2BXGV9%2FEHIEUwCfV5T0t72T%2Byllhkx1%2Bwh6wSXwsJ4ZL3%2FxkIjPwI6Ye%2FuqY9%2Bcxl3GZIUvPYaBPmCd84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb6145fac5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 69lesbi.com/thumbs/AA/n0/m6.jpg | 104.21.69.189 | 200 OK | 49 kB |
URL GET HTTP/269lesbi.com/thumbs/AA/n0/m6.jpg IP104.21.69.189:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subject69lesbi.com Fingerprint70:D0:18:CC:FB:44:C9:FE:2B:84:AD:CF:C5:A2:90:24:B3:1C:3D:B2 ValiditySun, 10 Mar 2024 17:19:39 GMT - Sat, 08 Jun 2024 17:19:38 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3 Hash2bf48be9b4af401bf6150f944d46a6ce 545ced166d8b0c12d92427bf7d2cfe86d5f41e6d 67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e
GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 545920
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cLX4rQPZVtgVHCsTPHuOWVF07qXZnL5eFGOH79N96AfV4PZcxDt9yIt0RC6nP%2FqWIuaQ%2F%2Fhr7KwROQB2ETZ3ztZH4tWJbXWNdH%2F1pPETHOk5SdlNiRMBUU4%2FflTrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb614bd3056b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| interracial69.com/thumbs/AA/df/F_.jpg | 188.114.96.1 | 200 OK | 174 kB |
URL GET HTTP/3interracial69.com/thumbs/AA/df/F_.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectinterracial69.com FingerprintDD:FC:81:F0:71:82:92:28:46:22:7A:1C:70:F0:13:FF:44:1A:0E:A8 ValiditySun, 10 Mar 2024 13:37:49 GMT - Sat, 08 Jun 2024 13:37:48 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size174 kB (174301 bytes) Hash0e2eb4904271c0975d1cc71512a8104c 700fa8b264bddfe438a79d023a7c0670d4a51fef caab98e273b5f0aa00c3b1e8b8ea5816fb5291b5f51dd5a8cc84dee8a1b48271
GET /thumbs/AA/df/F_.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 174301
last-modified: Fri, 01 Mar 2024 03:42:03 GMT
etag: "65e14e8b-2a8dd"
expires: Thu, 30 May 2024 20:11:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540308
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhwmmvtT4pZTvEIha7PPyv1hI8jHiZvtALIljflhH8hGW3lw7aGdOSIfL62fLOxAONnCxrVyI23YzhdhnDtuTIdIhJL1q5hC9KpnpOgvTwqYgq1BR0nQdHOEaS1eo9od9mgDkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb614bc1456be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=941a34cd-4a7d-4476-b6a3-ad4b7ab1f67f | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=941a34cd-4a7d-4476-b6a3-ad4b7ab1f67f IP139.45.195.254:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=941a34cd-4a7d-4476-b6a3-ad4b7ab1f67f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1408
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 07 May 2024 02:17:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| guce.yahoo.com/consent?brandType=nonEu&gcrumb=NhNHoyA&done=https%3A%2F%2Fwww.yahoo.com%2F |  3.250.252.251 | 302 Found | 0 B |
URL GET HTTP/1.1guce.yahoo.com/consent?brandType=nonEu&gcrumb=NhNHoyA&done=https%3A%2F%2Fwww.yahoo.com%2F IP3.250.252.251:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerDigiCert Inc Subjectguce.oath.com Fingerprint2F:DD:80:46:59:94:25:7E:16:92:8A:41:57:EF:0A:73:49:20:DA:A2 ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /consent?brandType=nonEu&gcrumb=NhNHoyA&done=https%3A%2F%2Fwww.yahoo.com%2F HTTP/1.1
Host: guce.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Connection: keep-alive
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_50da362f-b3d5-44c1-92a4-9b10226481d3
Content-Length: 0
Date: Tue, 07 May 2024 02:17:01 GMT
|
|
| consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_50da362f-b3d5-44c1-92a4-9b10226481d3 | 52.214.86.142 | 200 OK | 28 kB |
URL GET HTTP/1.1consent.yahoo.com/v2/collectConsent?sessionId=3_cc-session_50da362f-b3d5-44c1-92a4-9b10226481d3 IP52.214.86.142:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerDigiCert Inc Subjectconsent.oath.com FingerprintD8:8F:D3:53:E7:90:AA:C0:0D:5B:CA:F9:0D:21:AA:2F:10:75:AF:8F ValidityTue, 16 Jan 2024 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (64999) Hasha431393ca472de941fb494b203642c06 184433aa463cfdd80676a139836ae8799b9b6eaf 8ad03d09c51a1501454a40782b2d472e5cd80854495e7ec35890f0bbc069e16c
GET /v2/collectConsent?sessionId=3_cc-session_50da362f-b3d5-44c1-92a4-9b10226481d3 HTTP/1.1
Host: consent.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Encoding: gzip
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Security-Policy-Report-Only: default-src 'none'; block-all-mixed-content; connect-src 'self'; frame-ancestors 'none'; img-src 'self' https://s.yimg.com; media-src 'none'; script-src 'self' 'nonce-irRAmsflS3Spw9LrxcTvGGs8aFLY/+OX' https://s.yimg.com; style-src 'self' 'nonce-irRAmsflS3Spw9LrxcTvGGs8aFLY/+OX' https://s.yimg.com; font-src 'self'; object-src 'none'; frame-src 'none'; report-uri https://csp.yahoo.com/beacon/csp?src=guce
Server: guce
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-Frame-Options: DENY
Referrer-Policy: strict-origin-when-cross-origin
Date: Tue, 07 May 2024 02:17:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
|
|
| csp.yahoo.com/beacon/csp?src=guce | 188.125.72.139 | | 0 B |
URL csp.yahoo.com/beacon/csp?src=guce IP188.125.72.139:0 ASN#34010 Yahoo-UK Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /beacon/csp?src=guce HTTP/1.1
Host: csp.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 733
Origin: https://consent.yahoo.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
content-security-policy-report-only: default-src 'self'; report-uri https://csp.yahoo.com/beacon/csp?src=fendr_csp.yahoo.com
date: Tue, 07 May 2024 02:17:02 GMT
x-envoy-upstream-service-time: 0
server: ATS
age: 0
cache-control: no-store, no-cache, private, max-age=0
expires: -1
X-Firefox-Spdy: h2
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.97.1 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfg3kqtlSAdz1I65LBVM0caCssfUIHsi5NusAAUAAPcoedgnkOn1WyOg314On%2F3w%2By1egbuU5p2D4CgWMuj9SsyAf90qwH%2Bdwe7GBekpA7UagJRDab4rNo5jEEBD%2F7Q9QgCVD5lRsqQd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb5f67c8fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 104.22.70.197 | 200 OK | 429 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (439), with no line terminators Hash874e1638740e061f9fa55eda3180724c 108a7e30fa0f7d50b961845ec970a2745f3c821f d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwC7ZVj81bduW%2BZm5ZBh7AGR8dZVnTZdtYNYY7fKzKdiDwVmbF5XWtJQuUXiYa78ti3XB9qDWxwRtcYw%2B5iqMxuotXBVD1W0n09nZVQoZm5I%2F29BDWyXH%2BxLProWRRIQH0IPgrte"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8be76abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| str34.vidoza.net/i/01/07556/c73tafzdtcis_xt.jpg | 109.202.99.226 | 200 OK | 37 kB |
URL GET HTTP/2str34.vidoza.net/i/01/07556/c73tafzdtcis_xt.jpg IP109.202.99.226:443 ASN#49453 Global Layer B.V.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x283, components 3 Hasha28a2815153de6fada580ecf579fe463 fabbd855fdd6ddb9f46e2f331a9609633d9676dc 5b65a830930992e8866bb97d91e6a89eb12a038b060ca7f066febb7f34c3bbdd
GET /i/01/07556/c73tafzdtcis_xt.jpg HTTP/1.1
Host: str34.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:56 GMT
content-type: image/jpeg
content-length: 36981
last-modified: Sun, 17 Mar 2024 16:22:43 GMT
etag: "65f718d3-9075"
expires: Tue, 21 May 2024 02:16:56 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_ | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/2t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_ IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectyunaga.xyz Fingerprint23:B7:72:6D:6F:C6:6F:96:9E:1F:5C:29:0F:31:FC:36:7F:1E:84:40 ValidityTue, 19 Mar 2024 23:59:20 GMT - Mon, 17 Jun 2024 23:59:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/?spot_id=2561&zone_id=14102_ck_if_ HTTP/1.1
Host: t.yunaga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html
location: https://t.yunaga.xyz/1/?spot_id=5011
set-cookie: _trd_=82d778003444ec; Expires=Wed, 07-May-25 02:16:58 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqt3157949621=1; Expires=Wed, 08-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
_uqp3178561817=1; Expires=Wed, 08-May-24 00:00:00 GMT; Domain=.yunaga.xyz; Path=/; Secure; SameSite=None
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAi8bSxp0M08VwChbtgspbtbVI%2FNF8%2FN7MqtU%2B8vyHbTl%2BQa7nWlooLZtQJ%2FZqkPVbrY5xIU8VALoy5ZYBbclv1rbXu6hvZWchCUFAGqMQadoG27fmboCr0UjG7Gdxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb605ecd7569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2www.videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-29645"
expires: Thu, 06 Jun 2024 02:11:04 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| losanalos.com/thumbs/AA/KR/PB.jpg | 188.114.96.1 | 200 OK | 69 kB |
URL GET HTTP/2losanalos.com/thumbs/AA/KR/PB.jpg IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerLet's Encrypt Subjectlosanalos.com Fingerprint63:FB:8C:B1:C5:86:06:91:58:F7:EF:08:8E:39:64:F6:03:6F:10:F0 ValiditySun, 10 Mar 2024 17:52:00 GMT - Sat, 08 Jun 2024 17:51:59 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hash2ae5884821697f488afe20b5feb06980 7dda52fcb082ea2057857e0fd793983ecda29e9e 4e590207cf84534097d0684685bd07314f223168aba9f8134a1425b35d2be7aa
GET /thumbs/AA/KR/PB.jpg HTTP/1.1
Host: losanalos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 69005
last-modified: Sat, 27 Jan 2024 12:28:23 GMT
etag: "65b4f6e7-10d8d"
expires: Thu, 30 May 2024 20:11:43 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 540316
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLNx94H0rEm2xFW8RY%2BdcM1oSfYb9CeKrZvlwTxCxKG2DteZR6qk%2By0rqkTe9M2U4pYyX9y3o83bZLGCfpTEtWzNbOkcTcbi0kkIKH5kUOnTRCNmfplTufrYwz45fSfN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60baa38b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2www.videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-1183"
expires: Thu, 06 Jun 2024 02:13:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/users/59846?host=www.videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 | 135.181.208.216 | 200 OK | 638 B |
URL GET HTTP/2dog.seetron.net/api/users/59846?host=www.videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (774), with no line terminators Hasha648a3f837536c3b178373490bc64919 5e182169b63e963eff471f0377cec8ec28e1e471 82da5942482ffa772d3fbf8c0e2a6eb7e1079f962ff575a78bafd2662cb794f2
GET /api/users/59846?host=www.videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=120221 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=IRCYSOcX7o0WotfM9uzt; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| disclosestockingsprestigious.com/pixel/sbs?c=1 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disclosestockingsprestigious.com/pixel/sbs?c=1 IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 19 kB |
IP172.67.193.52:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 215
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiTD%2BttKn%2BcFfdffxdcwwLS70BX31ELiQYEjue3YIRgmNY32LyX9UMaGHDkMX5Nt0eVf4XNFkv58chQPz2VM31DbxyquajmKa1nPqmse1525GyIzn280E7SIa3noBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60e98cfb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| captivityhandleicicle.com/pixel/purst?dl=0&th=0&sc=0&rs=2170&rd=2170&fd=679&bv=24.5.6485&tmpl=136 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1captivityhandleicicle.com/pixel/purst?dl=0&th=0&sc=0&rs=2170&rd=2170&fd=679&bv=24.5.6485&tmpl=136 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectcaptivityhandleicicle.com Fingerprint03:7E:2E:B2:58:E8:9E:B9:20:A6:35:45:93:6E:A7:28:4F:7E:D5:C7 ValidityMon, 06 May 2024 12:56:33 GMT - Sun, 04 Aug 2024 12:56:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2170&rd=2170&fd=679&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: captivityhandleicicle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| static.addtoany.com/menu/locale/ru.js | 104.22.70.197 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCGaSgK4l4uuupkt%2Fh48xawn%2FLsP2Oc7FV2rnIbYLl451pxdJ1oMITTRBbvcYnbHpEriv68tYoC1pM1o9lpB%2FEZ9pq%2F%2FeO7UWlZgkAql17yczLWYLrVFfSr7t10H7zZgMjGxgdHMxT1kCepnhNyo7rqx"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22143
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8ae73abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| topsites.hadesex.com/js/utm-datasource.js?v=1.90 | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3topsites.hadesex.com/js/utm-datasource.js?v=1.90 IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJavaScript source, ASCII text, with very long lines (3053), with no line terminators Hash6309a54ad3e3a837ee5097c1f8a4b22e cc7d986e06047f95b2a9bb74353d8aa4af8dc04e 7ca654fdb6620760543d56e9e15a37d160aa47beefe59df41e083dc6f44e0d1a
GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 554357
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdEUDmiYyi0l%2BthfbKBQXNKY1qJOczzL4nzLRyDJVW3o%2FhoOkTOGs0oNGeV2uwjtQMEW6NwQ7Ke1WXvGactdhA4TnBdrQ5JBGUO60%2FHPhZCo5GWe7HoAfeuiYs6PuE6QqhHL0ieFeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60f7c47b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 618 kB |
URL GET HTTP/2www.videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeASCII text, with very long lines (63495) Size618 kB (618399 bytes) Hashffba0e4b3edaa1a4c6bc7ef04bcf0ba9 3507ae56cc30b273cf17d0cf4de234dafa4db0eb 57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-96f9f"
expires: Thu, 06 Jun 2024 02:12:06 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hash24937fd159a21f2e91207d5788e86c70 1b07e0334cc16c5cd659de56314bd2188e3a82f9 b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a
GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:57 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 550201
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZARKfOFSbTOL9z0uGjrmRbBtrTCnthkRUsIGqZoENeNExZx7jNNFWfQQrtpxDi1MfjgR7CKHr386xy1dcBWNEv2zlSDzeBe8EbYf7pKUQxDp6LMhgGk6MHste10Cclm%2FWMaDKIGP%2BX8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60218e956cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/3fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 IP216.58.207.227:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20184, version 1.0 Hashba1468afe6464dd5ba1045e836d0fea6 6416dc6d3ede1919e42601c141e043f7fe9d0b98 da4fd6c8ccb6ff2b84c95606bb983392c766558ef6232e9bf23027d5979618aa
GET /s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://topsites.hadesex.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:56 GMT
expires: Fri, 02 May 2025 02:03:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:41 GMT
content-type: font/woff2
age: 432784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| xcumwebcam.com/thumbs/AA/wX/7x.jpg | 188.114.97.1 | 200 OK | 255 kB |
URL GET HTTP/3xcumwebcam.com/thumbs/AA/wX/7x.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectxcumwebcam.com Fingerprint85:FC:8E:26:56:ED:EC:5F:6C:0C:68:68:3F:1F:05:F1:A1:50:34:A8 ValidityMon, 22 Apr 2024 06:49:07 GMT - Sun, 21 Jul 2024 06:49:06 GMT
File typeJPEG image data, baseline, precision 8, 1708x960, components 3 Size255 kB (254860 bytes) Hashc1754fc20e3e4f19d2d77f0c3905b945 8b8a33a137fb0f35c99e99cbff868bf61ce312ac c5ad5a78ae342e5804b9778a4402619ef6393f2ac98c6e82c4b715be175a4388
GET /thumbs/AA/wX/7x.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 254860
last-modified: Wed, 28 Feb 2024 16:22:22 GMT
etag: "65df5dbe-3e38c"
expires: Thu, 30 May 2024 17:26:35 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3j0G2xrrrOooffM7MFeQkAxRhxvzyw1q8S%2FINM5ttni01HysF5WhhyledUDZ4UFdW7qSvKq0F0cijvZthdA0%2BS8UbY8hRuyUYc0VFosmIlOUUP6qItb0hdreu%2Fx1BAVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb613387ab509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| veepteero.com/?rb=5yyQAmvjhjlpMP6MAg09hE_PdGUJQy57fFuYAkXWbUyfZBJKnLA1mmAIRD42c2KmPL-nQEUIS4UVgluZd7Fubiaf_0Cbsoz7f3Oh2rFZ0-YlXiXOx6ws9jv3QErTG5xZLB54F1PMh8raJfrWzxwPOhnhCFhpboJQlSze8LYqPbUGv2NYoplZkXLxiOon1iFUZGjG8D1yqfSutr2l4Qm7x87xbDwK5hfKzMTXWWzsXL03FtGsHHD6-jRrlcFDm9PBIKR3S9DS8wA%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=7980a5e9-d21a-4bd4-be0f-2d23c9d09dd9&wasm=1&userId=0080553b92224207e797375709a679b7&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2veepteero.com/?rb=5yyQAmvjhjlpMP6MAg09hE_PdGUJQy57fFuYAkXWbUyfZBJKnLA1mmAIRD42c2KmPL-nQEUIS4UVgluZd7Fubiaf_0Cbsoz7f3Oh2rFZ0-YlXiXOx6ws9jv3QErTG5xZLB54F1PMh8raJfrWzxwPOhnhCFhpboJQlSze8LYqPbUGv2NYoplZkXLxiOon1iFUZGjG8D1yqfSutr2l4Qm7x87xbDwK5hfKzMTXWWzsXL03FtGsHHD6-jRrlcFDm9PBIKR3S9DS8wA%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=7980a5e9-d21a-4bd4-be0f-2d23c9d09dd9&wasm=1&userId=0080553b92224207e797375709a679b7&m=link IP139.45.197.242:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2345), with no line terminators Hashebd7d18933a8cc50fb018ba52251593d 2b69034829e03e518437a8752fb03b6483cb48b7 b6195fa611624a27b12b51bb0d766d41e02973450250d50dc62e3b06fce8ed5e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?rb=5yyQAmvjhjlpMP6MAg09hE_PdGUJQy57fFuYAkXWbUyfZBJKnLA1mmAIRD42c2KmPL-nQEUIS4UVgluZd7Fubiaf_0Cbsoz7f3Oh2rFZ0-YlXiXOx6ws9jv3QErTG5xZLB54F1PMh8raJfrWzxwPOhnhCFhpboJQlSze8LYqPbUGv2NYoplZkXLxiOon1iFUZGjG8D1yqfSutr2l4Qm7x87xbDwK5hfKzMTXWWzsXL03FtGsHHD6-jRrlcFDm9PBIKR3S9DS8wA%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=7980a5e9-d21a-4bd4-be0f-2d23c9d09dd9&wasm=1&userId=0080553b92224207e797375709a679b7&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.videzz.net/
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:59 GMT
content-type: application/json
x-trace-id: 8f2e1998369070b14598ffe64635466a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080553b92224207e797375709a679b7; expires=Wed, 07 May 2025 02:16:59 GMT; path=/; secure; SameSite=None
oaidts=1715048219; expires=Wed, 07 May 2025 02:16:59 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 02:16:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| allvideometrika.com/f.php?sid=212515 | 172.67.214.245 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP172.67.214.245:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8FBynJ5pMa3zh3cKPRVMz%2FnR5uvwWJQfN22iYH2iLTzLAUoe1VD7sZIDVxMS7lDwHwCSj9qbNxaKJq3bxBLMkpeT0c2IFF0DgUp%2B%2FLXhfKfLh215I%2BTZmUog4QyijstNHqbN%2FUj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f8ee43b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css | 188.114.97.1 | 200 OK | 3.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3556), with no line terminators Hash5a37dc16b8eecffd5e7e805fee49218c 4187086691ead46033b8f2e76c4efdb611137949 436f451c35127aa88f59b29f7c8df41b3822dc16ada4d685fbeb537ecbbe914c
GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Shyaa8I2bVn8NhhCYemVVEknEOZpvzuY1XC9aOaDCX5ho8CpX%2Bon9zulmq8bYkneccxrjjeaUiWOkbawDXk3wRSnSQtq%2FVz6kehq%2Bm58jNL5JVQ540lfhKydGnjDWziK6y6tCwzZDNV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb601c8d256cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/api/settings/59846 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2dog.seetron.net/api/settings/59846 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59846 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.videzz.net/
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js | 188.114.97.1 | 200 OK | 9.5 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js IP188.114.97.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeUnicode text, UTF-8 text, with very long lines (8821), with no line terminators Hashd0707ac5d95047febbb8f131cc7a9af4 65021f149e99900eeaf7d298d2303160872b43f3 3e2e7ab351d401339df520fbd7ce4f177643dca01cad22bf59dd4b3e14853810
GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9n3DieddTA8JTK1pq8CE5%2BpxAUAfM3H5m1IbJ5lm6czbqcvdoN15a90Irm3cDjwhGvfg4NRqoFLUm4pmdPKxeivJU0SB9LdgY2bQg%2BC1IIUQ8MwC9FOeAO%2FQtz6QAAmLJ7dS2CNX%2Bur"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb601c8d756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70102?s1=120221&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70102?s1=120221&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70102?s1=120221&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&sid=17805d7e-61a1-4394-ae34-8eae32d24aee HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.videzz.net/
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:55 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=inVtsK2JpUqQW268gkbM; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| t.bawixi.xyz/1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorsgq2dqnzwgu4te7l4pr6hwitsei5dcnzwgm2dmnzzgiysyituei5dcnzrguydiobsge3syittei5ceit5&mode=2 | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/3t.bawixi.xyz/1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorsgq2dqnzwgu4te7l4pr6hwitsei5dcnzwgm2dmnzzgiysyituei5dcnzrguydiobsge3syittei5ceit5&mode=2 IP188.114.96.1:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbawixi.xyz FingerprintAF:9E:B4:BC:30:9E:5D:F1:48:C5:77:67:A5:95:F2:70:E6:E5:A8:91 ValidityThu, 14 Mar 2024 01:23:09 GMT - Wed, 12 Jun 2024 01:23:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/?zid=9776&key2=431721333&c=pmrgszbchirg2irmejuceorsgq2dqnzwgu4te7l4pr6hwitsei5dcnzwgm2dmnzzgiysyituei5dcnzrguydiobsge3syittei5ceit5&mode=2 HTTP/1.1
Host: t.bawixi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://t.bawixi.xyz/1/?zid=9776
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html
location: https://t.yunaga.xyz/1/?spot_id=2561&zone_id=14102_ck_if_
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tH40fjDqkMRPTuqlvuBmRhNOB37HPsNs7iW%2F%2B3Mg5F4AtmJFhWAbueu9Cle%2Bz%2B62maw4N09zbsCAJ0MUZRlogdH5YLJ67QMm90CDG56nnbHl8518LjQBgIPvVnOP4PQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb604fb125697-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 | 139.45.197.236 | 200 OK | 94 kB |
URL GET HTTP/2cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 IP139.45.197.236:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash942b7c123bf98818807589fcffb46a27 bd2018ebaca460daf2128c931d97fd715bb9f0ea 35a9efda1bc8305962674f3bea920327666b6283feeabafd0322d90931647d30
GET /apu.php?zoneid=5902452&var=5708419 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:17:00 GMT
content-type: application/javascript
x-trace-id: 350e50536ffd86ea0055d2796f6b7218
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00805507e78a40afe1349da244e8b50a; expires=Wed, 07 May 2025 02:17:00 GMT; path=/; secure; SameSite=None
oaidts=1715048220; expires=Wed, 07 May 2025 02:17:00 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| www.videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2www.videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /js/jquery.min.js HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1762a"
expires: Thu, 06 Jun 2024 02:10:51 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2www.videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
GET /favicon.ico?v=2 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1; file_id=37784741; aff=120221; _ga_HEX1BG8H46=GS1.1.1715048216.1.0.1715048217.59.0.0; _ga=GA1.1.1706841748.1715048217; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3f5271ee-0a34-4a50-bde1-cf51f32b6171%3A3%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=disclosestockingsprestigious.com; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:57 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:37 GMT
vary: Accept-Encoding
etag: W/"662ca99d-47e"
expires: Thu, 06 Jun 2024 02:09:29 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182 | 109.206.175.85 | 200 OK | 5.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182 IP109.206.175.85:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5565), with no line terminators Hasha18bc7768222cb1f76ae5bb9c3580ff5 0e0881c0a9b97612a5aff67cd85ac42fc1b3489b ecfdb09b230aabfe691fa772dfeaa7d4335e3bbecc9aa31413e46f9c0abaf48d
GET /in/p/?spot_id=558728&cat=25&sub_id=1952513182 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: 1095.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Wed, 08 May 2024 02:16:58 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/104 | 139.45.197.242 | 200 OK | 3.0 kB |
IP139.45.197.242:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3234), with no line terminators Hash031b081b435fdde9a833176d61dfba1f 7c00c07dec6226cb93e2dba3b680dfbe8256f16f a5e671eb6e9b250a2536cd4c7b756c105aac9e9d63f64d6db9206e2fb7a1abb3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.videzz.net/
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:58 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYfmtphv0GXQTBzda9s3Uf4jxqwflK8LB%2FcXDE%2FaEQODMdIDFrSsHGF0a7%2B29hYftHYLy%2B2mS9RYzHWn2CaOeBOJzGLp6g2zWZIdIh3oei48KGXnVifv3WMgCpUxSskcj8Rog6MJLbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f60d1cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=3f5271ee-0a34-4a50-bde1-cf51f32b6171&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=3f5271ee-0a34-4a50-bde1-cf51f32b6171&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=3f5271ee-0a34-4a50-bde1-cf51f32b6171&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f215a704fd6b469501686f452cf89de1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 42 kB |
URL GET HTTP/2www.videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:37 GMT
vary: Accept-Encoding
etag: W/"662ca99d-a554"
expires: Thu, 06 Jun 2024 02:15:57 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| md-static.com/js/jquery-ui.min.js | 188.114.97.1 | 200 OK | 32 kB |
URL GET HTTP/3md-static.com/js/jquery-ui.min.js IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectmd-static.com Fingerprint78:3D:4B:7D:5D:B4:38:28:82:3D:3E:65:79:F4:48:9E:D3:A5:91:60 ValiditySun, 05 May 2024 15:59:00 GMT - Sat, 03 Aug 2024 15:58:59 GMT
File typeJavaScript source, ASCII text, with very long lines (31633) Hashce52e5e873202628cae33ba148e4f198 8995d56f8b3fe8e60d8256519ec040ae53262262 ad16e754fd1f9c9733ca0324c2d5923a3c76ad4682270d31958d0c1e2b2cb3ed
GET /js/jquery-ui.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 13:07:13 GMT
vary: Accept-Encoding
etag: W/"600d7101-7c7b"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 545920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04hT9IgMWulnEGQlL4L7XDpb6NdgM0hDlKu52u8oFch3jUm9si4sYLr4yC96YuwS7BO1tkM%2B5eO1kO%2FBOcmeqjku9ylj5vCdoxUc3RwbRWE%2F87%2FVwXfTycH5BAbeYcIF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb60f7c255688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xcumwebcam.com/thumbs/AA/Mm/Yz.jpg | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3xcumwebcam.com/thumbs/AA/Mm/Yz.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectxcumwebcam.com Fingerprint85:FC:8E:26:56:ED:EC:5F:6C:0C:68:68:3F:1F:05:F1:A1:50:34:A8 ValidityMon, 22 Apr 2024 06:49:07 GMT - Sun, 21 Jul 2024 06:49:06 GMT
File typeJPEG image data, baseline, precision 8, 556x416, components 3 Hashda9bdad3297f6899f80316649bde16bc 8f79e67e71075a29430032152a54b9d9a09e1769 8763f849a8521a373cf9cc832a768f25f75fdacd6571b00ff8a861919bd1d703
GET /thumbs/AA/Mm/Yz.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:17:00 GMT
content-type: image/jpeg
content-length: 28113
last-modified: Wed, 14 Nov 2018 23:07:42 GMT
etag: "5becaabe-6dd1"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVwMHqzfFNCXx9mqUU1zxQM2Y1rDbKHAfpSQJJkZZ63wCAQKNu0z9SPfQW9Xq07vRxWjTgrOkwG1bs%2B3I45T%2BU9l8d2UrTZFll9BG7ZjtT3ZaymJMik8%2BXvdawUTS9rxuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb614597db509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.11.207:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:55 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 554309
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f06b16b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| str34.vidoza.net/nvl4c7r3p4feieno3urqncpzhs3fxq47b4y23zbqv4r5n44j64ce32x3ooza/v.mp4 | 109.202.99.226 | 206 Partial Content | 197 kB |
URL GET HTTP/2str34.vidoza.net/nvl4c7r3p4feieno3urqncpzhs3fxq47b4y23zbqv4r5n44j64ce32x3ooza/v.mp4 IP109.202.99.226:443 ASN#49453 Global Layer B.V.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size197 kB (196572 bytes) Hashbe7af7ebbed80c95eacdee849ba432f8 526238b2879c4d2a331bd8ba9e2a0e1dfbf4fd85 7906b222f14d348f162b5720a04d1cb4f0afcbd88486a801142da65287a72f7a
GET /nvl4c7r3p4feieno3urqncpzhs3fxq47b4y23zbqv4r5n44j64ce32x3ooza/v.mp4 HTTP/1.1
Host: str34.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:56 GMT
content-type: video/mp4
content-length: 377661755
last-modified: Sun, 17 Mar 2024 16:22:39 GMT
etag: "65f718cf-1682a93b"
content-range: bytes 0-377661754/377661755
X-Firefox-Spdy: h2
|
|
| www.videzz.net/embed-c73tafzdtcis.html | 78.142.18.54 | 200 OK | 32 kB |
URL User Request GET HTTP/2www.videzz.net/embed-c73tafzdtcis.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeHTML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators Hash62138d29d3ce78facb64063611449579 debd4b004d2bc3140af699dda6a0c5a8b73dbd31 d47bc6f44350e360dde8b2330a1299a45a89bbef7102c3b52a9e336e8ec13e4b
GET /embed-c73tafzdtcis.html HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Mon, 06 May 2024 02:16:54 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Mon, 08-May-2023 02:16:54 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 104.22.70.197 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbL9ayIC0wJGsMLDpw%2FOAMQSShav%2B%2BBzzQZ%2Ft8kBtWZf%2BXXfmXakkIEOV77L3%2FOVPwnXmza%2BNS6CBpRVNOP8sho%2BSE%2FhT9gknrde4C%2FsVGy47mX9O4qpTmTtd5%2BKdsXMRTmr7EmI"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8be77abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2www.videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-65a66"
expires: Thu, 06 Jun 2024 02:15:14 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.70.197 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C15IQx5kB%2F%2FsNdCuxZ6K6EU4e5xNJ6K6sVLB3YQmkBPxPFycGbmE4eucVGFTt3dtgTV%2Fvm0CJ4boJK11xq8H3JCO7CzAmcG3NHofKUvsM7oGCKTWsZnZbAyGWvotliZimxIB76O1"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f50d74abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| yahoo.com/ | 74.6.231.21 | 301 Moved Permanently | 0 B |
IP74.6.231.21:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerDigiCert Inc Subjectyahoo.com Fingerprint2C:3D:69:2F:18:D8:60:42:F4:5D:66:B5:11:C1:80:98:ED:45:9E:85 ValidityTue, 20 Feb 2024 00:00:00 GMT - Wed, 14 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.bawixi.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 02:16:59 GMT
strict-transport-security: max-age=31536000
server: ATS
cache-control: no-store, no-cache
content-type: text/html
content-language: en
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
location: https://www.yahoo.com/
content-length: 8
X-Firefox-Spdy: h2
|
|
| www.videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2www.videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-22364"
expires: Thu, 06 Jun 2024 02:10:22 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2www.videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: www.videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/embed-c73tafzdtcis.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-26cb6"
expires: Thu, 06 Jun 2024 02:10:44 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml-click-oax.adstork.com/nrtb/click?bid=MeBBR0i7MlDnb6EHMOwLJmsvhDsDC58YhQMA86_8VT2RTFNYWwaJ-j5oNWaxLr5U_0_42 | 23.226.122.79 | 302 Found | 359 B |
URL GET HTTP/2xml-click-oax.adstork.com/nrtb/click?bid=MeBBR0i7MlDnb6EHMOwLJmsvhDsDC58YhQMA86_8VT2RTFNYWwaJ-j5oNWaxLr5U_0_42 IP23.226.122.79:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.adstork.com Fingerprint90:C7:C6:2C:5F:EF:4A:42:2C:2D:9A:35:14:D4:1B:8B:73:B6:E3:86 ValiditySun, 21 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nrtb/click?bid=MeBBR0i7MlDnb6EHMOwLJmsvhDsDC58YhQMA86_8VT2RTFNYWwaJ-j5oNWaxLr5U_0_42 HTTP/1.1
Host: xml-click-oax.adstork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
content-length: 153
location: https://latest-557263.vgntexr2l.ru/click?node=448&winPrice=0.000199&force=1&winCurrency=USD&id=1715048160000-10430
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=1144409305770136267&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=a0e4d0faae6e1541371b706c55b10cc0&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 35 kB |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=1144409305770136267&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=a0e4d0faae6e1541371b706c55b10cc0&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=1144409305770136267&pid=0&site=558728&sc=NO&usage_type=DCH&subid=1952513182&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=558728&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=a0e4d0faae6e1541371b706c55b10cc0&score=304.3770934150993&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1952513182%26site_id%3D558728%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D558728%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D304.3770934150993%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Tue, 07 May 2024 02:16:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=1952513182&site_id=558728&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=558728&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=304.3770934150993&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/?rb=Hw-0NLTAKEMM3yNsracxevu-MjDf7NO4-_qnrTgi6iDaUp6cnd6t74k2j_MRzoFDSD_yICYjLmpMor5TqElxIKv0Xo_8WdoZcaqNQqVbjLyHsWrEcN8gEklqbyySZHp4tliUVi8kQtFcpT9UF7r96FieGGkq7nm2RP6x_xbTG4vktDgSo6MlV50Q9nCx_7iskNVcABze0u_J5EFIiUeAGiXqXWzuez_3rBniD7fmArANfHAUnWLGfDDwnp51jsQmnUETXctrniUtWwBsknoE8g%3D%3D&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=5f954611-9d36-4c45-a8ea-f8d2b5f6a4a4&userId=0080553b92224207e797375709a679b7&m=link | 139.45.197.236 | 200 OK | 2.4 kB |
URL GET HTTP/2cdn.itskiddien.club/?rb=Hw-0NLTAKEMM3yNsracxevu-MjDf7NO4-_qnrTgi6iDaUp6cnd6t74k2j_MRzoFDSD_yICYjLmpMor5TqElxIKv0Xo_8WdoZcaqNQqVbjLyHsWrEcN8gEklqbyySZHp4tliUVi8kQtFcpT9UF7r96FieGGkq7nm2RP6x_xbTG4vktDgSo6MlV50Q9nCx_7iskNVcABze0u_J5EFIiUeAGiXqXWzuez_3rBniD7fmArANfHAUnWLGfDDwnp51jsQmnUETXctrniUtWwBsknoE8g%3D%3D&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=5f954611-9d36-4c45-a8ea-f8d2b5f6a4a4&userId=0080553b92224207e797375709a679b7&m=link IP139.45.197.236:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2455), with no line terminators Hashcaac0fc4754aaa2804e75a5ccde72860 476b80388310335990adc1d1cd7f42cda9fc0757 3b16b7acc2bd0e06c5a73950c7b581260d13f9f30326f994ed9be30e81093777
GET /?rb=Hw-0NLTAKEMM3yNsracxevu-MjDf7NO4-_qnrTgi6iDaUp6cnd6t74k2j_MRzoFDSD_yICYjLmpMor5TqElxIKv0Xo_8WdoZcaqNQqVbjLyHsWrEcN8gEklqbyySZHp4tliUVi8kQtFcpT9UF7r96FieGGkq7nm2RP6x_xbTG4vktDgSo6MlV50Q9nCx_7iskNVcABze0u_J5EFIiUeAGiXqXWzuez_3rBniD7fmArANfHAUnWLGfDDwnp51jsQmnUETXctrniUtWwBsknoE8g%3D%3D&request_ab2=0&zoneid=5902452&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fwww.videzz.net%2Fembed-c73tafzdtcis.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=5f954611-9d36-4c45-a8ea-f8d2b5f6a4a4&userId=0080553b92224207e797375709a679b7&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.videzz.net/
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=00805507e78a40afe1349da244e8b50a; oaidts=1715048220
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:17:00 GMT
content-type: application/json
x-trace-id: 10fc9c1ff54d1c2a1f210540d622a851
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080553b92224207e797375709a679b7; expires=Wed, 07 May 2025 02:17:00 GMT; path=/; secure; SameSite=None
oaidts=1715048220; expires=Wed, 07 May 2025 02:17:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 02:17:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/js/utm-datasource.js?v=1.90 | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3topsites.hadesex.com/js/utm-datasource.js?v=1.90 IP188.114.96.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJavaScript source, ASCII text, with very long lines (3053), with no line terminators Hash6309a54ad3e3a837ee5097c1f8a4b22e cc7d986e06047f95b2a9bb74353d8aa4af8dc04e 7ca654fdb6620760543d56e9e15a37d160aa47beefe59df41e083dc6f44e0d1a
GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:58 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 554355
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3GGPqR5yWHj80ZII%2FN0uSt6G09PqgJ%2BCzlcwj6TTYGyOPpK2VKtsW%2FuRaep17oExpEwEEN4l1g%2BqSoY73lLSmq9HbP5ur%2B7RqOpxjkuahe%2Fk1LCgfjkV8eYgJe%2BuIUaMtGZ4lj0ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb6089a16b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.70.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 26191
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f50d72abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPNePV2rfbeJ2Ggp09zqLZtkuPI%2B5OZU2wpvWP6HUqdQCCeSt59h4exvYHw07S9cd6lm%2BTEdJ7v59Sh4c36Zf65tX06Hz7hJdWQQn%2BP%2B8GFpWCYNo3JrSVh%2FilEu5ssS9798wpdJ%2Bo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f61d24b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/5708419 | 139.45.197.244 | 200 OK | 91 kB |
IP139.45.197.244:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashec857b033abeefb34b044eefe598fe3e 79ee238bb80dd3e87a8f02892aa122f7e42fbc04 cb4cea6cae4d5ef7f48d0b08fb281903be8bc63895b742b58a382d5fd42b4533
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 02:16:58 GMT
content-type: application/javascript
x-trace-id: d8449d608e066000b0c06439c6248af0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030055de550d42ecec573f4a2852139e; expires=Wed, 07 May 2025 02:16:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| disclosestockingsprestigious.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1disclosestockingsprestigious.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 IP172.240.108.68:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectdisclosestockingsprestigious.com Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6 ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT
Hashc024edec4c79e9e60be7ab31445a513e de095ea204eb72e619c6d466a748b4714842c9c8 6e8e31a207495e2999de90e23190e5cf453ff7342b18cfb6060728e3a0207492
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 02:16:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.videzz.net
Access-Control-Allow-Origin: https://www.videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Wed, 08 May 2024 02:16:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 May 2024 02:16:56 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 May 2024 02:16:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 08 May 2024 02:16:56 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 08 May 2024 02:16:56 GMT; secure; SameSite=None
slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]; expires=Tue, 07 May 2024 02:17:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c9558145af84d3d4e398cc10c6b0fd0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzhczatZrU7PWpmZi3Wl%2B0tgOrFAAiCDGQFkIeottUi7qcvomWWEs%2Bzdu9Ii7JZUbDsSthVPbtAVzBdm4RFaWbOY8h%2FeZH3EYnUT%2BEchAlMc90EYAtD06rgJKzGojGLyxCgT347Cs5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f62d29b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 IP216.58.207.227:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20184, version 1.0 Hashba1468afe6464dd5ba1045e836d0fea6 6416dc6d3ede1919e42601c141e043f7fe9d0b98 da4fd6c8ccb6ff2b84c95606bb983392c766558ef6232e9bf23027d5979618aa
GET /s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://topsites.hadesex.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:56 GMT
expires: Fri, 02 May 2025 02:03:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:41 GMT
content-type: font/woff2
age: 432783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xcumwebcam.com/thumbs/AA/Mm/Yz.jpg | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/2xcumwebcam.com/thumbs/AA/Mm/Yz.jpg IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectxcumwebcam.com Fingerprint85:FC:8E:26:56:ED:EC:5F:6C:0C:68:68:3F:1F:05:F1:A1:50:34:A8 ValidityMon, 22 Apr 2024 06:49:07 GMT - Sun, 21 Jul 2024 06:49:06 GMT
File typeJPEG image data, baseline, precision 8, 556x416, components 3 Hashda9bdad3297f6899f80316649bde16bc 8f79e67e71075a29430032152a54b9d9a09e1769 8763f849a8521a373cf9cc832a768f25f75fdacd6571b00ff8a861919bd1d703
GET /thumbs/AA/Mm/Yz.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: image/jpeg
content-length: 28113
last-modified: Wed, 14 Nov 2018 23:07:42 GMT
etag: "5becaabe-6dd1"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 550223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09q7QUEtVtb1X5OijyXMvV3ZNwFjorT%2B5knfOErYzR%2BTFBRcIIykIvpPgzr%2FTjYeUtXfxFL67fOlfnr3BZPOXjiz9FHdXky9rPK0GIVNG1hxz4X6S4y%2BLUUstX6i74DUNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fdb60def0b56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182 | 109.206.175.85 | 200 OK | 5.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=558728&cat=25&sub_id=1952513182 IP109.206.175.85:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5565), with no line terminators Hasha18bc7768222cb1f76ae5bb9c3580ff5 0e0881c0a9b97612a5aff67cd85ac42fc1b3489b ecfdb09b230aabfe691fa772dfeaa7d4335e3bbecc9aa31413e46f9c0abaf48d
GET /in/p/?spot_id=558728&cat=25&sub_id=1952513182 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:57 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Wed, 08 May 2024 02:16:57 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| md-static.com/js/jquery-ui.min.js | 188.114.97.1 | 200 OK | 32 kB |
URL GET HTTP/2md-static.com/js/jquery-ui.min.js IP188.114.97.1:443
Requested byhttps://topsites.hadesex.com/?source=1952513182&site_id=558728&spot_id=558728 CertificateIssuerGoogle Trust Services LLC Subjectmd-static.com Fingerprint78:3D:4B:7D:5D:B4:38:28:82:3D:3E:65:79:F4:48:9E:D3:A5:91:60 ValiditySun, 05 May 2024 15:59:00 GMT - Sat, 03 Aug 2024 15:58:59 GMT
File typeJavaScript source, ASCII text, with very long lines (31633) Hashce52e5e873202628cae33ba148e4f198 8995d56f8b3fe8e60d8256519ec040ae53262262 ad16e754fd1f9c9733ca0324c2d5923a3c76ad4682270d31958d0c1e2b2cb3ed
GET /js/jquery-ui.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:59 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 13:07:13 GMT
vary: Accept-Encoding
etag: W/"600d7101-7c7b"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 545919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcZBblsc40SqVi5E0Cq%2BjqR7LpqEgsu313qA%2FCUP2y5s7pf2NRl8koRTJ%2FsN4SCsU1vXwJ6ptP8coHuxTilohz967pzf0kfChkUwG2mPg7xuYDmCOC4tBe28rPIQSzWW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb609180d56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 02:16:58 GMT
date: Tue, 07 May 2024 02:16:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| str34.vidoza.net/nvl4c7r3p4feieno3urqncpzhs3fxq47b4y23zbqv4r5n44j64ce32x3ooza/v.mp4 | 0.0.0.0 | | 0 B |
URL GET str34.vidoza.net/nvl4c7r3p4feieno3urqncpzhs3fxq47b4y23zbqv4r5n44j64ce32x3ooza/v.mp4 IP0.0.0.0:0
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4c7r3p4feieno3urqncpzhs3fxq47b4y23zbqv4r5n44j64ce32x3ooza/v.mp4 HTTP/1.1
Host: str34.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Tue, 07 May 2024 02:16:56 GMT
content-type: video/mp4
content-length: 377661755
last-modified: Sun, 17 Mar 2024 16:22:39 GMT
etag: "65f718cf-1682a93b"
content-range: bytes 0-377661754/377661755
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 104.22.70.197 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWZsNxx5LDQ%2FCmyOFsE8E2BnrVsLnneGIQNyd9wW5p4HAuYJk1J8NDKyEOb3GQVsuv1k1liuf%2Bmj3zbtE6j3FHtvw%2FKNdKKDmXgE%2Fq44DiWXRWJOh045rrNs9uLI3BbIrsQ0WiQVSeSa3Tq2fKeyXXzg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9018
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f10ff8abe4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 104.22.70.197 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP104.22.70.197:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xDTJPo9kptrYJ2yslRFpJv0xh2EWcPpyq3SizfO4tjY5TLoLfOjQK5s22%2B%2BiR9qOZis40BSvMtDpTrVRi67m3GsvyDQAViGHdW3Pb6dMe0zTtr%2FsXCCuRbf4JGHGn4ap4VanDqj"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87fdb5f8be7babcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP172.67.205.77:443
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 02:16:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u36fQDq%2FbPtrPuEp0adshh7obeuG8n%2FyiXPMvh55P%2B8hTEGjU3LFcrb80Aprti3QARhn7vR9Ty7FgPoFZFK2g0QQgTNzEBezDbpIysGyuuQ0aSngnWoD3jzwJqFZXCIbuJ6SwY%2BelqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87fdb5f62d27b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://www.videzz.net/embed-c73tafzdtcis.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 02:16:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
0.0.0.0