Report - videzz.net/9rzstwlkppht.html

Report Overview

Submitted URL
videzz.net/9rzstwlkppht.html
IP
78.142.18.54
ASN
#208046 ColocationX Ltd.
Submitted
2024-05-01 21:07:48
Access
public
Website Title
Watch Horny girl leaked video calls (4) mp4
Final URL
videzz.net/9rzstwlkppht.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
allvideometrika.com	unknown	2022-05-16	2022-05-16	2024-04-18	520 B	703 B	172.67.214.245
s.o333o.com	unknown	2015-02-16	2015-03-05	2024-04-30	391 B	2.4 kB	85.10.205.45
vz.7vid.net	unknown	2018-07-27	2022-03-29	2024-03-08	391 B	77 kB	135.181.208.216
donateentrailskindly.com	unknown	unknown	No data	No data	902 B	32 kB	192.243.61.227
tiktokaukey.com	unknown	unknown	No data	No data	1.0 kB	9.6 kB	188.114.96.1
xml.car-bidpush.org	unknown	unknown	No data	No data	534 B	455 B	198.134.116.29
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-01	1.6 kB	862 B	216.239.34.36
trafforsrv.com	101761	2017-12-28	2018-01-12	2024-04-18	596 B	415 B	216.18.168.28
ahimsaslatrate.com	unknown	unknown	No data	No data	532 B	1.2 kB	23.109.170.171
adeumssp.com	unknown	2022-06-08	2022-06-08	2024-01-09	400 B	11 kB	168.119.90.96
cdn.o333o.com	158144	2015-02-16	2015-05-28	2024-03-08	393 B	128 kB	143.204.55.120
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-01	405 B	106 kB	188.114.96.1
bid.bidclickmedia.com	unknown	2022-09-19	2023-03-09	2024-03-08	6.1 kB	154 kB	104.21.37.74
str42.vidoza.net	unknown	2016-11-18	2023-01-25	2023-07-12	1.5 kB	35 kB	109.202.101.220
tfosrv.com	65142	2020-11-17	2020-11-18	2024-03-08	1.3 kB	3.3 kB	216.18.168.29
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-01	1.2 kB	76 kB	142.250.74.74
videzz.net	unknown	2024-02-28	2024-03-04	2024-03-04	12 kB	1.2 MB	78.142.18.54
animewatch.onionlive.workers.dev	unknown	2019-02-08	2023-07-29	2024-03-08	526 B	1.4 kB	104.21.9.35
hoddlegamey.com	unknown	2023-07-20	2023-07-20	2024-04-13	539 B	1.2 kB	23.109.170.115
tgp1.brazzersnetwork.com	143376	2006-12-23	2019-05-08	2024-03-24	906 B	962 kB	66.254.114.234
zv.7vid.net	unknown	2018-07-27	2023-07-29	2024-04-18	591 B	541 B	135.181.208.216
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-01	1.4 kB	1.0 kB	52.57.125.73
disguisedgraceeveryday.com	unknown	unknown	No data	No data	488 B	467 B	192.243.59.12
www.animezeno.sbs	unknown	2022-11-30	2022-12-01	2024-04-18	511 B	1.2 kB	188.114.97.1
s.click.aliexpress.com	23301	2006-04-16	2013-12-16	2024-04-29	1.5 kB	4.5 kB	104.110.21.5
best.aliexpress.com	77042	2006-04-16	2015-08-03	2024-04-30	1.7 kB	4.0 kB	104.110.21.5
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-01	2.5 kB	92 kB	104.17.25.14
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-30	4.5 kB	1.0 MB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-01	1.1 kB	98 kB	216.58.207.227
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-30	1.5 kB	847 B	192.243.59.13
myliveforyoudreder.com	unknown	2023-07-27	2023-07-27	2024-03-20	402 B	2.2 kB	188.114.97.1
bedrapiona.com	34930	unknown	2020-05-08	2024-03-24	514 B	2.2 kB	139.45.197.234
tidyllama.com	unknown	2023-12-12	2023-12-12	2024-04-24	2.7 kB	2.9 kB	178.63.99.108
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2024-03-08	1.7 kB	3.5 kB	174.137.133.17
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-05-01	5.0 kB	52 kB	104.22.71.197
lernodydenknow.info	unknown	2023-12-31	2024-01-24	2024-02-24	533 B	734 B	108.157.229.20
xml.cachegorilla.com	unknown	2021-07-23	2023-11-27	2024-03-08	2.2 kB	632 B	173.239.53.20
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2024-04-20	1.7 kB	1.0 kB	174.137.133.17
intothespirits.com	unknown	2024-02-07	2021-10-22	2024-04-21	2.5 kB	4.6 kB	3.125.239.17
s.pemsrv.com	unknown	2023-08-01	2023-08-04	2024-05-01	1.3 kB	2.5 kB	95.211.229.246
tr.7vid.net	unknown	2018-07-27	2023-12-16	2024-03-08	3.6 kB	172 kB	135.181.208.216
yd.cottoidearldom.com	unknown	unknown	No data	No data	402 B	1.2 kB	23.109.170.34
profitablegatecpm.com	unknown	2024-02-05	2024-02-06	2024-04-18	435 B	17 kB	192.243.61.227
www.google.no	25607	2001-02-26	2016-04-05	2024-05-01	576 B	578 B	142.250.74.163
forza.idescargarapk.com	unknown	2020-07-25	2022-08-27	2024-03-18	788 B	13 kB	188.114.96.1
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-01	999 B	110 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	cottoidearldom.com	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	donateentrailskindly.com	Sinkholed
2024-05-01	medium	donateentrailskindly.com	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	unseenreport.com	Sinkholed
2024-05-01	medium	ahimsaslatrate.com	Sinkholed
2024-05-01	medium	hoddlegamey.com	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	videzz.net	Sinkholed
2024-05-01	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (72)

	URL	Size	First Seen	Last Seen
	videzz.net/9rzstwlkppht.html	162 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:04 Times Seen139 Hash 035c117549bb95ad0992ae461d89e44e 2f45bc18613030f169e7c8ef25553df24e7003b6 0d89ce1d538634aeb6d56fa061bb107311c5daaa1c59aed01cb4e18c48081a96 Loading...

	videzz.net/9rzstwlkppht.html	357 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:04 Times Seen139 Hash 824c86e507e4c27bb34b991feedb5820 06bd36505ef9492db28ebb53c740d5c17d4516b4 0c45ee272e41a3a37bb7d5a0881665e4d54b762e20921cdb145bf5539fe4f551 Loading...

	videzz.net/9rzstwlkppht.html	2.0 kB	2024-05-01	2024-05-01
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 23:07:57 Last Seen2024-05-01 23:07:57 Times Seen1 Hash 658f5a1a751842f06f62ec1b2fdd7aca ce4b504a7e49c6df7b8c2559052560be23b9d431 663d77a13ece5b48d78ddccf975634e03a6cce18401ba768d4968d336827929d Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-15
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-15 21:37:17 Times Seen1419 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	893 B	2024-04-16	2024-05-15
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58:32 Last Seen2024-05-15 17:25:04 Times Seen150 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

	videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	11 kB	2023-03-07	2024-05-15
Pretty URL videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:06 Times Seen73 Hash f2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb Loading...

	videzz.net/9rzstwlkppht.html	475 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:04 Times Seen38 Hash 7019cbe0012d5199f2f496e930f3bf61 5d1696302b432ac66a71a81f8899876ddcd019b8 092b3dfb5e9bb66a05ea11eb25003bc70f3d1ebe6cd384f274e1b17eeb9b4ae7 Loading...

	videzz.net/js/pop.js?v=1.0	35 B	2023-03-07	2024-05-15
Pretty URL videzz.net/js/pop.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-15 17:25:05 Times Seen269 Hash da4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d Loading...

	videzz.net/9rzstwlkppht.html	88 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:04 Times Seen29 Hash 07b30612e7898526d72c8ce77c650c47 d6f554e4eb7ad6deb003a0541c0bbe264563059a 5d764749f6b3215245da9aa4db9e35df149910d9e5d69bbd108ddf7fbe5957df Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-15
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-15 22:13:19 Times Seen37678861 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c	274 kB	2024-05-01	2024-05-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:57 Last Seen2024-05-01 23:08:00 Times Seen2 Hash b5412b4a6c48048a75b7d9521f07a463 5baf4b89eabeba3e0d403f79e488e450a4053471 95634a7d300c81d472aef4e97895092e484d2e157e73e3c4ab2f97d8d142b2f3 Loading...

	unknown	805 B	2023-10-28	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 21:18:21 Last Seen2024-05-07 08:42:02 Times Seen6 Hash 77f2b331b6df0d474207fc1d413c2c84 18d1ead0c90aa72b37d772b7758103665566d321 29f6da02ff0ec70f9515fbd4daa0da1bc7ba2c40ae1b34a02c874c2ac539ab92 Loading...

	yd.cottoidearldom.com/1clkn/14903	6 B	2023-03-07	2024-05-15
Pretty URL yd.cottoidearldom.com/1clkn/14903 IP 23.109.170.34 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-15 21:49:38 Times Seen14936 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230	655 B	2024-05-01	2024-05-01
Pretty URL tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:57 Last Seen2024-05-01 23:07:57 Times Seen1 Hash 88fad666ba4829a2532e5290b4f1773f 277e46e43b1a756b2b7999a5ebfdf417fb5a6a03 f5713428af3a6bb46aaf0c935bf9d3d20683b0ab1489d43aa6446927cfee824b Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-15
Pretty URL static.addtoany.com/menu/page.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-15 21:37:17 Times Seen949 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	tr.7vid.net/henYKwb.js	310 kB	2024-03-22	2024-05-15
Pretty URL tr.7vid.net/henYKwb.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-15 17:25:05 Times Seen349 Hash 04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286 Loading...

	videzz.net/9rzstwlkppht.html	1.9 kB	2023-03-26	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-15 17:25:04 Times Seen119 Hash 82e1ab0f6fb26e1a626e1ad6812a2e50 ff89302fd6c7736cfe3c0ce1bea0da569a763ced c1133cdc2ae23220a521a156d0edc736cea501341435673899a05f4d54597373 Loading...

	unknown	807 B	2023-10-28	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 21:18:22 Last Seen2024-05-07 08:42:02 Times Seen6 Hash 448b4c5d69cea3bb5a0e5d043cdab192 fef724516dd300ed02a57cbeadddae6e96ff4ed7 a690e5f559b0c560bb7f9fbbc3d5beb99c79541c3726e33e05d92cd6e8714a02 Loading...

	videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	140 kB	2023-03-08	2024-05-15
Pretty URL videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:59 Last Seen2024-05-15 17:25:04 Times Seen140 Hash 8986804e792bac03d992cfa0d65281de 4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44 e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295 Loading...

	myliveforyoudreder.com/vidozza.js	1.6 kB	2023-03-08	2024-05-15
Pretty URL myliveforyoudreder.com/vidozza.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-15 17:25:04 Times Seen171 Hash b340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000 Loading...

	s.o333o.com/adgpt.js	2.0 kB	2024-03-22	2024-05-15
Pretty URL s.o333o.com/adgpt.js IP 85.10.205.45 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:49 Last Seen2024-05-15 19:50:26 Times Seen342 Hash 55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Loading...

	videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	159 kB	2023-03-07	2024-05-15
Pretty URL videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-15 17:25:06 Times Seen236 Hash 7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02 Loading...

	unknown	809 B	2023-10-15	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 03:21:25 Last Seen2024-05-07 08:42:01 Times Seen10 Hash 99fcebb4e7afbb634b7a199af8add137 303cb82ddf45424df5adefa3927ec9a27b0b26d2 6968637dc57a40f593f1f6b9d02813c9ad381488e689872e9b90fa6486e2aa29 Loading...

	videzz.net/9rzstwlkppht.html	1.9 kB	2023-05-14	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-15 17:25:04 Times Seen118 Hash a692b14c46b795baddef6cde7925aec0 83421ee7434ca7916a53f711c1a207c04e264e3c 0a136fef0aef4b2b4d90057c95c48e84618ecebe376ad324594150d0b8588f90 Loading...

	videzz.net/js/videojs.stm.5.min.js?0.108741924114554	7.2 kB	2024-03-08	2024-05-15
Pretty URL videzz.net/js/videojs.stm.5.min.js?0.108741924114554 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-15 17:25:04 Times Seen99 Hash 4630f52d883cdd6dc5b7e0aee209fe40 ae08102d07ab32e76d5dbd12fa7db315e6f51f4e b74ebfdefad877a934b2e7d38afb3a56ad4db4ebbd88a72b7ae4a44fad74c0d3 Loading...

	static.addtoany.com/menu/svg/icons/telegram.js	360 B	2023-03-08	2024-05-15
Pretty URL static.addtoany.com/menu/svg/icons/telegram.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2024-05-15 20:41:46 Times Seen899 Hash 48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-15 22:12:43 Times Seen348069 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-15
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-15 22:00:45 Times Seen3407 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230	916 B	2024-05-01	2024-05-01
Pretty URL tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:58 Times Seen1 Hash 7d57597bf2b8a258ed02eec8f63b9372 c0f9bc86691fc4683cfe87ec1fa2fea15158f706 202f51de63e611029b16754fae99fc4a011725065ebf67c55d413c80e2c28813 Loading...

	unknown	801 B	2024-01-17	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 04:51:05 Last Seen2024-05-07 08:42:01 Times Seen4 Hash df8f7687b419e9196542078c8d566f5f 591a79654ea3b8ad0f2b56d8e39d829305f018e0 efa2e5483ae4c6e99fdc3bf56613e594a8621b0a6aa09bf68d6c7dd3f1c48562 Loading...

	videzz.net/9rzstwlkppht.html	82 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-15 17:25:04 Times Seen135 Hash 67b70174cc2854586ec824f84b79d825 c9bde16aa4e39ab912e1a20fe298b028a3432596 a979d312087118fa753a8ed59077b51936c9595eb2a37cd369a6b4f579eebafd Loading...

	videzz.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-15
Pretty URL videzz.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-15 22:12:42 Times Seen348578 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	videzz.net/9rzstwlkppht.html	488 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:04 Times Seen135 Hash c88a098ddb34ae8eb653079349e1eb71 c273d06595b90b3f3eadde95865d4fd88a2cdc4a f8be9aff934fb09a35261e76d411268402098e38f3c1468679a0ffddf96cb8cd Loading...

	unknown	811 B	2023-10-15	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 03:21:25 Last Seen2024-05-07 08:42:02 Times Seen12 Hash c3a503938235b6b2126c751cdf09e740 17e4aa5e1ffe476f754b9e22fc15fb4f7d36e595 2fef3a968458c78cf5c059240c455df4077ea6bce73754759de87e326a5de67f Loading...

	unknown	813 B	2023-10-15	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 03:21:25 Last Seen2024-05-07 08:42:02 Times Seen12 Hash d458b9da5545ce101414ee4dd03b7456 6f6291287f946714d9303ab5722e19b0f5c704cb a5f3b5d4998f77ea2789a615989a813522c4bac49346fa484b78da4fe6131a9d Loading...

	www.googletagmanager.com/gtag/js?id=UA-158623850-1	207 kB	2024-05-01	2024-05-01
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:59 Times Seen2 Hash 06dfb912050a94a71f75dcc5cb18c877 6700beb402ee9705589c0df7143363b969224ab4 24f0286644e20d0792ce791c5a3b98e20ec42edc2a1855ec8dc1478803469201 Loading...

	videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	111 kB	2023-03-07	2024-05-15
Pretty URL videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:06 Times Seen73 Hash 6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca Loading...

	static.addtoany.com/menu/locale/ru.js	2.1 kB	2023-03-07	2024-05-15
Pretty URL static.addtoany.com/menu/locale/ru.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2024-05-15 17:25:05 Times Seen175 Hash c0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397 Loading...

	static.addtoany.com/menu/svg/icons/viber.js	1.0 kB	2024-04-12	2024-05-15
Pretty URL static.addtoany.com/menu/svg/icons/viber.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-15 20:41:47 Times Seen157 Hash aeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee Loading...

	tr.7vid.net/Sb7AkA7.js	239 kB	2024-03-22	2024-05-15
Pretty URL tr.7vid.net/Sb7AkA7.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-15 19:50:26 Times Seen629 Hash a6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Loading...

	unknown	718 B	2023-08-03	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 08:56:28 Last Seen2024-05-07 08:42:02 Times Seen6 Hash cc6f9314836c4af2d9740b0265bdaaf5 2ff8a972d494159f565da9970078851fda4291e4 5a6244fdef670442a40fc0082c9c7b37195bc409d2e224ad6d7dd50014ec79ba Loading...

	unknown	722 B	2023-08-03	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 08:56:28 Last Seen2024-05-07 08:42:01 Times Seen6 Hash 80887173904d23be3eee62b54d0ec167 3c38b1cecb5af6e5b34bfa177e7f3540668d9ed8 9331acddc6d872009485216996a2587b6c25dba22f2d86f9c24eca80e38fcd2c Loading...

	videzz.net/9rzstwlkppht.html	221 B	2024-05-01	2024-05-01
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:58 Times Seen1 Hash 51c37c3400edd549d0e28fde8c02339e 512a2b77165f373901a9d57d773131debf4a1a65 9ba2f588580d73faaa78fc8e4784d9c4328c3ff2fd15732e586b140ad3da0020 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-56DK3TH	208 kB	2024-05-01	2024-05-01
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:59 Times Seen2 Hash 7b2c39a95b60582cf3e48ac3a2fe93fc 077ad41b276f854ed4513f6344efe3d281e6972a 400322a152eaf2cf1cb77e86d2e0e5880ccfecc169ca36a6338e00b8366d5187 Loading...

	videzz.net/9rzstwlkppht.html	192 B	2023-03-07	2024-05-14
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-14 03:21:17 Times Seen46 Hash b8f0c68374a03493550ed139cdba6d40 5110312d4ba0f330fc777c10b64eda8a6d824060 e13cba8c7a352718d08b4c32ad450223b86e74f0fc355cbce943e18dbe3720fb Loading...

	videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	416 kB	2023-03-07	2024-05-15
Pretty URL videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:04 Times Seen141 Hash 9721700ae4b3d8e0e81f9c6c1c8d511b 1c987ebb7fac787eaa3b2190c9b53bb685d5b8ea d4098ce7457b5191970d2df49c8b8f6c2ffc0d8510673777a08910f0b68d5c2f Loading...

	videzz.net/9rzstwlkppht.html	1.9 kB	2023-09-20	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-15 17:25:04 Times Seen107 Hash ea18635ebabe6012d41f9fe215f59b54 4bb7351c02f51a2d10b55eb8daecf0862aec3db7 4e69daf6970b0700406f701311ff61bf0623749d951327a09de054a9906c8056 Loading...

	videzz.net/js/ads.js?v=1.0	211 B	2023-03-07	2024-05-15
Pretty URL videzz.net/js/ads.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:05 Times Seen252 Hash 09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523 Loading...

	videzz.net/9rzstwlkppht.html	1.9 kB	2023-09-20	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-15 17:25:04 Times Seen107 Hash af6177bd7ff00168d56dcbb2dfad8aad b0565c811d5bc5e2b4923cc1194a81126512010c 68848e296ab0993815dd2ae9efbb9b41e1bddf7d57aafd1ce37fcb6588b09901 Loading...

	videzz.net/js/jquery.min.js	96 kB	2023-03-07	2024-05-15
Pretty URL videzz.net/js/jquery.min.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-15 21:30:19 Times Seen47829 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	unknown	803 B	2023-10-28	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 21:18:21 Last Seen2024-05-07 08:42:01 Times Seen6 Hash c12e2f49001bec6899d2a6859d1116f7 e6f9b2950f389d8639a0c6328827f03006680ba3 c49a83df9d1b9e240944c746ed10550f67f5ed0c0d5dd703599d9503beebb2ad Loading...

	videzz.net/9rzstwlkppht.html	1.9 kB	2023-12-02	2024-05-14
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-14 03:21:18 Times Seen32 Hash d97a5b73f9ff75b17385b7097312ac45 7ce245822b9fb070760c11c3cce3bf7aec04aa23 16b7b6c3ab170e3bd3a657fb65cc1a1afbb462e4cbc6af4a73db06f86fbdd931 Loading...

	profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js	44 kB	2024-05-01	2024-05-01
Pretty URL profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:59 Times Seen2 Hash afb3da0358eb20ae883411cd5af8baaf ddd12a4f1fbcb3828ac260a85a808503c23ebe91 558baa0dca9a0e825341074107b97d28f61904c7ad39b07a1987155ee4a564c0 Loading...

	videzz.net/9rzstwlkppht.html	1.9 kB	2023-12-02	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-15 17:25:04 Times Seen98 Hash 861dcaf645aae37b6316256c150d9dfb 3a9f80b6a4bf4c7807b354238ee1092098ef0592 8580955f289133f8987846865a71337744c9e2f39defb5c7bad0df0752a47ae7 Loading...

	donateentrailskindly.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js	82 kB	2024-05-01	2024-05-01
Pretty URL donateentrailskindly.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:59 Times Seen2 Hash cf81cd59a2ae8f0cbc59b5ed0b495ce1 89917a6cef348eba5cbe78e8802bb4c18e8057fa 8bbae8b3c211b9fd4cee88cfcac274a8bcd96158c713fb101fad86f43945a739 Loading...

	unknown	54 B	2023-04-11	2024-05-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:34:44 Last Seen2024-05-15 18:20:11 Times Seen879 Hash 21ad6a5e027895d7fef5bee4de0a6c02 1997f8ca0f217c1001a42318dc5976a0d5a56469 6e97ed48cf9a0f9bf4e5199bc5546e24c1067a10e7a582b886143be40f479bb5 Loading...

	videzz.net/9rzstwlkppht.html	416 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:05 Times Seen139 Hash 7b2ab585a733a8e54eb7117dbe673331 38ba49b934ea93104d43c095a34cbebabee2416b 161196e2eb45160ec056dcf19476aaf0a8694cd099ce5ddb43f53f58fa86d0d8 Loading...

	videzz.net/9rzstwlkppht.html	604 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:05 Times Seen138 Hash 3f51f1dc48435128b95bc2f1354a7a17 1baedda0ccf0cdaaa29bf441fcfe0c5fb2f8d4d4 9a3b5d51bd26f5549b2a1ca571835e3c1f0beede7826fd81566bdbc1dad656e9 Loading...

	unknown	815 B	2024-03-08	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-07 08:42:02 Times Seen10 Hash a1d508561173286a0b0ad3869a70847d 3d4897f157c71610b6872811e9c1eff23d06be81 2467986ca11b3750dc668e7683426518de6e13e74409dafc171875ca69c0b0fb Loading...

	videzz.net/sw.js	42 kB	2023-03-07	2024-05-15
Pretty URL videzz.net/sw.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-15 17:25:06 Times Seen227 Hash 764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2024-04-12	2024-05-15
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-15 20:41:47 Times Seen177 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	unknown	720 B	2023-08-03	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 08:56:28 Last Seen2024-05-07 08:42:02 Times Seen6 Hash 5411066ac8d1f6196b48ee9aaffd5d77 7f87c4533a786e1e44dfe6fd9bc0d8ff126b7e07 ebc99b300acec37944f18e8c624096355b617eef273526fe1afeebd083d6be2f Loading...

	videzz.net/9rzstwlkppht.html	1.3 kB	2024-05-01	2024-05-01
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 23:07:58 Last Seen2024-05-01 23:07:58 Times Seen1 Hash 8e75659aba312b0453a171c805a7f01c bc896f2f387abaabd2efa10fb5a471eaad83e1d9 35a005bd4a9eb4719ac85aa038fedfd021ff3ba23bee69726e2af931f8a8a7ea Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	645 B	2024-04-12	2024-05-15
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:45 Last Seen2024-05-15 17:25:04 Times Seen177 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	videzz.net/9rzstwlkppht.html	0 B	2023-03-07	2024-05-15
Pretty URL videzz.net/9rzstwlkppht.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-15 22:13:19 Times Seen37678861 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	429 B	2024-04-12	2024-05-15
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:44 Last Seen2024-05-15 17:25:05 Times Seen190 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

		Size	First Seen	Last Seen
	#1 Write - f348cfcd6825805261a572a9a433f9ea	614 B	2023-12-02	2024-05-14
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-14 03:21:18 Times Seen32 Hash f348cfcd6825805261a572a9a433f9ea 36052244d36163566fe8c9a22c9cb71dfb100ab2 db712552bc64b28538ae35e3789df84670b0163d76f5310515ae273cede251cf Loading...

	#2 Write - ab34ea7c979c46402352a8ce4c7b87cf	614 B	2023-12-02	2024-05-15
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-15 17:25:05 Times Seen98 Hash ab34ea7c979c46402352a8ce4c7b87cf 4ec90223aeea83fe3850db77b92c11eed50c99d3 fd21c10a5b8c554e00e76da6ce58475053e414d4280741ed032a857cf9876978 Loading...

	#3 Write - 7aea427efe0ebb35cac7f6c65074feaa	613 B	2023-03-26	2024-05-15
Pretty Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-15 17:25:05 Times Seen119 Hash 7aea427efe0ebb35cac7f6c65074feaa 7f7025ff75b6c305cf0f7258c68dcc5c3b787ea6 d72f60419e2549dc6934524845bed150c6aa5e1541b5eac18dd5c145f40d2857 Loading...

	#4 Write - 43449de866396eb0131d8111f4fa3895	613 B	2023-05-14	2024-05-15
Pretty Observations First Seen2023-05-14 23:54:06 Last Seen2024-05-15 17:25:05 Times Seen118 Hash 43449de866396eb0131d8111f4fa3895 d74126ea9f2c40f8395c79b3e7f69760f91702fc a67ffe15bbd54d8f4cc64a1e458fc3b742f73783efb009b827b9cf3e9b502add Loading...

	#5 Write - c661bb9a7cc33ed4849427e94a91858c	614 B	2023-09-20	2024-05-15
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-15 17:25:05 Times Seen106 Hash c661bb9a7cc33ed4849427e94a91858c 4be38292beb83aa1b58a668283dfe08ed97d7a42 e56ca9ad4497b40fd4b7c14e2c5e6c5b58563af9cb588188992d2189d22dc477 Loading...

	#6 Write - bf6e0ef92ae84c6ac72a2e33e3bd0ba5	614 B	2023-09-20	2024-05-15
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-15 17:25:05 Times Seen107 Hash bf6e0ef92ae84c6ac72a2e33e3bd0ba5 dd276e9188ea2de2da9b957adbb91c7e2b08d4ec 5f5f7af99db9aecf63f1ae5480d2b95a82e350abcdd3a765f5537235d12a4744 Loading...

HTTP Transactions (133)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

867 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4034)
Size
867 B (867 bytes)
Hash
0680879d9be8b73e90cf1ed3de2724e1
e338268ddd73ef607dbbca2ff375867972f66353
5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857

HTTP Headers

GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 95270
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhRmMR3FmxDwOBvojM7y0bYHOY7hs%2FfdnscMqpThLbwgNP3PjSQx14JAcFSJrkRUy1XhMaIp7aFxtiYmpLNvJDKUUBQNjzmMcKKeXDpD262YIr%2FLHeqX1ofSpft7%2BtPH7PLrNghV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd876b7e0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

2.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7172), with no line terminators
Size
2.1 kB (2141 bytes)
Hash
a99386c14c1250b20b42dd0db3df1741
cc8562d8ee2c39a2adea8d09eec3c4096571dd18
de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672

HTTP Headers

GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1827
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fyq%2B8byRUP6CDc6VgQboWAPnxkbOQFUzBFeynGxCsJ698xBmo7TNYxUmINXpWIPZbVJElr0hts6bZnff3hCX5HrJ9Ebhdk0TJ7ZsgzTh644m8lXb%2B2l2IGNag2e2VZYmQ0AuDMD%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd876b820b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

1.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
1.8 kB (1761 bytes)
Hash
dcb0ac787e2b120c8aeec195cd6decb9
7cdd385b4fbdfd0801af64d9209e7ede132dd954
f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82

HTTP Headers

GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 744
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAD8IA9vNxLXzQhdPkVuRwb1ddbvjRHTOZTKNLndnNZsHPwNKrnUw4nZnNhIzm%2Fehbwn0onoid5mHN8e4kuWDtDvrw%2Fa0Iod%2BKy37zgT4DhYyAi%2B%2F2TXJLvlxbXNAsFQeG2q6mLt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd877b920b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/pop.js?v=1.0

78.142.18.54

200 OK

35 B

URL GET HTTP/2
videzz.net/js/pop.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
ASCII text
Size
35 B (35 bytes)
Hash
da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-23"
expires: Fri, 31 May 2024 20:58:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/ads.js?v=1.0

78.142.18.54

200 OK

211 B

URL GET HTTP/2
videzz.net/js/ads.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
Unicode text, UTF-8 text
Size
211 B (211 bytes)
Hash
09f34de71e8853387dd398fbb263af69
4ccb7007fcebcffe64eaa80f2991509fdbac55d5
6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-d3"
expires: Fri, 31 May 2024 20:58:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/adb_logo.png

78.142.18.54

200 OK

8.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/adb_logo.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-2074"
expires: Fri, 31 May 2024 20:58:55 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/attention.png

78.142.18.54

200 OK

6.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/attention.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6377 bytes)
Hash
d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-18e9"
expires: Fri, 31 May 2024 20:59:28 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158623850-1

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
74 kB (74385 bytes)
Hash
06dfb912050a94a71f75dcc5cb18c877
6700beb402ee9705589c0df7143363b969224ab4
24f0286644e20d0792ce791c5a3b98e20ec42edc2a1855ec8dc1478803469201

HTTP Headers

GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:18 GMT
expires: Wed, 01 May 2024 21:07:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tr.7vid.net/henYKwb.js

135.181.208.216

200 OK

88 kB

URL GET HTTP/2
tr.7vid.net/henYKwb.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
88 kB (87996 bytes)
Hash
04bdb2fd7797c33d38ad8a6a0997b389
a69a0999b9106aa1e49a6728c84b3e82b899276d
3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286

HTTP Headers

GET /henYKwb.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

vz.7vid.net/Sb7AkA7.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
vz.7vid.net/Sb7AkA7.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.cpbj8ddae04d.shop
Fingerprint05:51:C2:15:91:D1:D4:BC:15:B2:36:C5:1A:40:61:CC:74:87:18:53
ValidityTue, 23 Apr 2024 10:27:07 GMT - Mon, 22 Jul 2024 10:27:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

tr.7vid.net/Sb7AkA7.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
tr.7vid.net/Sb7AkA7.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /Sb7AkA7.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

yd.cottoidearldom.com/1clkn/14903

23.109.170.34

200 OK

26 B

URL GET HTTP/1.1
yd.cottoidearldom.com/1clkn/14903
IP
23.109.170.34:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectyd.cottoidearldom.com
Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE
ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:18 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 21:07:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 21:07:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 103787
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KflxSINhju8jZ3ekzXxeuCsjOhYnopJeZ3JAVbq2WmnTtOA6T1XSkQIXB7VdBt%2F%2BZ9d5Ltqi%2F3EX1w0PaP8w8kSR%2FFsDF55eQLHmxIG5%2FbU10%2BKAaR68%2F4Oky7QGOjTxL9wHlAlJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd8abd6bb4f3-OSL
alt-svc: h3=":443"; ma=86400

profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js

192.243.61.227

200 OK

16 kB

URL GET HTTP/1.1
profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectprofitablegatecpm.com
Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30
ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT

File type
JavaScript source, ASCII text, with very long lines (44115), with no line terminators
Size
16 kB (15836 bytes)
Hash
afb3da0358eb20ae883411cd5af8baaf
ddd12a4f1fbcb3828ac260a85a808503c23ebe91
558baa0dca9a0e825341074107b97d28f61904c7ad39b07a1987155ee4a564c0

HTTP Headers

GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 01 May 2024 21:07:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 92770902365c6ae009f42083f6e77ce0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

55 kB

URL GET HTTP/2
videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
55 kB (54820 bytes)
Hash
2432ad64a4111424446498aed2f66696
edd583071ee0f8de9e5908a074efb58e6d843cbe
c4892fa78328147524a742ddac9771aac11e19b3eb62908c7b3a3a18b328fc29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-22364"
expires: Fri, 31 May 2024 20:57:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/js/videojs.stm.5.min.js?0.108741924114554

78.142.18.54

200 OK

4.0 kB

URL GET HTTP/2
videzz.net/js/videojs.stm.5.min.js?0.108741924114554
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
4.0 kB (3957 bytes)
Hash
4a57853ef40d77e658d976b58951b0c4
d5d5f992eb954023a80906475b268804cc44abc9
efd1e22bbd46e4fd4c8e0394fe18c993d168555db8a8905f186aa6811ec08335

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.stm.5.min.js?0.108741924114554 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1c25"
expires: Fri, 31 May 2024 21:07:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-56DK3TH

142.250.74.168

200 OK

73 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3287)
Size
73 kB (73170 bytes)
Hash
7b2c39a95b60582cf3e48ac3a2fe93fc
077ad41b276f854ed4513f6344efe3d281e6972a
400322a152eaf2cf1cb77e86d2e0e5880ccfecc169ca36a6338e00b8366d5187

HTTP Headers

GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:19 GMT
expires: Wed, 01 May 2024 21:07:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.o333o.com/vast-im.js

143.204.55.120

200 OK

128 kB

URL GET HTTP/2
cdn.o333o.com/vast-im.js
IP
143.204.55.120:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
128 kB (127622 bytes)
Hash
04bdb2fd7797c33d38ad8a6a0997b389
a69a0999b9106aa1e49a6728c84b3e82b899276d
3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286

HTTP Headers

GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:31 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zBP8ixChgJr3kehbMaR9FNb6_XCkVUE4KTNHmvh7mSAl71umlBtXfw==
age: 1769747
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

104.22.71.197

200 OK

2.3 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3003), with no line terminators
Size
2.3 kB (2273 bytes)
Hash
5f984fdd1d3384220c67422c1f544a95
79c8a48b5fab47972dd69ce7dfd08cee895006b5
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWZsNxx5LDQ%2FCmyOFsE8E2BnrVsLnneGIQNyd9wW5p4HAuYJk1J8NDKyEOb3GQVsuv1k1liuf%2Bmj3zbtE6j3FHtvw%2FKNdKKDmXgE%2Fq44DiWXRWJOh045rrNs9uLI3BbIrsQ0WiQVSeSa3Tq2fKeyXXzg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19258
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd882db9be58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:09:34 GMT
expires: Sat, 26 Apr 2025 06:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 485865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/facebook_button.png

78.142.18.54

200 OK

3.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/facebook_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
3.3 kB (3296 bytes)
Hash
7136dd30e8f2bac19a84c71f7051fbe4
9e0386c21a34c2034c5736d083f2aa9d74aa9698
0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 3296
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-ce0"
expires: Fri, 31 May 2024 21:00:23 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/reddit_button.png

78.142.18.54

200 OK

5.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/reddit_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
5.6 kB (5639 bytes)
Hash
e81d26d1620449624337a4d43f931daa
f03bec039b900b6668f56c295b6152f206614347
a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 5639
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-1607"
expires: Fri, 31 May 2024 20:57:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/telergram_button.png

78.142.18.54

200 OK

7.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/telergram_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.1 kB (7130 bytes)
Hash
30c0202bb8d66d562c2f6f74e04cecf5
330d3cb6d6e12800458fb4e711f5ad2669ed6418
5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 7130
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-1bda"
expires: Fri, 31 May 2024 20:58:26 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/twitter_button.png

78.142.18.54

200 OK

7.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/twitter_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.3 kB (7332 bytes)
Hash
d680a9ff6f8107a4582fc3da7b95b852
df709fd8b064642697ce5075aef16d7ec3df9475
d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 7332
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-1ca4"
expires: Fri, 31 May 2024 20:57:52 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/viber_button.png

78.142.18.54

200 OK

7.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/viber_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.6 kB (7583 bytes)
Hash
36454bc0a71ba0919c38f4b072ea1792
b90bd02d15eb470070f5767b12f8879cfa54033f
795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 7583
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-1d9f"
expires: Fri, 31 May 2024 20:59:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/whatsapp_button.png

78.142.18.54

200 OK

9.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/whatsapp_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
9.4 kB (9402 bytes)
Hash
093cb56d9d65dd0ccb57f24eb7444cba
3d862fe04fc38402dfb6e8afcfb9adc526907d54
9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 9402
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-24ba"
expires: Fri, 31 May 2024 21:00:44 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

178 kB

URL GET HTTP/2
videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
178 kB (177506 bytes)
Hash
24da0a6b9d497867b5a377f28f92172b
d219ddab300587705671a0c783b6b741a50d3d3e
21d6742ccad260c98b93a09aa84804fbf8ca969e33e11990316c3753b2eef528

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-65a66"
expires: Fri, 31 May 2024 21:07:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.57.125.73

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.57.125.73:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
654d554bc5bcf995cf08118f4aba7acd
a83aef9cb9b0260fdbb0cabf3518d18e1b2558ed
0960dd13b463d93436e6a05cbd0af8ce94d148e306dd44fce9747e3d5e9a7ba5

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2a0ad835-cecb-439b-874e-3369a032fa4a:2:1; expires=Sat, 29 Apr 2034 21:07:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

static.addtoany.com/menu/modules/core.BRQnzO8v.js

104.22.71.197

200 OK

26 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26311 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9is32%2FvBRjKBMF%2BBEdP7sN4xINU%2FGCfuJuuuQf7jR0OhsmJZXKf2mdBIWRxQZC2Xdb%2Fu4CIqU4D7O62VmM5Sr%2FSS%2FfBC%2F%2BHVMfwaHKXWIcGc9wRp0B%2B1xU6yUr79Ax7dbmD2Vmzn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13550
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd8dfd01be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

tr.7vid.net/api/spots/190873?p=1&s1=203230

135.181.208.216

200 OK

3.6 kB

URL GET HTTP/2
tr.7vid.net/api/spots/190873?p=1&s1=203230
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
gzip compressed data, from Unix
Size
3.6 kB (3594 bytes)
Hash
a9d69d9ed76f99eedd72a51e6d3961b1
61c452ab2947357b5fd66177a14f02cd9779faaa
2255b3d32cc47e4522a0544929c12676443e6e3c21cb9e86bb9df7bb7b13dfcc

HTTP Headers

GET /api/spots/190873?p=1&s1=203230 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=QOHfaLUnCzj4jvdP7bD9; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

105 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
105 kB (104621 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0b95166c8a2348fc09049026d1f6d91c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 01 May 2024 21:07:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZNW4f%2FGkTQFL%2FRdlt8dkQJUgzLgMAc6P9hhbnrECUJG1woSKh3KdNIv9QGioHLPsZf7FykxWV9XlWiE2tunu6TwwVOiM1VDexogvg846jkJpSFnkXXV22QgLlMCpXgh5pzD537dSEC8CyoRTOcPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd8e6f5bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 585139
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bid.bidclickmedia.com/sub/Zj8D76R

104.21.37.74

200 OK

48 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/Zj8D76R
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
48 kB (48381 bytes)
Hash
a59a1eb59104d4bf5ae063b28f80a03e
a03719ddbf97ee76f24a77994dc2fed934bad2db
80499cd3508dab092fa2c87d292031821e2230653503f1dd41c2b9c04571fc47

HTTP Headers

GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dgcl7Q%2FDg7u5CLS%2BU%2BMbauUWPobgqs4gLEIM35ioWSWzJFacIWXYJCfQ3Hci6LphWPButTW7%2BIGAkH9QODT2etWNpE3HBZU%2BsRK%2FuhWAiA%2F68oAZ891jB%2BF4kjTxydLv2%2F5uhwPxejQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8d59feb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/e6yMnW6

104.21.37.74

200 OK

95 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/e6yMnW6
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
95 kB (94743 bytes)
Hash
3e4f8d950f382330e0d32f9aa59bb11b
0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d
25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958

HTTP Headers

GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5m%2FeJ4FCVCdYPpxElFSJMGUxE8ulqL8sRlWv6HOx6WmpI0IPDXCyL3V1JVkdOaZaoZzehULe9IzAHC9%2FeWXNCF%2BgdAyxi3mnaMQJFAMW1dO3AYPqzBhbVM%2BNKUr1E9b4q%2FkAfvlvJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8e8e050b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

donateentrailskindly.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js

192.243.61.227

200 OK

30 kB

URL GET HTTP/1.1
donateentrailskindly.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectdonateentrailskindly.com
Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A
ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30027 bytes)
Hash
cf81cd59a2ae8f0cbc59b5ed0b495ce1
89917a6cef348eba5cbe78e8802bb4c18e8057fa
8bbae8b3c211b9fd4cee88cfcac274a8bcd96158c713fb101fad86f43945a739

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 01 May 2024 21:07:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95e79a42e500235324c345f0f3dad5f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

myliveforyoudreder.com/vidozza.js

188.114.97.1

200 OK

1.5 kB

URL GET HTTP/2
myliveforyoudreder.com/vidozza.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectmyliveforyoudreder.com
FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7
ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT

File type
JavaScript source, ASCII text, with very long lines (852), with CRLF line terminators
Size
1.5 kB (1514 bytes)
Hash
b340619418518ced51fbbc860814ea19
e2cbf47a089e8941bcdb6f24c64fad9004852348
ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000

HTTP Headers

GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsO%2FxlOWdzb3X3BfCrazDinZz46kI3eRllGWCwhNpSNRE2cHCb3eVMYX7UEqEfwVziDRTjPH4EWNE2ELdSGGE2e0YaVLuqXhutQmuL%2BZw8YcmdPagYIUNfYXryxHxgZIRe2C4GRuMblu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd90ace056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

str42.vidoza.net/i/04/07599/rs8ronxyl6hm.jpg?v=1714597637

109.202.101.220

200 OK

35 kB

URL GET HTTP/2
str42.vidoza.net/i/04/07599/rs8ronxyl6hm.jpg?v=1714597637
IP
109.202.101.220:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
JPEG image data, baseline, precision 8, 576x1280, components 3
Size
35 kB (34848 bytes)
Hash
0c339e94b3cc73d24950985fbf7c928d
5a7c422fcd646eeaacb7e83d3b3465e794ce79f0
92c5415c2a2071921fd21f896c9a80cbc639c602ac8487e6efda329e1934f83e

HTTP Headers

GET /i/04/07599/rs8ronxyl6hm.jpg?v=1714597637 HTTP/1.1
Host: str42.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 01 May 2024 21:07:20 GMT
content-type: image/jpeg
content-length: 34848
last-modified: Sun, 28 Apr 2024 15:56:40 GMT
etag: "662e71b8-8820"
expires: Wed, 15 May 2024 21:07:20 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

donateentrailskindly.com/sbar.json?key=9785383bf0d8f2fb611d938245088565

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
donateentrailskindly.com/sbar.json?key=9785383bf0d8f2fb611d938245088565
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectdonateentrailskindly.com
Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A
ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=9785383bf0d8f2fb611d938245088565 HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 01 May 2024 21:07:20 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071529; expires=Thu, 02 May 2024 21:07:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 040b4a1c02659c9a2220a936bba0d58a
Strict-Transport-Security: max-age=0; includeSubdomains

videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

251 kB

URL GET HTTP/2
videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
251 kB (251067 bytes)
Hash
12f6d6cb851212ac4f9f22aaa25b6559
ee3b30caa39fd5bd3ebf752df6535b5c55a1e5f6
121aab4e4b842e5cf15dd36bb0bf47753c4f63634ed2079b80a4677952577730

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-14c442"
expires: Fri, 31 May 2024 20:58:43 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1256158139.1714597640&gtm=45je44t0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1956743479

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1256158139.1714597640&gtm=45je44t0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1956743479
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDE:35:DD:F6:8A:FF:6F:9D:0E:3D:27:DD:E2:B8:DE:CE:A4:6A:C8:C9
ValidityMon, 08 Apr 2024 07:44:18 GMT - Mon, 01 Jul 2024 07:44:17 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1256158139.1714597640&gtm=45je44t0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1956743479 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 May 2024 21:07:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bid.bidclickmedia.com/load

104.21.37.74

302 Found

361 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
361 B (361 bytes)
Hash
4809a9602dd55d531906123e570b6d77
626fe0b9eeeda00a0ce401ee5a4e13f8256facb9
046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFXfS5urosqRoSxXeIivtihcxQV%2BgNBFjtb3IdqBq6%2Fd9XwjS3UAbiy93gI9%2BF0%2BqfWNUx7YRb3Hbqz8Y6JtWeDBQUurdkrV4o2DlZEyD1NvLm5uTLCB7xiILlfmdVApMg2tBBZAOkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd922a010b51-OSL
alt-svc: h3=":443"; ma=86400

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44t0v9104348843za200&_p=1714597638959&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2521

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44t0v9104348843za200&_p=1714597638959&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2521
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44t0v9104348843za200&_p=1714597638959&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2521 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 01 May 2024 21:07:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

disguisedgraceeveryday.com/pixel/purst?dl=0&th=0&sc=0&rs=2398&rd=2398&fd=827&bv=24.4.7838&tmpl=136

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
disguisedgraceeveryday.com/pixel/purst?dl=0&th=0&sc=0&rs=2398&rd=2398&fd=827&bv=24.4.7838&tmpl=136
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectdisguisedgraceeveryday.com
Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF
ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2398&rd=2398&fd=827&bv=24.4.7838&tmpl=136 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 May 2024 21:07:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

proftrafficcounter.com/stats

52.57.125.73

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.57.125.73:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
654d554bc5bcf995cf08118f4aba7acd
a83aef9cb9b0260fdbb0cabf3518d18e1b2558ed
0960dd13b463d93436e6a05cbd0af8ce94d148e306dd44fce9747e3d5e9a7ba5

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=2a0ad835-cecb-439b-874e-3369a032fa4a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.57.125.73

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.57.125.73:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
654d554bc5bcf995cf08118f4aba7acd
a83aef9cb9b0260fdbb0cabf3518d18e1b2558ed
0960dd13b463d93436e6a05cbd0af8ce94d148e306dd44fce9747e3d5e9a7ba5

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=2a0ad835-cecb-439b-874e-3369a032fa4a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tfosrv.com/show_std.php?id_site=6411&id_channel=25821&uf=true

bid.bidclickmedia.com/load

104.21.37.74

302 Found

1.3 kB

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
data
Size
1.3 kB (1305 bytes)
Hash
ced7b145a64ba29cdff8cec5c3d3207c
7b3e8ec58515a4690eccfa0a9eccbbf366d3a7a8
40c0812481a009bf7f8ea1a3b4e5e514fc4933a869163638bea3bd2747df6190

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h26b9zehwAJPHGEmmMjrG0W%2BqW5OJMiveojdByqvHoxgMhK09E0Eqkv02jNOafXs7uyqAVRqL83dDsphTSIHl%2Bd%2FaiB6Gd%2BEOn313o3NbCua4M%2FpGvQqKZ58mUNDzReKZjLYJpxfTb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd931b930b51-OSL
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/sub/Pj8pz0z

104.21.37.74

200 OK

1.2 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/Pj8pz0z
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
1.2 kB (1159 bytes)
Hash
e151e24dc5b354ea8ee36534a8264594
4b5f293d59d009ee46087f164ee86d066e8e83f4
b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7oKe%2B3%2BW49dYxV1CF5xm14yGgiL98%2BgrU56ex8Bti3Bbdxu02NrtDaXiAjNtXVzUbB9IBQ9uPL0zmDvcUIS%2FKVIQ7E%2Fn9pkeL4vi9H4oZhfeO2OZYSpxuGPuFO0WBr59FVp96u5m8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8daa62b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.animezeno.sbs/

188.114.97.1

200 OK

594 B

URL GET HTTP/2
www.animezeno.sbs/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectanimezeno.sbs
FingerprintD1:88:3B:4F:6E:24:62:91:E5:7C:D7:4B:24:7E:37:2C:B4:E6:81:07
ValidityFri, 12 Apr 2024 00:39:53 GMT - Thu, 11 Jul 2024 00:39:52 GMT

File type
HTML document, ASCII text, with very long lines (1014)
Size
594 B (594 bytes)
Hash
7b37bd4f62d715a0873bac41a0aa4f50
cc82e2e935fed4fdf428d295101fe51a9d835da6
41073afd70d67192731d0e6330e0c56eef44eac903dca4baa6b319d8a87928ed

HTTP Headers

GET / HTTP/1.1
Host: www.animezeno.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIo%2BdwmTt616gTB%2BnNrwUNRdNpWn0x1z%2FNMS%2FPwybyoLjTOVwCr%2B25UZOFTka9rYcLBrqVasMjBbuda1qTSaovzLWya2NZFUXq%2FE0CCUWzxR9G3wZagutC2ZgTVgKFc0MIhTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd986aab5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bedrapiona.com/4/5615727/

139.45.197.234

200 OK

772 B

URL GET HTTP/2
bedrapiona.com/4/5615727/
IP
139.45.197.234:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectbedrapiona.com
FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF
ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT

File type
HTML document, ASCII text, with very long lines (362)
Size
772 B (772 bytes)
Hash
725c894c6899f9df96cf2444148545ab
5401d8efba95d6a854b7ac7a850d66fca574d7bb
ea5aefd69dd758c56ec63741eb087f1f58edcc81a2784fa76c5cc90e66a22bcf

HTTP Headers

GET /4/5615727/ HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.animezeno.sbs/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html; charset=utf8
x-trace-id: 5dbd49f40daaee1863d2d5f2fe20af05
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://intothespirits.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804fa03828408efa78d45b262e1d35; expires=Thu, 01 May 2025 21:07:21 GMT; path=/; secure; SameSite=None
oaidts=1714597641; expires=Thu, 01 May 2025 21:07:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-119774978-7

142.250.74.168

71 kB

URL
www.googletagmanager.com/gtag/js?id=UA-119774978-7
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1808)
Size
71 kB (71146 bytes)
Hash
87f7ab6a4f3d61b45f2f8cb5d6c45913
0bfa44823e26af71fd3d4307d266cbde00c7d383
3e881ffe7093fad66e66d06bbce152562a7a4cd67a01b721c95770951be6d72c

HTTP Headers

GET /gtag/js?id=UA-119774978-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK

142.250.74.168

103 kB

URL
www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
103 kB (102608 bytes)
Hash
173777abb98662d13afa1d59cb87c5b8
ab1f3abb022e462a1da38883af85da3f69d90152
0c6025598a4cfd959aad64338a9afa70cc893ea484c0c91a2c54fd2111ce6923

HTTP Headers

GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c

142.250.74.168

94 kB

URL
www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
94 kB (93856 bytes)
Hash
61727bb655c333cdba75a9fd8e9ab06e
e4b91b2e1f0b69e8e01954a5396d0db5fba54936
9c05f750ab6a0b8d475a1b4d1533915bc5d47cdd1935272c467e4897a9f0623a

HTTP Headers

GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c

142.250.74.168

102 kB

URL
www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
102 kB (101552 bytes)
Hash
9f013403392b0c51e3361c0bc7bb6126
3bf44bc2363f80a428da3c39cee38197f72e263c
447f793e22c60b627bbc07afafdf15eca5adc08f0e935ddb85710f3ccb3ac9ee

HTTP Headers

GET /gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

animewatch.onionlive.workers.dev/

104.21.9.35

200 OK

813 B

URL GET HTTP/2
animewatch.onionlive.workers.dev/
IP
104.21.9.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectonionlive.workers.dev
Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F
ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT

File type
HTML document, ASCII text, with very long lines (1024)
Size
813 B (813 bytes)
Hash
c1cf85ad1b6580cae5442d258a41bae7
ad01dec3f302168d9588375fc9b4185dc45c4625
439248132cde8803370dcb8e3bf0fa5737032e4e5dffe7812d911d32735eacee

HTTP Headers

GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFyunr%2B%2BkKOSOE0oGHJuNEw7W%2BIkhhMENgF3U1mVI1G0jqxIyD89YZ5r2hJkCwD6MR9E4SxeXZIb5SzTvsFPXDx475HSBliFv2lvFgtLjTH%2Bhu17zldcLJsgdGhRCqIr7addeCiFLlS4tCsffaLLazloMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd9a8d7fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

trafforsrv.com/click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e

216.18.168.28

302 Found

0 B

URL GET HTTP/1.1
trafforsrv.com/click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e
IP
216.18.168.28:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.trafforsrv.com
FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00
ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=ad24adec-d57f-46e6-ab1e-3607e665a42c; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://lernodydenknow.info/redirect?tid=1039225

xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

intothespirits.com/click?trvid=12632&clickid=809643789735178860&cost=0.002599&language=en&creaid=20536676&zoneid=5615727&browserversion=96&os=linux&browser=firefox&region=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0

3.125.239.17

200 OK

1.2 kB

URL GET HTTP/2
intothespirits.com/click?trvid=12632&clickid=809643789735178860&cost=0.002599&language=en&creaid=20536676&zoneid=5615727&browserversion=96&os=linux&browser=firefox&region=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0
IP
3.125.239.17:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectintothespirits.com
Fingerprint42:86:B7:FB:4F:91:02:C7:75:E2:06:41:56:85:74:4B:D8:97:BE:C3
ValidityMon, 25 Mar 2024 22:01:23 GMT - Sun, 23 Jun 2024 22:01:22 GMT

File type
HTML document, ASCII text, with very long lines (389)
Size
1.2 kB (1226 bytes)
Hash
0fb74dd651b0f7203a7a154369f835cc
e51e752a594bb0af4a3eac16227a2c4eb82e8c59
2a37ef82d5a4376c7b13c85fb51250793370f066489e8b237a9f35b4913c24fa

HTTP Headers

GET /click?trvid=12632&clickid=809643789735178860&cost=0.002599&language=en&creaid=20536676&zoneid=5615727&browserversion=96&os=linux&browser=firefox&region=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 HTTP/1.1
Host: intothespirits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html; charset=utf-8
content-length: 1226
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
set-cookie: ClickDataNG=H4sIAAAAAAAA_2RU24rjOBD9lVBPu2Ac2Y7tWIMZetJMM9CXhd5Z9mGhUaRyoo0iGV08yVz-fZHthOzMm6vOUZ1S6ZS_wYDWSaOBQpaSlEAC_twjUJKAC9s_L9_c6AGtRwG0Y8phAlxJfvgkgEL5ZT98Ev8-fGRHAwkI5hFoVmersqmrVZYAZ8eeyZ2O7CyvijwB6TZ_3F1rWeOZl2Yk5FVRJGCDwhiRBCwKaZH7J_R7I4CWCTgTLB_xLAHFtJB6N7Pn6LNVQAESMF2HdhJe1wlsLdN8P3NHbGLuve8dXS5dOt4rZUriqbfoXMrNcYnLt_vD-uHuMLxnXfvThblxHihJCcmr2O6AOkxT69nZhBHLZrVNsBY1PwOFz6_3kECw8kZeam_8Hl0vrfST9NjPe28HKdpxeP-EKDSmpWjXpKlWRb1u6qLM6vW6IjNunG_HnsqmmVKK6V1gO2xRzxyLTIo2J2VRVXU1Jb8ajVK0ZZWVdV5Pua01Xxza2SttM1ONa5XU4fQ_UttJi52ZkxZ38QQpLl1pjTw-dRpt1m6tYWLLtLgUvEgE7XrkspMo3m40XNjG_t6kaKNVZX8nRHwkoNBkaUPSVZ5m5eoWqiYfBIf2bofaA4Un81UqxZZlSha__Z1l7xaPUWJxWldv1erdwg60qVLy--IB-cEsc5IRkpFs8XG62TKCEF-6Q4t2qi9wkByv-2JiS2PV6EH313XLIHpwHBRQmAtej3-wTIvbek9GoLpNPLMjTjGftGDDtgqX96-P8dKuBwoflDwtXo0Kcc5uNGjQ3kbPPb-Mfe-mXp5fvn9_ccosNpFwjkzpzzcARAtb1H4T3TYvlJU7qR_7m5S3TDvGpw12QHVQKgEenDdHoN_mBYGLGyEBPHm0mqnx__GrhSGBgQAF1PErAwoXj8Y4j_-cyZ4xLOLjj8AKKKh55kMJFLrrfIdoA1LErxooXH0XE2ug8IvfItDEM_Djx38BAAD___xokOcmBQAA; Expires=Fri, 31 May 2024 21:07:21 GMT; SameSite=None; Secure
ClickDataNgFall=H4sIAAAAAAAA_2RU24rjOBD9lVBPu2Ac2Y7tWIMZetJMM9CXhd5Z9mGhUaRyoo0iGV08yVz-fZHthOzMm6vOUZ1S6ZS_wYDWSaOBQpaSlEAC_twjUJKAC9s_L9_c6AGtRwG0Y8phAlxJfvgkgEL5ZT98Ev8-fGRHAwkI5hFoVmersqmrVZYAZ8eeyZ2O7CyvijwB6TZ_3F1rWeOZl2Yk5FVRJGCDwhiRBCwKaZH7J_R7I4CWCTgTLB_xLAHFtJB6N7Pn6LNVQAESMF2HdhJe1wlsLdN8P3NHbGLuve8dXS5dOt4rZUriqbfoXMrNcYnLt_vD-uHuMLxnXfvThblxHihJCcmr2O6AOkxT69nZhBHLZrVNsBY1PwOFz6_3kECw8kZeam_8Hl0vrfST9NjPe28HKdpxeP-EKDSmpWjXpKlWRb1u6qLM6vW6IjNunG_HnsqmmVKK6V1gO2xRzxyLTIo2J2VRVXU1Jb8ajVK0ZZWVdV5Pua01Xxza2SttM1ONa5XU4fQ_UttJi52ZkxZ38QQpLl1pjTw-dRpt1m6tYWLLtLgUvEgE7XrkspMo3m40XNjG_t6kaKNVZX8nRHwkoNBkaUPSVZ5m5eoWqiYfBIf2bofaA4Un81UqxZZlSha__Z1l7xaPUWJxWldv1erdwg60qVLy--IB-cEsc5IRkpFs8XG62TKCEF-6Q4t2qi9wkByv-2JiS2PV6EH313XLIHpwHBRQmAtej3-wTIvbek9GoLpNPLMjTjGftGDDtgqX96-P8dKuBwoflDwtXo0Kcc5uNGjQ3kbPPb-Mfe-mXp5fvn9_ccosNpFwjkzpzzcARAtb1H4T3TYvlJU7qR_7m5S3TDvGpw12QHVQKgEenDdHoN_mBYGLGyEBPHm0mqnx__GrhSGBgQAF1PErAwoXj8Y4j_-cyZ4xLOLjj8AKKKh55kMJFLrrfIdoA1LErxooXH0XE2ug8IvfItDEM_Djx38BAAD___xokOcmBQAA; Expires=Fri, 31 May 2024 21:07:21 GMT
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c

142.250.74.168

70 kB

URL
www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1808)
Size
70 kB (70275 bytes)
Hash
813997d58199390424585baf7ce765f7
44842501e172ceab354c626c26baeb80c2af8f86
b04b96fab6f9c381c2d233839ad158bb41d3820de7861ee9ab79daa5a279ac50

HTTP Headers

GET /gtag/js?id=UA-119774978-8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bid.bidclickmedia.com/load

104.21.37.74

302 Found

371 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
371 B (371 bytes)
Hash
b8207054b13fda020d58a7f94425b36f
9b577687e561e17e9823e7fb83ad648dede4c74c
6dafbda0e014e02f234cd8025d827edc22403b87e4cd22270c86db55dd8bc4a6

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLgHINKXz44hBoJoHp9vfghbaDzbcQUkUnSt7On%2BpDyTsbNn7dQQa0HwqLEgz2EMAPzEjA2UtgUHN%2FtPp0etYBpHlorJ6e4rKellFWaRGrUS4FNTBe4ThYTZPZWpqtoLoVdlBHxdWx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd940c680b51-OSL
alt-svc: h3=":443"; ma=86400

s.pemsrv.com/splash.php?idzone=5040978&type=8

95.211.229.246

200 OK

478 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F
ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT

File type
HTML document, ASCII text, with very long lines (717)
Size
478 B (478 bytes)
Hash
0a0facbef164c9e58f80ef97a1a0827e
11213522b288f0683c8f640b87b1e4e246ad8030
8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf

HTTP Headers

GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226632af09c3ed10.52739264735931805%22%3B%7D; expires=Fri, 01 May 2026 21:07:21 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D

unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdedaddbc422187d097392ec798684cf
Strict-Transport-Security: max-age=0; includeSubdomains

tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230

135.181.208.216

200 OK

493 B

URL GET HTTP/2
tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
gzip compressed data, from Unix
Size
493 B (493 bytes)
Hash
07ba10c7d199be0158f2c855617ae250
d3ac5f7bbaccd7260d90756eab31fae2160dcf9c
514dcc0a859c272f2829ab74172d7edbd09e39f397a5eb32daef8541b5e8bd1f

HTTP Headers

GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=QOHfaLUnCzj4jvdP7bD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

104.22.71.197

6.1 kB

URL
static.addtoany.com/menu/sm.25.html
IP
104.22.71.197:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
HTML document, ASCII text, with very long lines (624)
Size
6.1 kB (6142 bytes)
Hash
41b7ed0cbe240173eea85148fcba633e
39acd5fe099974486a1c9ba11ba0fe7be6bc97ca
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 7635
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd8d9c8abe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

intothespirits.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs4R0Frdj9hZj01d2h2SWRqR0ZhbW8iLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9

3.125.239.17

200 OK

693 B

URL GET HTTP/2
intothespirits.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs4R0Frdj9hZj01d2h2SWRqR0ZhbW8iLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9
IP
3.125.239.17:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectintothespirits.com
Fingerprint42:86:B7:FB:4F:91:02:C7:75:E2:06:41:56:85:74:4B:D8:97:BE:C3
ValidityMon, 25 Mar 2024 22:01:23 GMT - Sun, 23 Jun 2024 22:01:22 GMT

File type
HTML document, ASCII text
Size
693 B (693 bytes)
Hash
82d9088b2539ff3a95ca1adae1b8df02
aa5689cbe34d2a918994c0d255f4a0bcbabe3aa2
226eaf8ed8297359f8a4b8e81376c28538aed7e5835064e40ec921c4e8b13744

HTTP Headers

GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs4R0Frdj9hZj01d2h2SWRqR0ZhbW8iLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 HTTP/1.1
Host: intothespirits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_2RU24rjOBD9lVBPu2Ac2Y7tWIMZetJMM9CXhd5Z9mGhUaRyoo0iGV08yVz-fZHthOzMm6vOUZ1S6ZS_wYDWSaOBQpaSlEAC_twjUJKAC9s_L9_c6AGtRwG0Y8phAlxJfvgkgEL5ZT98Ev8-fGRHAwkI5hFoVmersqmrVZYAZ8eeyZ2O7CyvijwB6TZ_3F1rWeOZl2Yk5FVRJGCDwhiRBCwKaZH7J_R7I4CWCTgTLB_xLAHFtJB6N7Pn6LNVQAESMF2HdhJe1wlsLdN8P3NHbGLuve8dXS5dOt4rZUriqbfoXMrNcYnLt_vD-uHuMLxnXfvThblxHihJCcmr2O6AOkxT69nZhBHLZrVNsBY1PwOFz6_3kECw8kZeam_8Hl0vrfST9NjPe28HKdpxeP-EKDSmpWjXpKlWRb1u6qLM6vW6IjNunG_HnsqmmVKK6V1gO2xRzxyLTIo2J2VRVXU1Jb8ajVK0ZZWVdV5Pua01Xxza2SttM1ONa5XU4fQ_UttJi52ZkxZ38QQpLl1pjTw-dRpt1m6tYWLLtLgUvEgE7XrkspMo3m40XNjG_t6kaKNVZX8nRHwkoNBkaUPSVZ5m5eoWqiYfBIf2bofaA4Un81UqxZZlSha__Z1l7xaPUWJxWldv1erdwg60qVLy--IB-cEsc5IRkpFs8XG62TKCEF-6Q4t2qi9wkByv-2JiS2PV6EH313XLIHpwHBRQmAtej3-wTIvbek9GoLpNPLMjTjGftGDDtgqX96-P8dKuBwoflDwtXo0Kcc5uNGjQ3kbPPb-Mfe-mXp5fvn9_ccosNpFwjkzpzzcARAtb1H4T3TYvlJU7qR_7m5S3TDvGpw12QHVQKgEenDdHoN_mBYGLGyEBPHm0mqnx__GrhSGBgQAF1PErAwoXj8Y4j_-cyZ4xLOLjj8AKKKh55kMJFLrrfIdoA1LErxooXH0XE2ug8IvfItDEM_Djx38BAAD___xokOcmBQAA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
content-length: 693
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2

s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1

95.211.229.246

302 Found

0 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F
ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226632af09c3ed10.52739264735931805%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226632af09c3ed10.52739264735931805%22%3B%7D; expires=Fri, 01 May 2026 21:07:22 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6632af09c3ed10.52739264735931805%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714597642%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Ca7cdab5db491352181875a39f96cdbe7%7Cok%22%7D; expires=Tue, 30 Jul 2024 21:07:22 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A-
Accept-CH: 
X-Robots-Tag: noindex, follow

ahimsaslatrate.com/ivvsWHdaW4f8QK/57128

23.109.170.171

200 OK

61 B

URL GET HTTP/1.1
ahimsaslatrate.com/ivvsWHdaW4f8QK/57128
IP
23.109.170.171:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectahimsaslatrate.com
FingerprintF2:A2:0F:0E:A2:37:38:5C:33:F7:FD:1F:A8:E5:DF:F5:75:87:BA:0E
ValidityWed, 17 Apr 2024 19:20:44 GMT - Tue, 16 Jul 2024 19:20:43 GMT

File type
HTML document, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
86733bb66fb84b851592d733e51f0cbd
42eaf19a5ca195667a9212b0ea3557eee76954a8
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ivvsWHdaW4f8QK/57128 HTTP/1.1
Host: ahimsaslatrate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

hoddlegamey.com/itLmTlMrHisAt/67652

23.109.170.115

200 OK

61 B

URL GET HTTP/1.1
hoddlegamey.com/itLmTlMrHisAt/67652
IP
23.109.170.115:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecthoddlegamey.com
Fingerprint07:BD:B4:24:F4:70:EB:F5:60:F8:9F:61:E8:65:29:7E:9B:54:8C:D2
ValidityMon, 22 Apr 2024 23:02:12 GMT - Sun, 21 Jul 2024 23:02:11 GMT

File type
HTML document, ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
86733bb66fb84b851592d733e51f0cbd
42eaf19a5ca195667a9212b0ea3557eee76954a8
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

lernodydenknow.info/redirect?tid=1039225

108.157.229.20

302 Found

0 B

URL GET HTTP/2
lernodydenknow.info/redirect?tid=1039225
IP
108.157.229.20:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerAmazon
Subjectlernodydenknow.info
Fingerprint0B:53:BB:D6:51:E9:8D:1C:38:77:BA:75:C6:18:21:E5:31:71:DC:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Fri, 21 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?tid=1039225 HTTP/1.1
Host: lernodydenknow.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://xml.car-bidpush.org/click?i=LjdR1b4lPl8_0
date: Wed, 01 May 2024 21:07:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=74d67d30-3e7c-4b4e-ab57-cf1510575734
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1d542b221a74ce095eec8b4baabd68ca.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: k05H1X08CIBFD4edU_ahvRjT5KJOqIkewj6D-gYJv5KHmS_n_aGHxg==
X-Firefox-Spdy: h2

tidyllama.com/sc?t=1714597642404&a=FtzT&c=qEaBdaKCEgxqdNjCFXxa4X&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmMq8K8pOjswklyASVDOKU-DDuyVGuLPl_lERslbRK1d0kM69rj0eaj6U3NLI1gIWIBnb1cl2_iiD3ijXFQL3MORyqb7XtMrcXhW6JsD42nNdaTCuomt8uihd44Kdxz466SyImXdBKOGpKXo7Yn_82JMdskANL0yr6nuAzTNx4ToeNEnVW_Sy0JEGfxHiJQ5vJgFWXkAMDK03EJOtBfs4KQWivgatI9sTbiaLxnCYj31Dp3reX3ywsxKPbil2GQi8gZtTyXleMgVXxmSraFOkd1k5AqDh4CUlXylFrr-dSHdt3wnFT1lSOlSCjPpHjt3yEZAvFYg_X5U8dcyl81NxX5CCTCd-MsJRrhimmv7gwEy6COVc_GT0eh6rrZgtYVzz45Os-q4F9B6MSEGkH1MtZGqXAgcJf1L9ucWBSUUHcrTELRKkKyDNI-1ATRUhDTnZENH3wzjltZzEapBqrjJDtV2HDxoLS2D34mM6b_QJaSz1fgWs=&f=2048

178.63.99.108

302 Found

61 B

URL GET HTTP/2
tidyllama.com/sc?t=1714597642404&a=FtzT&c=qEaBdaKCEgxqdNjCFXxa4X&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmMq8K8pOjswklyASVDOKU-DDuyVGuLPl_lERslbRK1d0kM69rj0eaj6U3NLI1gIWIBnb1cl2_iiD3ijXFQL3MORyqb7XtMrcXhW6JsD42nNdaTCuomt8uihd44Kdxz466SyImXdBKOGpKXo7Yn_82JMdskANL0yr6nuAzTNx4ToeNEnVW_Sy0JEGfxHiJQ5vJgFWXkAMDK03EJOtBfs4KQWivgatI9sTbiaLxnCYj31Dp3reX3ywsxKPbil2GQi8gZtTyXleMgVXxmSraFOkd1k5AqDh4CUlXylFrr-dSHdt3wnFT1lSOlSCjPpHjt3yEZAvFYg_X5U8dcyl81NxX5CCTCd-MsJRrhimmv7gwEy6COVc_GT0eh6rrZgtYVzz45Os-q4F9B6MSEGkH1MtZGqXAgcJf1L9ucWBSUUHcrTELRKkKyDNI-1ATRUhDTnZENH3wzjltZzEapBqrjJDtV2HDxoLS2D34mM6b_QJaSz1fgWs=&f=2048
IP
178.63.99.108:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subjecttidyllama.com
Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52
ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
61 B (61 bytes)
Hash
59149637e72a98f12960c1afa3d4256c
93e6672c8d4871db634b54d2bb064deff8b1dc7a
086523f3b1cea6b84c5382246549bbebbfdf47ed6117d2a6f23a07746b2fe60e

HTTP Headers

GET /sc?t=1714597642404&a=FtzT&c=qEaBdaKCEgxqdNjCFXxa4X&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmMq8K8pOjswklyASVDOKU-DDuyVGuLPl_lERslbRK1d0kM69rj0eaj6U3NLI1gIWIBnb1cl2_iiD3ijXFQL3MORyqb7XtMrcXhW6JsD42nNdaTCuomt8uihd44Kdxz466SyImXdBKOGpKXo7Yn_82JMdskANL0yr6nuAzTNx4ToeNEnVW_Sy0JEGfxHiJQ5vJgFWXkAMDK03EJOtBfs4KQWivgatI9sTbiaLxnCYj31Dp3reX3ywsxKPbil2GQi8gZtTyXleMgVXxmSraFOkd1k5AqDh4CUlXylFrr-dSHdt3wnFT1lSOlSCjPpHjt3yEZAvFYg_X5U8dcyl81NxX5CCTCd-MsJRrhimmv7gwEy6COVc_GT0eh6rrZgtYVzz45Os-q4F9B6MSEGkH1MtZGqXAgcJf1L9ucWBSUUHcrTELRKkKyDNI-1ATRUhDTnZENH3wzjltZzEapBqrjJDtV2HDxoLS2D34mM6b_QJaSz1fgWs=&f=2048 HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
content-length: 61
location: https://tiktokaukey.com/?utm_source=ds
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

s.click.aliexpress.com/e/_Dk8GAkv?af=5whvIdjGFamo

104.110.21.5

302 Found

0 B

URL GET HTTP/2
s.click.aliexpress.com/e/_Dk8GAkv?af=5whvIdjGFamo
IP
104.110.21.5:443
ASN
#16625 AKAMAI-AS

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerDigiCert Inc
Subjectae01.alicdn.com
Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA
ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e/_Dk8GAkv?af=5whvIdjGFamo HTTP/1.1
Host: s.click.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
x-application-context: global-traffic-holmes-f:7001
access-control-allow-methods: GET, POST, OPTION
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
location: https://best.aliexpress.com/?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 210308a717145976427071836e2e67
timing-allow-origin: *
date: Wed, 01 May 2024 21:07:22 GMT
set-cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%22%2C%22af%22%3A%225whvIdjGFamo%22%2C%22affiliateKey%22%3A%22_Dk8GAkv%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224533883645%22%2C%22tagtime%22%3A1714597642714%7D&acs_rt=9ccdf11b8f754853a637024255251e62; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
acs_usuc_t=x_csrf=bndmx406omf2&acs_rt=9ccdf11b8f754853a637024255251e62; Domain=.aliexpress.com; Path=/
aeu_cid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
xman_t=r49rnZSjGR3fmgBHYpLoKRrmib0xs2DpibhV3d3EhinuPCq5rG1iXwKF5gLISPXW; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:22 GMT; Path=/; HttpOnly
xman_f=a5Q+tSxiFDGXYwlQiFXm1bvlAgTS7g3mWJB3RxSH3D7t1WMDokzPqAstOJACoOCuuwXzFvKttyCovWYqHAb7WaUvdj6xVOD1xjlejYdpuwsmoACfzfxwpw==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/; HttpOnly
af_ss_a=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; Secure; SameSite=None
af_ss_b=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; SameSite=Lax
server-timing: ak_p; desc="1714597642589_388255172_197790808_12928_1115_1_61_21";dur=1
X-Firefox-Spdy: h2

best.aliexpress.com/?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62

104.110.21.5

302 Found

519 B

URL GET HTTP/2
best.aliexpress.com/?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62
IP
104.110.21.5:443
ASN
#16625 AKAMAI-AS

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerDigiCert Inc
Subjectae01.alicdn.com
Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA
ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (519), with no line terminators
Size
519 B (519 bytes)
Hash
13dde1948026c26cf292370efb92d6b6
14108721e79a0553110b38cff6929e001a9f171f
60df77ace3f98abd7600986ae58a190d94462790bdaf6ef47457dce9b99cdb79

HTTP Headers

GET /?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62 HTTP/1.1
Host: best.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: af_ss_a=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
p3p: CP="CAO PSA OUR"
x-application-context: ae-fn-gateway-f:7001
location: https://s.click.aliexpress.com/deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage
server: Tengine/Aserver
eagleeye-traceid: 2101e63417145976428914611ea92c
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 519
date: Wed, 01 May 2024 21:07:22 GMT
set-cookie: xman_us_f=x_locale=en_US&x_l=0&x_c_chg=1&acs_rt=ebcb2995e45e4a7bad8de818c5d25963; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
intl_common_forever=872/LBXf/XXWgLYrOdti5o8ozpnoUBlL9Xd30EeJ1c2+DsWLToK98g==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/; HttpOnly
intl_locale=en_US; Domain=.aliexpress.com; Path=/
xman_f=0gYO84K7BNgd8Atmj0BzDcCZ70Nv8KjOLV1rqykj79Doy3tF3U1l8icdvRiCN4WntqJSTFsVCqAKwgWFTaxdQ8kezjTIux5DJ6o26NzRkSgsbD6Y/W2tPg==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/; HttpOnly
acs_usuc_t=x_csrf=ji1nwdgzn7b8&acs_rt=ebcb2995e45e4a7bad8de818c5d25963; Domain=.aliexpress.com; Path=/
xman_t=RT3GJ6+ehuOAMSs2Eiw1nnAg/VMUP+/UpHze+x4KNk6glOOOfYP+NXe1OayrQDIx; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:22 GMT; Path=/; HttpOnly
aep_usuc_f=site=glo&c_tp=NOK&region=NO&b_locale=en_US; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
e_id=pt10; Expires=Sat, 29 Apr 2034 21:07:22 GMT; Path=/; Domain=.aliexpress.com
server-timing: ak_p; desc="1714597642840_388255172_197790833_13170_1201_1_0_21";dur=1
X-Firefox-Spdy: h2

tiktokaukey.com/cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp

188.114.96.1

636 B

URL
tiktokaukey.com/cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 107x60, Scaling: [none]x[none], YUV color, decoders should clamp
Size
636 B (636 bytes)
Hash
94e62034ed16f507ae8f34ecaf914e14
571097c727647934f9a72dd55e67d154abebf226
7a1d9b851f6ee252befece0a636ca617c0b55acb079f09be91e33fdf3c643aad

HTTP Headers

GET /cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:23 GMT
content-type: image/webp
content-length: 636
cache-control: max-age=14400
cf-cache-status: HIT
age: 5881
last-modified: Wed, 01 May 2024 19:29:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRq63yVxPre%2FdunfSRIn8ROe1Eji3adH8kMcJO0gahsRCeOA3tMUcGwD%2BA290X2Fk5a3ev90EaH1hgP5X0TXOo%2FvIaeSMH491aK71DUBZyEb8%2BNcT38lBkVi%2BQItFxoS3kA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bda50bc95691-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-0DVFP1JGB0

142.250.74.168

102 kB

URL
www.googletagmanager.com/gtag/js?id=G-0DVFP1JGB0
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
102 kB (101542 bytes)
Hash
0c428d5a5529b72a31d1ccd3a703e61e
0805aac33a12dda7f51396424231104310f280d2
ff69544e86ad720126b310ce330f0b8f4a7a38c296e38e057a2e0f79c25900f3

HTTP Headers

GET /gtag/js?id=G-0DVFP1JGB0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:23 GMT
expires: Wed, 01 May 2024 21:07:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

xml.car-bidpush.org/click?i=LjdR1b4lPl8_0

198.134.116.29

302 Found

0 B

URL GET HTTP/1.1
xml.car-bidpush.org/click?i=LjdR1b4lPl8_0
IP
198.134.116.29:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectcar-bidpush.org
Fingerprint70:D3:D0:96:B6:97:0C:96:E6:F4:E5:FA:F6:78:D1:D5:C3:68:17:BC
ValidityThu, 29 Feb 2024 07:42:37 GMT - Wed, 29 May 2024 07:42:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=LjdR1b4lPl8_0 HTTP/1.1
Host: xml.car-bidpush.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://forza.idescargarapk.com/get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002

www.googletagmanager.com/gtm.js?id=GTM-M7N6624H

142.250.74.168

64 kB

URL
www.googletagmanager.com/gtm.js?id=GTM-M7N6624H
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1808)
Size
64 kB (63829 bytes)
Hash
fcff753de0972b6aef3a1dc363a5399b
83b8cd168c7ed49fdf2691b0d9081f68f00eee5d
e2888c96bfb4d4c489d77b5056a188dd2a9ed810a561c80c9ae03a09a620bf42

HTTP Headers

GET /gtm.js?id=GTM-M7N6624H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:23 GMT
expires: Wed, 01 May 2024 21:07:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

s.click.aliexpress.com/deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage

104.110.21.5

302 Found

0 B

URL GET HTTP/2
s.click.aliexpress.com/deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage
IP
104.110.21.5:443
ASN
#16625 AKAMAI-AS

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerDigiCert Inc
Subjectae01.alicdn.com
Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA
ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage HTTP/1.1
Host: s.click.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: af_ss_a=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-length: 0
x-application-context: global-traffic-holmes-f:7001
access-control-allow-methods: GET, POST, OPTION
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
location: https://best.aliexpress.com/?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 2101fb1217145976431074338ef380
timing-allow-origin: *
date: Wed, 01 May 2024 21:07:23 GMT
set-cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR%22%2C%22affiliateKey%22%3A%22_pz9sEiR%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%222%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222391147471%22%2C%22tagtime%22%3A1714597643113%7D&acs_rt=f309d47ae7ec4cb092233f61dab141e1; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
acs_usuc_t=x_csrf=eg49qx2fkqfc&acs_rt=f309d47ae7ec4cb092233f61dab141e1; Domain=.aliexpress.com; Path=/
aeu_cid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
xman_t=D85cLBMmUQJ96Fzf8U5GDySFmlKYzvrWx9lCEn4CtDXwUew75x25X8ywzAqHtg4J; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:23 GMT; Path=/; HttpOnly
xman_f=btalBGRZXufZRDzIiV2vNQBMktKM0LwdT8qSjbOBaRBZO6s/R1Ue2ZR9cESwELg79iZiH4IhstgZvC3xOUOdjN7Up0y6XGMpHIZJICenDY6EjOs7Miz66A==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/; HttpOnly
server-timing: ak_p; desc="1714597643054_388255172_197790875_13996_1517_1_0_21";dur=1
X-Firefox-Spdy: h2

adeumssp.com/js/deumbld.js

168.119.90.96

10 kB

URL
adeumssp.com/js/deumbld.js
IP
168.119.90.96:0
ASN
#24940 Hetzner Online GmbH

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
10 kB (10515 bytes)
Hash
e2199caaa92618d4c1c00ab983557812
28472c5cfbf1661d14028ca171058e0d35f2564f
d12d54000df41885ecf12fbd0dbcb72681f4dd06a02e1c3fc223516b3d8c6f0e

HTTP Headers

GET /js/deumbld.js HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:23 GMT
content-type: text/javascript; charset=utf-8
content-length: 10515
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 13:48:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44t0v9104348843z8832020053za200&_p=1714597638959&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=error_network&tfd=8133

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44t0v9104348843z8832020053za200&_p=1714597638959&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=error_network&tfd=8133
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44t0v9104348843z8832020053za200&_p=1714597638959&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=error_network&tfd=8133 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 01 May 2024 21:07:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

forza.idescargarapk.com/get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002

188.114.96.1

200 OK

12 kB

URL GET HTTP/2
forza.idescargarapk.com/get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectidescargarapk.com
FingerprintE3:36:1E:E0:CB:A7:32:C4:EE:F1:53:24:6C:4D:08:15:31:8C:01:30
ValidityThu, 25 Apr 2024 11:41:38 GMT - Wed, 24 Jul 2024 11:41:37 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11804 bytes)
Hash
263e2aa0d3eb08b64499a2f6e7f44848
4bdc0f8e8529381f1b1b31e4829b712164afbad0
fe91c2003b5abf0056201ad40173570d1e93a77a1beff613548df820290d590e

HTTP Headers

GET /get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002 HTTP/1.1
Host: forza.idescargarapk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=4af03752ac70331c0ffbf02203e5c487; path=/; secure
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 01 May 2024 21:07:22 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0,pre-check=0
pragma: no-cache
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQBJSe5%2BafhrBrb%2BF4LjoE1Ti5edVXvgGUj%2BChDUZCg1qjbnaAWGU7AW0yqoeQzQ7C%2BOwKdh5cz817m62sS6zr1py86sfnNA6V3G0uBUcPZ1GbW8ZXdZRlNIlJAGDSi84uv1PaMkcWR0SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bda60dd8568d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/twitter.js

104.22.71.197

200 OK

645 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (655), with no line terminators
Size
645 B (645 bytes)
Hash
671b3272826b2e03f7f5ecc6846a4f83
bcd620154cd6381ddf84b4e17e53ad716f3acbea
b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDPgy6%2FCFco7ZqeYZITOPpe4G7aTd1GkCTxJkCzo3%2Faq1nSc8YCKI5rv%2FEc26ZobIVPfG95wngqxtuC1v6ytV7ocv34Wmf%2FCJNYbd0Rt8Iro2ga8%2Bx3Q3cFEQLvZQNh9dar9LmUpfyutdXuKILUrcx88"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13549
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a969be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

170 kB

URL GET HTTP/2
videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
ASCII text, with very long lines (50421)
Size
170 kB (169541 bytes)
Hash
bf9af199b5ef61988f82fa239ebf61da
d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc
e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-29645"
expires: Fri, 31 May 2024 20:57:29 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

zv.7vid.net/api/spots/70101?s1=203230&v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3

135.181.208.216

200 OK

67 B

URL GET HTTP/2
zv.7vid.net/api/spots/70101?s1=203230&v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subject1111.spinna.online
FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED
ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT

File type
XML document, ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25

HTTP Headers

GET /api/spots/70101?s1=203230&v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=IbtRgMjMRguc71p4k2WC; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31bV2Jy

104.21.37.74

200 OK

239 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/31bV2Jy
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yh1x1%2Fwri61s6bah7Ad5V14jJ9gyPXLY%2FaqW8WSy5buUV8zjqcNx97SLdWIcuQDYHv4NLMZcqKiW9TqeX2zlZ6pwpZ%2Fncb1ikSiFm6mU41S2z%2BO%2FpIBghXwlb3QZMgdrmbVH6p6KemA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8ebe350b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/favicon.ico?v=2

78.142.18.54

200 OK

1.2 kB

URL GET HTTP/2
videzz.net/favicon.ico?v=2
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
07075ddac650ad1577e310576f4ac231
1c8f551262fac5a047a268b82fa932c405ab13ff
c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1; file_id=38001995; aff=203230; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1; _ga_HEX1BG8H46=GS1.1.1714597640.1.0.1714597640.60.0.0; _ga=GA1.1.1256158139.1714597640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:20 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:32 GMT
vary: Accept-Encoding
etag: W/"662ca998-47e"
expires: Fri, 31 May 2024 20:58:10 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D

178.63.99.108

200 OK

2.4 kB

URL GET HTTP/2
tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D
IP
178.63.99.108:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subjecttidyllama.com
Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52
ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (2470), with no line terminators
Size
2.4 kB (2367 bytes)
Hash
623a58b6e4ec929b2fda5476090dccb8
916c2e620b624545305cad2f3a55a18c6c1aff70
1f7c5cc90953f885d50399ff79ce41fbb5ab01490b90c2f9d0f1309778623ce5

HTTP Headers

GET /click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

tiktokaukey.com/?utm_source=ds

188.114.96.1

200 OK

7.8 kB

URL GET HTTP/2
tiktokaukey.com/?utm_source=ds
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttiktokaukey.com
Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9
ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT

File type
JavaScript source, ASCII text, with very long lines (8179), with no line terminators
Size
7.8 kB (7775 bytes)
Hash
0550dd483859f2f9bc9de04d79107b11
b24518e897c897421ec2d2637c8149f464e1c5b0
4005efc33f7a3d9074e2f88673bcedb091773951b90c45c811bb327a53405f7a

HTTP Headers

GET /?utm_source=ds HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tidyllama.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jG4aVGz4K0K%2F%2BS4M4YyXGThsMSrlJ4oNSzVf5qON2vTyWVeXEO2KefY9HJWvHurAKVFpSWJ6NeilDugL7wvzQWZ%2FdeQ6iCMSGorEUqaiLwWfEaOuLOEG7at7vEWte%2BW%2FxDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bda37cf70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/sw.js

78.142.18.54

200 OK

42 kB

URL GET HTTP/2
videzz.net/sw.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (42324), with no line terminators
Size
42 kB (42324 bytes)
Hash
764aafd976dd9cd9f33279bfafa02908
e9ad856ec00bccfdcbe17b79113681685c943b8d
2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-a554"
expires: Fri, 31 May 2024 21:04:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

tr.7vid.net/api/settings/59845

135.181.208.216

200 OK

33 B

URL GET HTTP/2
tr.7vid.net/api/settings/59845
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

HTTP Headers

GET /api/settings/59845 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

104.22.71.197

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 7635
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd8d9c8abe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/whatsapp.js

104.22.71.197

200 OK

1.1 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
d822c46f36a55fdbfcc5029e62e19937
c575da68fa99eeb33863f281395755cbf20004d4
062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMNCF5cuYNbdgSQIYvGvJmAiNyrh4kdkShQKpIHbislO3uUBlP2WcmvA7CwUz25UAwFVWMunJPGRuiI78m2oYPQhcG%2FLrEnWp7pzWU%2BujyuRcJns%2FzbfiyL7PHZhZxHqwBORwnEho8YWG5UW6DUZlpFo"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7574
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a96fbe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A-

66.254.114.234

200 OK

961 kB

URL GET HTTP/2
tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A-
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type

Size
961 kB (960668 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A- HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2B33FF366644E7A082D3EA086BAA73A48F56FA60CAE48CB43FA27C2B1900
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 281691
x_ats_instance_type: tour
etag: W/"ea89c-3K+iQ2B+jM2JFtLSqE4WdtvQatA"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE0Njk0NDAwLCJpZCI6MjgxNjkxLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.zvQrEL_rvxHoT2qQILmTW972-I3mAORG9lS_ZAAnbZ4; Max-Age=86400; Path=/; Expires=Thu, 02 May 2024 21:07:22 GMT
__s=6632AF0A-42FE72EA01BB2C7902-C81E8;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c

142.250.74.168

200 OK

274 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
274 kB (274353 bytes)
Hash
b5412b4a6c48048a75b7d9521f07a463
5baf4b89eabeba3e0d403f79e488e450a4053471
95634a7d300c81d472aef4e97895092e484d2e157e73e3c4ab2f97d8d142b2f3

HTTP Headers

GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:19 GMT
expires: Wed, 01 May 2024 21:07:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tfosrv.com/show_std.php?id_site=6411&id_channel=25821&uf=true

216.18.168.29

302 Found

1.2 kB

URL GET HTTP/1.1
tfosrv.com/show_std.php?id_site=6411&id_channel=25821&uf=true
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
1.2 kB (1161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /show_std.php?id_site=6411&id_channel=25821&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289
set-cookie: sppc_uuid=09bdca53-52b6-4846-8c24-773f4cde2d06; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

videzz.net/9rzstwlkppht.html

78.142.18.54

200 OK

50 kB

URL User Request GET HTTP/2
videzz.net/9rzstwlkppht.html
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
50 kB (50053 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9rzstwlkppht.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 30 Apr 2024 21:07:17 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 02-May-2023 21:07:17 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/viber.js

104.22.71.197

200 OK

1.0 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/viber.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (1027), with no line terminators
Size
1.0 kB (1003 bytes)
Hash
b216786a6e2822572e4c78284416fd02
b3a072140d798b6734431ff6a890da7cb8c701ce
265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370

HTTP Headers

GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M0rb%2BlxK%2FoVsTW%2BGG0gAV%2FZ1piN8S203kYMFo607CVx%2Fjmecxu8H4kL7bp9jwZt8Egtrpb0rM6tKdsDVCVUAUglqOvAhCFDY1u8NVb6rrNNTQXdM8uqjyqMNub3NThTQ85aCzQ%2FFd2quzTVwUO62Ob6"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13549
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a96ebe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/reddit.js

104.22.71.197

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0mOx4XlrTIiF2kgPx6kTLqvld9HnTiKfwbHtlQYvoZA5g44lQveP2tVGPcXkEtoJ4gdclI9E4sgSmKYq0PxXzDgMaF%2BsVjnodBsPUjbhHxMB74I6LxuYoSHW9DhGzcNcscDW8G9"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19244
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a962be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

allvideometrika.com/f.php?sid=212515

172.67.214.245

200 OK

0 B

URL GET HTTP/2
allvideometrika.com/f.php?sid=212515
IP
172.67.214.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectallvideometrika.com
Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13
ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzRnjgbrnEbxp5vKdZMJOVB1whk8ujohdp2FPKbcDDyYx1XMpfNvoHsy7sY%2F3w5bcmJmjiFWi5zDK%2BN%2FQZx%2BBD2CVxDJqNrNp4I8y6GYqQqEeumZO7WEHQRI%2FKCEYyGV89B3mdFK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd92d9b2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

11 kB

URL GET HTTP/2
videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (11269), with no line terminators
Size
11 kB (11269 bytes)
Hash
f2b1e2d690c2c568d846e8da3ab66ccd
f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a
3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-2c05"
expires: Fri, 31 May 2024 21:05:23 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

142.250.74.74

200 OK

27 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (634)
Size
27 kB (26662 bytes)
Hash
b38e93359bf408137b205df1dc494995
c8a136dea93305a6be1a7341e5b1d34145415b37
24b63ecac66577632b7277c0105fedc08608171a8ca4335fa5f8e07104962320

HTTP Headers

GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 21:07:18 GMT
date: Wed, 01 May 2024 21:07:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet

142.250.74.74

200 OK

48 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1572)
Size
48 kB (47712 bytes)
Hash
61e51ca36cd9e3939eea245c274df4d2
690f446590fd749fcdb23860a787f7075c3ac9df
59d779cc48a40b1dc4f69b77ea6c6e05f4ca8e517e5541a107ff7f09714a7f82

HTTP Headers

GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&amp;subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 21:07:18 GMT
date: Wed, 01 May 2024 21:07:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

104.21.37.74

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKvwmEJtZ2ocs6QWbyU%2Fkq5R5D8G5gR85BtgHaWpwkPUtGqRh9Y%2B9qB7jLWrI5bA4l79Hsqfgt%2Fhh%2BRbENx3xu2WtfwXmJWS5L0WFQZo1XZZ23JbserWj1iXyMkHWnP8XCrXVEYl940%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8d59fbb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319

174.137.133.17

302 Found

1.8 kB

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
1.8 kB (1769 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/

static.addtoany.com/menu/svg/icons/facebook.js

104.22.71.197

200 OK

429 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
429 B (429 bytes)
Hash
874e1638740e061f9fa55eda3180724c
108a7e30fa0f7d50b961845ec970a2745f3c821f
d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHckTjoXuwSZA9lMRraMKCpOd%2BcFmeHjQbSapL4yb3KetBrr648Avto59mqGEa7rRKEbTaGmjlhEiDLjJQJ4bFxx56XnHuU3vt1j%2FPW7upUauuAxcedteBLZWq7%2B%2Fhu3vpTMQC%2BV"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19244
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd919955be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

best.aliexpress.com/?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1

104.110.21.5

200 OK

0 B

URL GET HTTP/2
best.aliexpress.com/?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1
IP
104.110.21.5:443
ASN
#16625 AKAMAI-AS

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerDigiCert Inc
Subjectae01.alicdn.com
Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA
ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1 HTTP/1.1
Host: best.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: af_ss_a=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-fn-gateway-f:7001
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 2101e63417145976432927329ea961
strict-transport-security: max-age=31536000
timing-allow-origin: *
date: Wed, 01 May 2024 21:07:23 GMT
set-cookie: xman_us_f=x_locale=en_US&x_l=0&x_c_chg=1&acs_rt=44cbe3fe928f4721b5b40e43e263532c; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
intl_common_forever=ITIP2YL2nGcUTTLn/brBGF0BwN7ZRFxVXHXtYyqH9LW2HVBfzCT4qg==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/; HttpOnly
intl_locale=en_US; Domain=.aliexpress.com; Path=/
xman_f=PArsKOtQeps4k5gkTQVDt3LH4gjiL8rzMGv3PEk1HD3QGrA/6o68Sta0WgM5q3KTsZv6zyqKyB98w8JcUZfIeoRmknEKq18BYB3/Xcn8GOddNxvZhq0coA==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/; HttpOnly
acs_usuc_t=x_csrf=abik02lyywsb&acs_rt=44cbe3fe928f4721b5b40e43e263532c; Domain=.aliexpress.com; Path=/
xman_t=rOlBoDyCrjydohgR4YtjKCdCPQybi/WhXRXpmggD7Bz2h0fql+FLL8T70BApjUzh; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:23 GMT; Path=/; HttpOnly
aep_usuc_f=site=glo&c_tp=NOK&region=NO&b_locale=en_US; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
e_id=pt20; Expires=Sat, 29 Apr 2034 21:07:23 GMT; Path=/; Domain=.aliexpress.com
server-timing: ak_p; desc="1714597643239_388255172_197790983_44402_1045_2_0_21";dur=1
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/0YDX8OE

104.21.37.74

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/0YDX8OE
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
af2b6f5e906532aa6d51ed7dcbb8fed7
5ddca712e64ecb7520e561656c87079ec18e3db1
eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3

HTTP Headers

GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgMeNRoULbfMCbnJPV%2Fxn%2BE1z5ql2JdVmMhf7rUvtrmNaCcV%2BM9Z94qSLDrEbYIDI2oI8khEOb1guvkjaSBtyUGsPUD2amuu2bELUiRXIx0viXMBP%2FkugFBE1MGq3RV2bWTTqxuCmWU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8daa59b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

104.21.37.74

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2TN9weFq4TyQXjXCLlYMEI8NahPGQ1uj3WfD6oJ9S6Vp5GSuwA3wbqENUnjKjoXxtR5IJgAKPIOFkhBvnsP8J7Tlj%2BmDy5hXp2%2FBVwkCbGWKC3NY7vTt7n1tZMSe87vte5T6NM0AWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8d5a05b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/telegram.js

104.22.71.197

200 OK

360 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/telegram.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (370), with no line terminators
Size
360 B (360 bytes)
Hash
d455b7099e753a3680d5e481a7b56a9d
146fdec3f2e51dabdd15fc8acda6d73823b0d44d
4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a

HTTP Headers

GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9pMpDWY00S1UoBh7dh%2BqpIB7xhAcdI3P3uTdcS6qq%2FtzBjk7n4vAi1%2BOKW1Nn2Tu6UDIw%2FTM%2Fn2MlHdbEFjDk6axCU4elS5Yq9F04lGV5fCgvnFISm%2BDhGKCweMmDEI4ytEVFz5JPvB7orF4KjdSsYL"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13549
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a968be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ba1343eb3e49a0961974f5c12bb3dd9d
cdn-cache: HIT
cf-cache-status: HIT
age: 95295
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd877afa1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230

135.181.208.216

200 OK

655 B

URL GET HTTP/2
tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
ASCII text, with very long lines (789), with no line terminators
Size
655 B (655 bytes)
Hash
dd249791354e23cc5ae20fa592c9b09c
d5d702486bb5936fdcf693ca2b8dbaf8d82294c4
2d85e70d0dd5bab4eda76e06cbe45aaf7294a9e5c18db19e678468d2813426ca

HTTP Headers

GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=QOHfaLUnCzj4jvdP7bD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

tfosrv.com/impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289

216.18.168.29

302 Found

1.2 kB

URL GET HTTP/1.1
tfosrv.com/impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
1.2 kB (1161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=09bdca53-52b6-4846-8c24-773f4cde2d06
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e
set-cookie: sppc_uuid=33a7df41-6552-4414-863f-49da6d1fc289; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

static.addtoany.com/menu/locale/ru.js

104.22.71.197

200 OK

2.1 kB

URL GET HTTP/3
static.addtoany.com/menu/locale/ru.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA
ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT

File type
ASCII text, with very long lines (2170), with no line terminators
Size
2.1 kB (2130 bytes)
Hash
7581051e137324f383ce692c383a90ac
7c66ac218fd109304436e9588d602c7aaab63b82
428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c

HTTP Headers

GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCGaSgK4l4uuupkt%2Fh48xawn%2FLsP2Oc7FV2rnIbYLl451pxdJ1oMITTRBbvcYnbHpEriv68tYoC1pM1o9lpB%2FEZ9pq%2F%2FeO7UWlZgkAql17yczLWYLrVFfSr7t10H7zZgMjGxgdHMxT1kCepnhNyo7rqx"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3649
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd919953be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4

0.0.0.0

0 B

URL GET
str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 HTTP/1.1
Host: str42.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 01 May 2024 21:07:20 GMT
content-type: video/mp4
content-length: 21495431
last-modified: Sun, 28 Apr 2024 15:56:39 GMT
etag: "662e71b7-147fe87"
content-range: bytes 0-21495430/21495431
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31bV2Jy

104.21.37.74

200 OK

239 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/31bV2Jy
IP
104.21.37.74:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiPivMVRo8kK35zU2YuXc8lZUxCwJc4m08%2BlUEb3K12NGzuPPTWupTfz8xVohVctwqMpOm53sLqilEU96uPfSnO1td9n5GUG3EeKSEjaviTWzSW9WV7VwMrYF%2BpqamFNOg5Hmd60x2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8eae2c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4

0.0.0.0

0 B

URL GET
str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/9rzstwlkppht.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 HTTP/1.1
Host: str42.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

videzz.net/images-newtheme/logo_60.png

78.142.18.54

200 OK

14 kB

URL GET HTTP/2
videzz.net/images-newtheme/logo_60.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced
Size
14 kB (14101 bytes)
Hash
650a7f14495bcd9ed2140ed51d8b9fef
47cb64b0bc23739e4e25e7c1bea6d63e438ebee0
aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 14101
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-3715"
expires: Fri, 31 May 2024 21:05:05 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

0.0.0.0

0 B

URL GET
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

111 kB

URL GET HTTP/2
videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
111 kB (111387 bytes)
Hash
6249517b9005ca7822f82d024996812f
9085d09ebbe9e6c5963644d49c82c350f1be141d
fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-1b31b"
expires: Fri, 31 May 2024 21:05:38 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 103733
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd90ba9d56af-OSL
alt-svc: h3=":443"; ma=86400

videzz.net/js/jquery.min.js

78.142.18.54

200 OK

96 kB

URL GET HTTP/2
videzz.net/js/jquery.min.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
96 kB (95786 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1762a"
expires: Fri, 31 May 2024 21:07:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/images-newtheme/ico_signup.png

78.142.18.54

200 OK

1.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/ico_signup.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1094 bytes)
Hash
eb2e533fce6d10e6f1231e3c07aa7e7a
194f55dab0899b59605972b6a0edd85bfd975488
6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 1094
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-446"
expires: Fri, 31 May 2024 20:59:16 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

tr.7vid.net/api/users/88464?v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3

135.181.208.216

200 OK

67 B

URL GET HTTP/2
tr.7vid.net/api/users/88464?v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
XML document, ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25

HTTP Headers

GET /api/users/88464?v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=QOHfaLUnCzj4jvdP7bD9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/images-newtheme/locale/spritesheet_25.png

78.142.18.54

200 OK

3.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/locale/spritesheet_25.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3355 bytes)
Hash
f114e74e1fb82ce234e7a2503506e2ac
5adb3ddc13861aa417471710f1ceaca66ef71c74
e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1; file_id=38001995; aff=203230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 3355
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-d1b"
expires: Fri, 31 May 2024 21:06:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

302 Found

1.4 kB

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
1.4 kB (1368 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.animezeno.sbs/

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.25.14

200 OK

77 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 95318
expires: Mon, 21 Apr 2025 21:07:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hTkOW1UO6eZQAE58Ta8PLfz35AidGF6vdj297RI6ptINGzEmM7k4wYyLZiPL%2BIC8BPkMVvrn%2FJ9dihraUA6JzOJ8bQRoSr5lsMBo1NB%2FxNrMbQHZsPb5KUrqwiQRzNJi75gctTZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd8db8efb4f3-OSL
alt-svc: h3=":443"; ma=86400

s.o333o.com/adgpt.js

85.10.205.45

200 OK

2.0 kB

URL GET HTTP/2
s.o333o.com/adgpt.js
IP
85.10.205.45:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerSectigo Limited
Subjects.o333o.com
FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46
ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2144), with no line terminators
Size
2.0 kB (2040 bytes)
Hash
15c5faf13e6a9fe6956e7a9f8dfc1fe4
d323e8b5e73a2b8697c980370840e9c7b574ad68
53e483dd657b4fb19cce7d604e2b5890d0694b9a2c9190279151ac830d24ba81

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2

videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

159 kB

URL GET HTTP/2
videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
159 kB (158902 bytes)
Hash
7c33538390b466ae717449d729bb32ea
49ea1eb1dc06467f516eae28e09863a23b244a31
a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-26cb6"
expires: Fri, 31 May 2024 21:07:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/9rzstwlkppht.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e2a35387e8c88af958e57495a9964ed
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (72)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML