| cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.25.14 | 200 OK | 867 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.25.14:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (4034) Hash0680879d9be8b73e90cf1ed3de2724e1 e338268ddd73ef607dbbca2ff375867972f66353 5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857
GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 95270
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhRmMR3FmxDwOBvojM7y0bYHOY7hs%2FfdnscMqpThLbwgNP3PjSQx14JAcFSJrkRUy1XhMaIp7aFxtiYmpLNvJDKUUBQNjzmMcKKeXDpD262YIr%2FLHeqX1ofSpft7%2BtPH7PLrNghV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd876b7e0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.25.14 | 200 OK | 2.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.25.14:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7172), with no line terminators Hasha99386c14c1250b20b42dd0db3df1741 cc8562d8ee2c39a2adea8d09eec3c4096571dd18 de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672
GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1827
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fyq%2B8byRUP6CDc6VgQboWAPnxkbOQFUzBFeynGxCsJ698xBmo7TNYxUmINXpWIPZbVJElr0hts6bZnff3hCX5HrJ9Ebhdk0TJ7ZsgzTh644m8lXb%2B2l2IGNag2e2VZYmQ0AuDMD%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd876b820b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.25.14 | 200 OK | 1.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.25.14:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hashdcb0ac787e2b120c8aeec195cd6decb9 7cdd385b4fbdfd0801af64d9209e7ede132dd954 f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82
GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 744
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAD8IA9vNxLXzQhdPkVuRwb1ddbvjRHTOZTKNLndnNZsHPwNKrnUw4nZnNhIzm%2Fehbwn0onoid5mHN8e4kuWDtDvrw%2Fa0Iod%2BKy37zgT4DhYyAi%2B%2F2TXJLvlxbXNAsFQeG2q6mLt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd877b920b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-23"
expires: Fri, 31 May 2024 20:58:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-d3"
expires: Fri, 31 May 2024 20:58:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-2074"
expires: Fri, 31 May 2024 20:58:55 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-18e9"
expires: Fri, 31 May 2024 20:59:28 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash06dfb912050a94a71f75dcc5cb18c877 6700beb402ee9705589c0df7143363b969224ab4 24f0286644e20d0792ce791c5a3b98e20ec42edc2a1855ec8dc1478803469201
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:18 GMT
expires: Wed, 01 May 2024 21:07:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/henYKwb.js | 135.181.208.216 | 200 OK | 88 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /henYKwb.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| vz.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.cpbj8ddae04d.shop Fingerprint05:51:C2:15:91:D1:D4:BC:15:B2:36:C5:1A:40:61:CC:74:87:18:53 ValidityTue, 23 Apr 2024 10:27:07 GMT - Mon, 22 Jul 2024 10:27:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| yd.cottoidearldom.com/1clkn/14903 | 23.109.170.34 | 200 OK | 26 B |
URL GET HTTP/1.1yd.cottoidearldom.com/1clkn/14903 IP23.109.170.34:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectyd.cottoidearldom.com Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:18 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 21:07:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 21:07:18 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 103787
expires: Mon, 21 Apr 2025 21:07:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KflxSINhju8jZ3ekzXxeuCsjOhYnopJeZ3JAVbq2WmnTtOA6T1XSkQIXB7VdBt%2F%2BZ9d5Ltqi%2F3EX1w0PaP8w8kSR%2FFsDF55eQLHmxIG5%2FbU10%2BKAaR68%2F4Oky7QGOjTxL9wHlAlJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd8abd6bb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js | 192.243.61.227 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44115), with no line terminators Hashafb3da0358eb20ae883411cd5af8baaf ddd12a4f1fbcb3828ac260a85a808503c23ebe91 558baa0dca9a0e825341074107b97d28f61904c7ad39b07a1987155ee4a564c0
GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 01 May 2024 21:07:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 92770902365c6ae009f42083f6e77ce0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 55 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Hash2432ad64a4111424446498aed2f66696 edd583071ee0f8de9e5908a074efb58e6d843cbe c4892fa78328147524a742ddac9771aac11e19b3eb62908c7b3a3a18b328fc29
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-22364"
expires: Fri, 31 May 2024 20:57:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.108741924114554 | 78.142.18.54 | 200 OK | 4.0 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.108741924114554 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Hash4a57853ef40d77e658d976b58951b0c4 d5d5f992eb954023a80906475b268804cc44abc9 efd1e22bbd46e4fd4c8e0394fe18c993d168555db8a8905f186aa6811ec08335
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.108741924114554 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1c25"
expires: Fri, 31 May 2024 21:07:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hash7b2c39a95b60582cf3e48ac3a2fe93fc 077ad41b276f854ed4513f6344efe3d281e6972a 400322a152eaf2cf1cb77e86d2e0e5880ccfecc169ca36a6338e00b8366d5187
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:19 GMT
expires: Wed, 01 May 2024 21:07:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.120 | 200 OK | 128 kB |
IP143.204.55.120:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Size128 kB (127622 bytes) Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:31 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zBP8ixChgJr3kehbMaR9FNb6_XCkVUE4KTNHmvh7mSAl71umlBtXfw==
age: 1769747
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 104.22.71.197 | 200 OK | 2.3 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3003), with no line terminators Hash5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWZsNxx5LDQ%2FCmyOFsE8E2BnrVsLnneGIQNyd9wW5p4HAuYJk1J8NDKyEOb3GQVsuv1k1liuf%2Bmj3zbtE6j3FHtvw%2FKNdKKDmXgE%2Fq44DiWXRWJOh045rrNs9uLI3BbIrsQ0WiQVSeSa3Tq2fKeyXXzg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19258
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd882db9be58-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48208, version 1.0 Hashc49b7c3643f781d71645c5a40a78b5bf e71138026b38afc443fb60da5ffc2244c4f5eb11 8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:09:34 GMT
expires: Sat, 26 Apr 2025 06:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 485865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/facebook_button.png | 78.142.18.54 | 200 OK | 3.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/facebook_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash7136dd30e8f2bac19a84c71f7051fbe4 9e0386c21a34c2034c5736d083f2aa9d74aa9698 0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 3296
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-ce0"
expires: Fri, 31 May 2024 21:00:23 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/reddit_button.png | 78.142.18.54 | 200 OK | 5.6 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/reddit_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hashe81d26d1620449624337a4d43f931daa f03bec039b900b6668f56c295b6152f206614347 a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 5639
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-1607"
expires: Fri, 31 May 2024 20:57:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/telergram_button.png | 78.142.18.54 | 200 OK | 7.1 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/telergram_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash30c0202bb8d66d562c2f6f74e04cecf5 330d3cb6d6e12800458fb4e711f5ad2669ed6418 5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 7130
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-1bda"
expires: Fri, 31 May 2024 20:58:26 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/twitter_button.png | 78.142.18.54 | 200 OK | 7.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/twitter_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hashd680a9ff6f8107a4582fc3da7b95b852 df709fd8b064642697ce5075aef16d7ec3df9475 d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 7332
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-1ca4"
expires: Fri, 31 May 2024 20:57:52 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/viber_button.png | 78.142.18.54 | 200 OK | 7.6 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/viber_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash36454bc0a71ba0919c38f4b072ea1792 b90bd02d15eb470070f5767b12f8879cfa54033f 795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 7583
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-1d9f"
expires: Fri, 31 May 2024 20:59:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/whatsapp_button.png | 78.142.18.54 | 200 OK | 9.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/whatsapp_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash093cb56d9d65dd0ccb57f24eb7444cba 3d862fe04fc38402dfb6e8afcfb9adc526907d54 9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 9402
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
etag: "662ca999-24ba"
expires: Fri, 31 May 2024 21:00:44 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 178 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Size178 kB (177506 bytes) Hash24da0a6b9d497867b5a377f28f92172b d219ddab300587705671a0c783b6b741a50d3d3e 21d6742ccad260c98b93a09aa84804fbf8ca969e33e11990316c3753b2eef528
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-65a66"
expires: Fri, 31 May 2024 21:07:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.57.125.73 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.57.125.73:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash654d554bc5bcf995cf08118f4aba7acd a83aef9cb9b0260fdbb0cabf3518d18e1b2558ed 0960dd13b463d93436e6a05cbd0af8ce94d148e306dd44fce9747e3d5e9a7ba5
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2a0ad835-cecb-439b-874e-3369a032fa4a:2:1; expires=Sat, 29 Apr 2034 21:07:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.71.197 | 200 OK | 26 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9is32%2FvBRjKBMF%2BBEdP7sN4xINU%2FGCfuJuuuQf7jR0OhsmJZXKf2mdBIWRxQZC2Xdb%2Fu4CIqU4D7O62VmM5Sr%2FSS%2FfBC%2F%2BHVMfwaHKXWIcGc9wRp0B%2B1xU6yUr79Ax7dbmD2Vmzn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13550
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd8dfd01be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tr.7vid.net/api/spots/190873?p=1&s1=203230 | 135.181.208.216 | 200 OK | 3.6 kB |
URL GET HTTP/2tr.7vid.net/api/spots/190873?p=1&s1=203230 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typegzip compressed data, from Unix Hasha9d69d9ed76f99eedd72a51e6d3961b1 61c452ab2947357b5fd66177a14f02cd9779faaa 2255b3d32cc47e4522a0544929c12676443e6e3c21cb9e86bb9df7bb7b13dfcc
GET /api/spots/190873?p=1&s1=203230 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=QOHfaLUnCzj4jvdP7bD9; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 105 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Size105 kB (104621 bytes) Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0b95166c8a2348fc09049026d1f6d91c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 01 May 2024 21:07:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZNW4f%2FGkTQFL%2FRdlt8dkQJUgzLgMAc6P9hhbnrECUJG1woSKh3KdNIv9QGioHLPsZf7FykxWV9XlWiE2tunu6TwwVOiM1VDexogvg846jkJpSFnkXXV22QgLlMCpXgh5pzD537dSEC8CyoRTOcPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd8e6f5bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 585139
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 104.21.37.74 | 200 OK | 48 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hasha59a1eb59104d4bf5ae063b28f80a03e a03719ddbf97ee76f24a77994dc2fed934bad2db 80499cd3508dab092fa2c87d292031821e2230653503f1dd41c2b9c04571fc47
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dgcl7Q%2FDg7u5CLS%2BU%2BMbauUWPobgqs4gLEIM35ioWSWzJFacIWXYJCfQ3Hci6LphWPButTW7%2BIGAkH9QODT2etWNpE3HBZU%2BsRK%2FuhWAiA%2F68oAZ891jB%2BF4kjTxydLv2%2F5uhwPxejQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8d59feb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 104.21.37.74 | 200 OK | 95 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/e6yMnW6 IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash3e4f8d950f382330e0d32f9aa59bb11b 0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d 25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5m%2FeJ4FCVCdYPpxElFSJMGUxE8ulqL8sRlWv6HOx6WmpI0IPDXCyL3V1JVkdOaZaoZzehULe9IzAHC9%2FeWXNCF%2BgdAyxi3mnaMQJFAMW1dO3AYPqzBhbVM%2BNKUr1E9b4q%2FkAfvlvJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8e8e050b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| donateentrailskindly.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js | 192.243.61.227 | 200 OK | 30 kB |
URL GET HTTP/1.1donateentrailskindly.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashcf81cd59a2ae8f0cbc59b5ed0b495ce1 89917a6cef348eba5cbe78e8802bb4c18e8057fa 8bbae8b3c211b9fd4cee88cfcac274a8bcd96158c713fb101fad86f43945a739
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 01 May 2024 21:07:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95e79a42e500235324c345f0f3dad5f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.97.1:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (852), with CRLF line terminators Hashb340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsO%2FxlOWdzb3X3BfCrazDinZz46kI3eRllGWCwhNpSNRE2cHCb3eVMYX7UEqEfwVziDRTjPH4EWNE2ELdSGGE2e0YaVLuqXhutQmuL%2BZw8YcmdPagYIUNfYXryxHxgZIRe2C4GRuMblu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd90ace056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| str42.vidoza.net/i/04/07599/rs8ronxyl6hm.jpg?v=1714597637 | 109.202.101.220 | 200 OK | 35 kB |
URL GET HTTP/2str42.vidoza.net/i/04/07599/rs8ronxyl6hm.jpg?v=1714597637 IP109.202.101.220:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, baseline, precision 8, 576x1280, components 3 Hash0c339e94b3cc73d24950985fbf7c928d 5a7c422fcd646eeaacb7e83d3b3465e794ce79f0 92c5415c2a2071921fd21f896c9a80cbc639c602ac8487e6efda329e1934f83e
GET /i/04/07599/rs8ronxyl6hm.jpg?v=1714597637 HTTP/1.1
Host: str42.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 01 May 2024 21:07:20 GMT
content-type: image/jpeg
content-length: 34848
last-modified: Sun, 28 Apr 2024 15:56:40 GMT
etag: "662e71b8-8820"
expires: Wed, 15 May 2024 21:07:20 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| donateentrailskindly.com/sbar.json?key=9785383bf0d8f2fb611d938245088565 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1donateentrailskindly.com/sbar.json?key=9785383bf0d8f2fb611d938245088565 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=9785383bf0d8f2fb611d938245088565 HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 01 May 2024 21:07:20 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071529; expires=Thu, 02 May 2024 21:07:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 040b4a1c02659c9a2220a936bba0d58a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 251 kB |
URL GET HTTP/2videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Size251 kB (251067 bytes) Hash12f6d6cb851212ac4f9f22aaa25b6559 ee3b30caa39fd5bd3ebf752df6535b5c55a1e5f6 121aab4e4b842e5cf15dd36bb0bf47753c4f63634ed2079b80a4677952577730
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-14c442"
expires: Fri, 31 May 2024 20:58:43 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1256158139.1714597640>m=45je44t0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1956743479 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1256158139.1714597640>m=45je44t0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1956743479 IP142.250.74.163:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no FingerprintDE:35:DD:F6:8A:FF:6F:9D:0E:3D:27:DD:E2:B8:DE:CE:A4:6A:C8:C9 ValidityMon, 08 Apr 2024 07:44:18 GMT - Mon, 01 Jul 2024 07:44:17 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1256158139.1714597640>m=45je44t0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1956743479 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 May 2024 21:07:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFXfS5urosqRoSxXeIivtihcxQV%2BgNBFjtb3IdqBq6%2Fd9XwjS3UAbiy93gI9%2BF0%2BqfWNUx7YRb3Hbqz8Y6JtWeDBQUurdkrV4o2DlZEyD1NvLm5uTLCB7xiILlfmdVApMg2tBBZAOkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd922a010b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44t0v9104348843za200&_p=1714597638959&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2521 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44t0v9104348843za200&_p=1714597638959&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2521 IP216.239.34.36:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44t0v9104348843za200&_p=1714597638959&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2521 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 01 May 2024 21:07:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| disguisedgraceeveryday.com/pixel/purst?dl=0&th=0&sc=0&rs=2398&rd=2398&fd=827&bv=24.4.7838&tmpl=136 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/pixel/purst?dl=0&th=0&sc=0&rs=2398&rd=2398&fd=827&bv=24.4.7838&tmpl=136 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2398&rd=2398&fd=827&bv=24.4.7838&tmpl=136 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 May 2024 21:07:20 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| proftrafficcounter.com/stats | 52.57.125.73 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.57.125.73:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash654d554bc5bcf995cf08118f4aba7acd a83aef9cb9b0260fdbb0cabf3518d18e1b2558ed 0960dd13b463d93436e6a05cbd0af8ce94d148e306dd44fce9747e3d5e9a7ba5
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=2a0ad835-cecb-439b-874e-3369a032fa4a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.57.125.73 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.57.125.73:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash654d554bc5bcf995cf08118f4aba7acd a83aef9cb9b0260fdbb0cabf3518d18e1b2558ed 0960dd13b463d93436e6a05cbd0af8ce94d148e306dd44fce9747e3d5e9a7ba5
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=2a0ad835-cecb-439b-874e-3369a032fa4a:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tfosrv.com/show_std.php?id_site=6411&id_channel=25821&uf=true
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 1.3 kB |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashced7b145a64ba29cdff8cec5c3d3207c 7b3e8ec58515a4690eccfa0a9eccbbf366d3a7a8 40c0812481a009bf7f8ea1a3b4e5e514fc4933a869163638bea3bd2747df6190
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h26b9zehwAJPHGEmmMjrG0W%2BqW5OJMiveojdByqvHoxgMhK09E0Eqkv02jNOafXs7uyqAVRqL83dDsphTSIHl%2Bd%2FaiB6Gd%2BEOn313o3NbCua4M%2FpGvQqKZ58mUNDzReKZjLYJpxfTb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd931b930b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 104.21.37.74 | 200 OK | 1.2 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7oKe%2B3%2BW49dYxV1CF5xm14yGgiL98%2BgrU56ex8Bti3Bbdxu02NrtDaXiAjNtXVzUbB9IBQ9uPL0zmDvcUIS%2FKVIQ7E%2Fn9pkeL4vi9H4oZhfeO2OZYSpxuGPuFO0WBr59FVp96u5m8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8daa62b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.animezeno.sbs/ | 188.114.97.1 | 200 OK | 594 B |
IP188.114.97.1:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectanimezeno.sbs FingerprintD1:88:3B:4F:6E:24:62:91:E5:7C:D7:4B:24:7E:37:2C:B4:E6:81:07 ValidityFri, 12 Apr 2024 00:39:53 GMT - Thu, 11 Jul 2024 00:39:52 GMT
File typeHTML document, ASCII text, with very long lines (1014) Hash7b37bd4f62d715a0873bac41a0aa4f50 cc82e2e935fed4fdf428d295101fe51a9d835da6 41073afd70d67192731d0e6330e0c56eef44eac903dca4baa6b319d8a87928ed
GET / HTTP/1.1
Host: www.animezeno.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIo%2BdwmTt616gTB%2BnNrwUNRdNpWn0x1z%2FNMS%2FPwybyoLjTOVwCr%2B25UZOFTka9rYcLBrqVasMjBbuda1qTSaovzLWya2NZFUXq%2FE0CCUWzxR9G3wZagutC2ZgTVgKFc0MIhTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd986aab5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/4/5615727/ | 139.45.197.234 | 200 OK | 772 B |
URL GET HTTP/2bedrapiona.com/4/5615727/ IP139.45.197.234:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
File typeHTML document, ASCII text, with very long lines (362) Hash725c894c6899f9df96cf2444148545ab 5401d8efba95d6a854b7ac7a850d66fca574d7bb ea5aefd69dd758c56ec63741eb087f1f58edcc81a2784fa76c5cc90e66a22bcf
GET /4/5615727/ HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.animezeno.sbs/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html; charset=utf8
x-trace-id: 5dbd49f40daaee1863d2d5f2fe20af05
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://intothespirits.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804fa03828408efa78d45b262e1d35; expires=Thu, 01 May 2025 21:07:21 GMT; path=/; secure; SameSite=None
oaidts=1714597641; expires=Thu, 01 May 2025 21:07:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-7 | 142.250.74.168 | | 71 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-7 IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1808) Hash87f7ab6a4f3d61b45f2f8cb5d6c45913 0bfa44823e26af71fd3d4307d266cbde00c7d383 3e881ffe7093fad66e66d06bbce152562a7a4cd67a01b721c95770951be6d72c
GET /gtag/js?id=UA-119774978-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK | 142.250.74.168 | | 103 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size103 kB (102608 bytes) Hash173777abb98662d13afa1d59cb87c5b8 ab1f3abb022e462a1da38883af85da3f69d90152 0c6025598a4cfd959aad64338a9afa70cc893ea484c0c91a2c54fd2111ce6923
GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c | 142.250.74.168 | | 94 kB |
URL www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash61727bb655c333cdba75a9fd8e9ab06e e4b91b2e1f0b69e8e01954a5396d0db5fba54936 9c05f750ab6a0b8d475a1b4d1533915bc5d47cdd1935272c467e4897a9f0623a
GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c | 142.250.74.168 | | 102 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size102 kB (101552 bytes) Hash9f013403392b0c51e3361c0bc7bb6126 3bf44bc2363f80a428da3c39cee38197f72e263c 447f793e22c60b627bbc07afafdf15eca5adc08f0e935ddb85710f3ccb3ac9ee
GET /gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| animewatch.onionlive.workers.dev/ | 104.21.9.35 | 200 OK | 813 B |
URL GET HTTP/2animewatch.onionlive.workers.dev/ IP104.21.9.35:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT
File typeHTML document, ASCII text, with very long lines (1024) Hashc1cf85ad1b6580cae5442d258a41bae7 ad01dec3f302168d9588375fc9b4185dc45c4625 439248132cde8803370dcb8e3bf0fa5737032e4e5dffe7812d911d32735eacee
GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFyunr%2B%2BkKOSOE0oGHJuNEw7W%2BIkhhMENgF3U1mVI1G0jqxIyD89YZ5r2hJkCwD6MR9E4SxeXZIb5SzTvsFPXDx475HSBliFv2lvFgtLjTH%2Bhu17zldcLJsgdGhRCqIr7addeCiFLlS4tCsffaLLazloMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bd9a8d7fb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| trafforsrv.com/click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e | 216.18.168.28 | 302 Found | 0 B |
URL GET HTTP/1.1trafforsrv.com/click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e IP216.18.168.28:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.trafforsrv.com FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00 ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=ad24adec-d57f-46e6-ab1e-3607e665a42c; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://lernodydenknow.info/redirect?tid=1039225
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| intothespirits.com/click?trvid=12632&clickid=809643789735178860&cost=0.002599&language=en&creaid=20536676&zoneid=5615727&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 | 3.125.239.17 | 200 OK | 1.2 kB |
URL GET HTTP/2intothespirits.com/click?trvid=12632&clickid=809643789735178860&cost=0.002599&language=en&creaid=20536676&zoneid=5615727&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 IP3.125.239.17:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectintothespirits.com Fingerprint42:86:B7:FB:4F:91:02:C7:75:E2:06:41:56:85:74:4B:D8:97:BE:C3 ValidityMon, 25 Mar 2024 22:01:23 GMT - Sun, 23 Jun 2024 22:01:22 GMT
File typeHTML document, ASCII text, with very long lines (389) Hash0fb74dd651b0f7203a7a154369f835cc e51e752a594bb0af4a3eac16227a2c4eb82e8c59 2a37ef82d5a4376c7b13c85fb51250793370f066489e8b237a9f35b4913c24fa
GET /click?trvid=12632&clickid=809643789735178860&cost=0.002599&language=en&creaid=20536676&zoneid=5615727&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 HTTP/1.1
Host: intothespirits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/html; charset=utf-8
content-length: 1226
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
set-cookie: ClickDataNG=H4sIAAAAAAAA_2RU24rjOBD9lVBPu2Ac2Y7tWIMZetJMM9CXhd5Z9mGhUaRyoo0iGV08yVz-fZHthOzMm6vOUZ1S6ZS_wYDWSaOBQpaSlEAC_twjUJKAC9s_L9_c6AGtRwG0Y8phAlxJfvgkgEL5ZT98Ev8-fGRHAwkI5hFoVmersqmrVZYAZ8eeyZ2O7CyvijwB6TZ_3F1rWeOZl2Yk5FVRJGCDwhiRBCwKaZH7J_R7I4CWCTgTLB_xLAHFtJB6N7Pn6LNVQAESMF2HdhJe1wlsLdN8P3NHbGLuve8dXS5dOt4rZUriqbfoXMrNcYnLt_vD-uHuMLxnXfvThblxHihJCcmr2O6AOkxT69nZhBHLZrVNsBY1PwOFz6_3kECw8kZeam_8Hl0vrfST9NjPe28HKdpxeP-EKDSmpWjXpKlWRb1u6qLM6vW6IjNunG_HnsqmmVKK6V1gO2xRzxyLTIo2J2VRVXU1Jb8ajVK0ZZWVdV5Pua01Xxza2SttM1ONa5XU4fQ_UttJi52ZkxZ38QQpLl1pjTw-dRpt1m6tYWLLtLgUvEgE7XrkspMo3m40XNjG_t6kaKNVZX8nRHwkoNBkaUPSVZ5m5eoWqiYfBIf2bofaA4Un81UqxZZlSha__Z1l7xaPUWJxWldv1erdwg60qVLy--IB-cEsc5IRkpFs8XG62TKCEF-6Q4t2qi9wkByv-2JiS2PV6EH313XLIHpwHBRQmAtej3-wTIvbek9GoLpNPLMjTjGftGDDtgqX96-P8dKuBwoflDwtXo0Kcc5uNGjQ3kbPPb-Mfe-mXp5fvn9_ccosNpFwjkzpzzcARAtb1H4T3TYvlJU7qR_7m5S3TDvGpw12QHVQKgEenDdHoN_mBYGLGyEBPHm0mqnx__GrhSGBgQAF1PErAwoXj8Y4j_-cyZ4xLOLjj8AKKKh55kMJFLrrfIdoA1LErxooXH0XE2ug8IvfItDEM_Djx38BAAD___xokOcmBQAA; Expires=Fri, 31 May 2024 21:07:21 GMT; SameSite=None; Secure
ClickDataNgFall=H4sIAAAAAAAA_2RU24rjOBD9lVBPu2Ac2Y7tWIMZetJMM9CXhd5Z9mGhUaRyoo0iGV08yVz-fZHthOzMm6vOUZ1S6ZS_wYDWSaOBQpaSlEAC_twjUJKAC9s_L9_c6AGtRwG0Y8phAlxJfvgkgEL5ZT98Ev8-fGRHAwkI5hFoVmersqmrVZYAZ8eeyZ2O7CyvijwB6TZ_3F1rWeOZl2Yk5FVRJGCDwhiRBCwKaZH7J_R7I4CWCTgTLB_xLAHFtJB6N7Pn6LNVQAESMF2HdhJe1wlsLdN8P3NHbGLuve8dXS5dOt4rZUriqbfoXMrNcYnLt_vD-uHuMLxnXfvThblxHihJCcmr2O6AOkxT69nZhBHLZrVNsBY1PwOFz6_3kECw8kZeam_8Hl0vrfST9NjPe28HKdpxeP-EKDSmpWjXpKlWRb1u6qLM6vW6IjNunG_HnsqmmVKK6V1gO2xRzxyLTIo2J2VRVXU1Jb8ajVK0ZZWVdV5Pua01Xxza2SttM1ONa5XU4fQ_UttJi52ZkxZ38QQpLl1pjTw-dRpt1m6tYWLLtLgUvEgE7XrkspMo3m40XNjG_t6kaKNVZX8nRHwkoNBkaUPSVZ5m5eoWqiYfBIf2bofaA4Un81UqxZZlSha__Z1l7xaPUWJxWldv1erdwg60qVLy--IB-cEsc5IRkpFs8XG62TKCEF-6Q4t2qi9wkByv-2JiS2PV6EH313XLIHpwHBRQmAtej3-wTIvbek9GoLpNPLMjTjGftGDDtgqX96-P8dKuBwoflDwtXo0Kcc5uNGjQ3kbPPb-Mfe-mXp5fvn9_ccosNpFwjkzpzzcARAtb1H4T3TYvlJU7qR_7m5S3TDvGpw12QHVQKgEenDdHoN_mBYGLGyEBPHm0mqnx__GrhSGBgQAF1PErAwoXj8Y4j_-cyZ4xLOLjj8AKKKh55kMJFLrrfIdoA1LErxooXH0XE2ug8IvfItDEM_Djx38BAAD___xokOcmBQAA; Expires=Fri, 31 May 2024 21:07:21 GMT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c | 142.250.74.168 | | 70 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-8&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1808) Hash813997d58199390424585baf7ce765f7 44842501e172ceab354c626c26baeb80c2af8f86 b04b96fab6f9c381c2d233839ad158bb41d3820de7861ee9ab79daa5a279ac50
GET /gtag/js?id=UA-119774978-8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:21 GMT
expires: Wed, 01 May 2024 21:07:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashb8207054b13fda020d58a7f94425b36f 9b577687e561e17e9823e7fb83ad648dede4c74c 6dafbda0e014e02f234cd8025d827edc22403b87e4cd22270c86db55dd8bc4a6
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLgHINKXz44hBoJoHp9vfghbaDzbcQUkUnSt7On%2BpDyTsbNn7dQQa0HwqLEgz2EMAPzEjA2UtgUHN%2FtPp0etYBpHlorJ6e4rKellFWaRGrUS4FNTBe4ThYTZPZWpqtoLoVdlBHxdWx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd940c680b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s.pemsrv.com/splash.php?idzone=5040978&type=8 | 95.211.229.246 | 200 OK | 478 B |
URL GET HTTP/1.1s.pemsrv.com/splash.php?idzone=5040978&type=8 IP95.211.229.246:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typeHTML document, ASCII text, with very long lines (717) Hash0a0facbef164c9e58f80ef97a1a0827e 11213522b288f0683c8f640b87b1e4e246ad8030 8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf
GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226632af09c3ed10.52739264735931805%22%3B%7D; expires=Fri, 01 May 2026 21:07:21 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D
|
|
| unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdedaddbc422187d097392ec798684cf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 | 135.181.208.216 | 200 OK | 493 B |
URL GET HTTP/2tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typegzip compressed data, from Unix Hash07ba10c7d199be0158f2c855617ae250 d3ac5f7bbaccd7260d90756eab31fae2160dcf9c 514dcc0a859c272f2829ab74172d7edbd09e39f397a5eb32daef8541b5e8bd1f
GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=QOHfaLUnCzj4jvdP7bD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.71.197 | | 6.1 kB |
URL static.addtoany.com/menu/sm.25.html IP104.22.71.197:0
CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (624) Hash41b7ed0cbe240173eea85148fcba633e 39acd5fe099974486a1c9ba11ba0fe7be6bc97ca 274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 7635
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd8d9c8abe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| intothespirits.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs4R0Frdj9hZj01d2h2SWRqR0ZhbW8iLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 | 3.125.239.17 | 200 OK | 693 B |
URL GET HTTP/2intothespirits.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs4R0Frdj9hZj01d2h2SWRqR0ZhbW8iLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 IP3.125.239.17:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectintothespirits.com Fingerprint42:86:B7:FB:4F:91:02:C7:75:E2:06:41:56:85:74:4B:D8:97:BE:C3 ValidityMon, 25 Mar 2024 22:01:23 GMT - Sun, 23 Jun 2024 22:01:22 GMT
File typeHTML document, ASCII text Hash82d9088b2539ff3a95ca1adae1b8df02 aa5689cbe34d2a918994c0d255f4a0bcbabe3aa2 226eaf8ed8297359f8a4b8e81376c28538aed7e5835064e40ec921c4e8b13744
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs4R0Frdj9hZj01d2h2SWRqR0ZhbW8iLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 HTTP/1.1
Host: intothespirits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_2RU24rjOBD9lVBPu2Ac2Y7tWIMZetJMM9CXhd5Z9mGhUaRyoo0iGV08yVz-fZHthOzMm6vOUZ1S6ZS_wYDWSaOBQpaSlEAC_twjUJKAC9s_L9_c6AGtRwG0Y8phAlxJfvgkgEL5ZT98Ev8-fGRHAwkI5hFoVmersqmrVZYAZ8eeyZ2O7CyvijwB6TZ_3F1rWeOZl2Yk5FVRJGCDwhiRBCwKaZH7J_R7I4CWCTgTLB_xLAHFtJB6N7Pn6LNVQAESMF2HdhJe1wlsLdN8P3NHbGLuve8dXS5dOt4rZUriqbfoXMrNcYnLt_vD-uHuMLxnXfvThblxHihJCcmr2O6AOkxT69nZhBHLZrVNsBY1PwOFz6_3kECw8kZeam_8Hl0vrfST9NjPe28HKdpxeP-EKDSmpWjXpKlWRb1u6qLM6vW6IjNunG_HnsqmmVKK6V1gO2xRzxyLTIo2J2VRVXU1Jb8ajVK0ZZWVdV5Pua01Xxza2SttM1ONa5XU4fQ_UttJi52ZkxZ38QQpLl1pjTw-dRpt1m6tYWLLtLgUvEgE7XrkspMo3m40XNjG_t6kaKNVZX8nRHwkoNBkaUPSVZ5m5eoWqiYfBIf2bofaA4Un81UqxZZlSha__Z1l7xaPUWJxWldv1erdwg60qVLy--IB-cEsc5IRkpFs8XG62TKCEF-6Q4t2qi9wkByv-2JiS2PV6EH313XLIHpwHBRQmAtej3-wTIvbek9GoLpNPLMjTjGftGDDtgqX96-P8dKuBwoflDwtXo0Kcc5uNGjQ3kbPPb-Mfe-mXp5fvn9_ccosNpFwjkzpzzcARAtb1H4T3TYvlJU7qR_7m5S3TDvGpw12QHVQKgEenDdHoN_mBYGLGyEBPHm0mqnx__GrhSGBgQAF1PErAwoXj8Y4j_-cyZ4xLOLjj8AKKKh55kMJFLrrfIdoA1LErxooXH0XE2ug8IvfItDEM_Djx38BAAD___xokOcmBQAA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
content-length: 693
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 | 95.211.229.246 | 302 Found | 0 B |
URL GET HTTP/1.1s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 IP95.211.229.246:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226632af09c3ed10.52739264735931805%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226632af09c3ed10.52739264735931805%22%3B%7D; expires=Fri, 01 May 2026 21:07:22 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C6632af09c3ed10.52739264735931805%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714597642%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Ca7cdab5db491352181875a39f96cdbe7%7Cok%22%7D; expires=Tue, 30 Jul 2024 21:07:22 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A-
Accept-CH:
X-Robots-Tag: noindex, follow
|
|
| ahimsaslatrate.com/ivvsWHdaW4f8QK/57128 | 23.109.170.171 | 200 OK | 61 B |
URL GET HTTP/1.1ahimsaslatrate.com/ivvsWHdaW4f8QK/57128 IP23.109.170.171:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectahimsaslatrate.com FingerprintF2:A2:0F:0E:A2:37:38:5C:33:F7:FD:1F:A8:E5:DF:F5:75:87:BA:0E ValidityWed, 17 Apr 2024 19:20:44 GMT - Tue, 16 Jul 2024 19:20:43 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ivvsWHdaW4f8QK/57128 HTTP/1.1
Host: ahimsaslatrate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| hoddlegamey.com/itLmTlMrHisAt/67652 | 23.109.170.115 | 200 OK | 61 B |
URL GET HTTP/1.1hoddlegamey.com/itLmTlMrHisAt/67652 IP23.109.170.115:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecthoddlegamey.com Fingerprint07:BD:B4:24:F4:70:EB:F5:60:F8:9F:61:E8:65:29:7E:9B:54:8C:D2 ValidityMon, 22 Apr 2024 23:02:12 GMT - Sun, 21 Jul 2024 23:02:11 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 21:07:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 21:07:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| lernodydenknow.info/redirect?tid=1039225 | 108.157.229.20 | 302 Found | 0 B |
URL GET HTTP/2lernodydenknow.info/redirect?tid=1039225 IP108.157.229.20:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerAmazon Subjectlernodydenknow.info Fingerprint0B:53:BB:D6:51:E9:8D:1C:38:77:BA:75:C6:18:21:E5:31:71:DC:5B ValidityWed, 24 Jan 2024 00:00:00 GMT - Fri, 21 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=1039225 HTTP/1.1
Host: lernodydenknow.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://xml.car-bidpush.org/click?i=LjdR1b4lPl8_0
date: Wed, 01 May 2024 21:07:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=74d67d30-3e7c-4b4e-ab57-cf1510575734
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1d542b221a74ce095eec8b4baabd68ca.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: k05H1X08CIBFD4edU_ahvRjT5KJOqIkewj6D-gYJv5KHmS_n_aGHxg==
X-Firefox-Spdy: h2
|
|
| tidyllama.com/sc?t=1714597642404&a=FtzT&c=qEaBdaKCEgxqdNjCFXxa4X&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmMq8K8pOjswklyASVDOKU-DDuyVGuLPl_lERslbRK1d0kM69rj0eaj6U3NLI1gIWIBnb1cl2_iiD3ijXFQL3MORyqb7XtMrcXhW6JsD42nNdaTCuomt8uihd44Kdxz466SyImXdBKOGpKXo7Yn_82JMdskANL0yr6nuAzTNx4ToeNEnVW_Sy0JEGfxHiJQ5vJgFWXkAMDK03EJOtBfs4KQWivgatI9sTbiaLxnCYj31Dp3reX3ywsxKPbil2GQi8gZtTyXleMgVXxmSraFOkd1k5AqDh4CUlXylFrr-dSHdt3wnFT1lSOlSCjPpHjt3yEZAvFYg_X5U8dcyl81NxX5CCTCd-MsJRrhimmv7gwEy6COVc_GT0eh6rrZgtYVzz45Os-q4F9B6MSEGkH1MtZGqXAgcJf1L9ucWBSUUHcrTELRKkKyDNI-1ATRUhDTnZENH3wzjltZzEapBqrjJDtV2HDxoLS2D34mM6b_QJaSz1fgWs=&f=2048 | 178.63.99.108 | 302 Found | 61 B |
URL GET HTTP/2tidyllama.com/sc?t=1714597642404&a=FtzT&c=qEaBdaKCEgxqdNjCFXxa4X&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmMq8K8pOjswklyASVDOKU-DDuyVGuLPl_lERslbRK1d0kM69rj0eaj6U3NLI1gIWIBnb1cl2_iiD3ijXFQL3MORyqb7XtMrcXhW6JsD42nNdaTCuomt8uihd44Kdxz466SyImXdBKOGpKXo7Yn_82JMdskANL0yr6nuAzTNx4ToeNEnVW_Sy0JEGfxHiJQ5vJgFWXkAMDK03EJOtBfs4KQWivgatI9sTbiaLxnCYj31Dp3reX3ywsxKPbil2GQi8gZtTyXleMgVXxmSraFOkd1k5AqDh4CUlXylFrr-dSHdt3wnFT1lSOlSCjPpHjt3yEZAvFYg_X5U8dcyl81NxX5CCTCd-MsJRrhimmv7gwEy6COVc_GT0eh6rrZgtYVzz45Os-q4F9B6MSEGkH1MtZGqXAgcJf1L9ucWBSUUHcrTELRKkKyDNI-1ATRUhDTnZENH3wzjltZzEapBqrjJDtV2HDxoLS2D34mM6b_QJaSz1fgWs=&f=2048 IP178.63.99.108:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash59149637e72a98f12960c1afa3d4256c 93e6672c8d4871db634b54d2bb064deff8b1dc7a 086523f3b1cea6b84c5382246549bbebbfdf47ed6117d2a6f23a07746b2fe60e
GET /sc?t=1714597642404&a=FtzT&c=qEaBdaKCEgxqdNjCFXxa4X&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmMq8K8pOjswklyASVDOKU-DDuyVGuLPl_lERslbRK1d0kM69rj0eaj6U3NLI1gIWIBnb1cl2_iiD3ijXFQL3MORyqb7XtMrcXhW6JsD42nNdaTCuomt8uihd44Kdxz466SyImXdBKOGpKXo7Yn_82JMdskANL0yr6nuAzTNx4ToeNEnVW_Sy0JEGfxHiJQ5vJgFWXkAMDK03EJOtBfs4KQWivgatI9sTbiaLxnCYj31Dp3reX3ywsxKPbil2GQi8gZtTyXleMgVXxmSraFOkd1k5AqDh4CUlXylFrr-dSHdt3wnFT1lSOlSCjPpHjt3yEZAvFYg_X5U8dcyl81NxX5CCTCd-MsJRrhimmv7gwEy6COVc_GT0eh6rrZgtYVzz45Os-q4F9B6MSEGkH1MtZGqXAgcJf1L9ucWBSUUHcrTELRKkKyDNI-1ATRUhDTnZENH3wzjltZzEapBqrjJDtV2HDxoLS2D34mM6b_QJaSz1fgWs=&f=2048 HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
content-length: 61
location: https://tiktokaukey.com/?utm_source=ds
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| s.click.aliexpress.com/e/_Dk8GAkv?af=5whvIdjGFamo | 104.110.21.5 | 302 Found | 0 B |
URL GET HTTP/2s.click.aliexpress.com/e/_Dk8GAkv?af=5whvIdjGFamo IP104.110.21.5:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerDigiCert Inc Subjectae01.alicdn.com Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/_Dk8GAkv?af=5whvIdjGFamo HTTP/1.1
Host: s.click.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
x-application-context: global-traffic-holmes-f:7001
access-control-allow-methods: GET, POST, OPTION
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
location: https://best.aliexpress.com/?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 210308a717145976427071836e2e67
timing-allow-origin: *
date: Wed, 01 May 2024 21:07:22 GMT
set-cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%22%2C%22af%22%3A%225whvIdjGFamo%22%2C%22affiliateKey%22%3A%22_Dk8GAkv%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224533883645%22%2C%22tagtime%22%3A1714597642714%7D&acs_rt=9ccdf11b8f754853a637024255251e62; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
acs_usuc_t=x_csrf=bndmx406omf2&acs_rt=9ccdf11b8f754853a637024255251e62; Domain=.aliexpress.com; Path=/
aeu_cid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
xman_t=r49rnZSjGR3fmgBHYpLoKRrmib0xs2DpibhV3d3EhinuPCq5rG1iXwKF5gLISPXW; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:22 GMT; Path=/; HttpOnly
xman_f=a5Q+tSxiFDGXYwlQiFXm1bvlAgTS7g3mWJB3RxSH3D7t1WMDokzPqAstOJACoOCuuwXzFvKttyCovWYqHAb7WaUvdj6xVOD1xjlejYdpuwsmoACfzfxwpw==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/; HttpOnly
af_ss_a=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; Secure; SameSite=None
af_ss_b=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; SameSite=Lax
server-timing: ak_p; desc="1714597642589_388255172_197790808_12928_1115_1_61_21";dur=1
X-Firefox-Spdy: h2
|
|
| best.aliexpress.com/?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62 | 104.110.21.5 | 302 Found | 519 B |
URL GET HTTP/2best.aliexpress.com/?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62 IP104.110.21.5:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerDigiCert Inc Subjectae01.alicdn.com Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (519), with no line terminators Hash13dde1948026c26cf292370efb92d6b6 14108721e79a0553110b38cff6929e001a9f171f 60df77ace3f98abd7600986ae58a190d94462790bdaf6ef47457dce9b99cdb79
GET /?af=5whvIdjGFamo&aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&aff_platform=portals-tool&sk=_Dk8GAkv&aff_trace_key=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&terminal_id=9ccdf11b8f754853a637024255251e62 HTTP/1.1
Host: best.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: af_ss_a=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
p3p: CP="CAO PSA OUR"
x-application-context: ae-fn-gateway-f:7001
location: https://s.click.aliexpress.com/deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage
server: Tengine/Aserver
eagleeye-traceid: 2101e63417145976428914611ea92c
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 519
date: Wed, 01 May 2024 21:07:22 GMT
set-cookie: xman_us_f=x_locale=en_US&x_l=0&x_c_chg=1&acs_rt=ebcb2995e45e4a7bad8de818c5d25963; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
intl_common_forever=872/LBXf/XXWgLYrOdti5o8ozpnoUBlL9Xd30EeJ1c2+DsWLToK98g==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/; HttpOnly
intl_locale=en_US; Domain=.aliexpress.com; Path=/
xman_f=0gYO84K7BNgd8Atmj0BzDcCZ70Nv8KjOLV1rqykj79Doy3tF3U1l8icdvRiCN4WntqJSTFsVCqAKwgWFTaxdQ8kezjTIux5DJ6o26NzRkSgsbD6Y/W2tPg==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/; HttpOnly
acs_usuc_t=x_csrf=ji1nwdgzn7b8&acs_rt=ebcb2995e45e4a7bad8de818c5d25963; Domain=.aliexpress.com; Path=/
xman_t=RT3GJ6+ehuOAMSs2Eiw1nnAg/VMUP+/UpHze+x4KNk6glOOOfYP+NXe1OayrQDIx; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:22 GMT; Path=/; HttpOnly
aep_usuc_f=site=glo&c_tp=NOK®ion=NO&b_locale=en_US; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:29 GMT; Path=/
e_id=pt10; Expires=Sat, 29 Apr 2034 21:07:22 GMT; Path=/; Domain=.aliexpress.com
server-timing: ak_p; desc="1714597642840_388255172_197790833_13170_1201_1_0_21";dur=1
X-Firefox-Spdy: h2
|
|
| tiktokaukey.com/cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp | 188.114.96.1 | | 636 B |
URL tiktokaukey.com/cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp IP188.114.96.1:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 107x60, Scaling: [none]x[none], YUV color, decoders should clamp Hash94e62034ed16f507ae8f34ecaf914e14 571097c727647934f9a72dd55e67d154abebf226 7a1d9b851f6ee252befece0a636ca617c0b55acb079f09be91e33fdf3c643aad
GET /cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:23 GMT
content-type: image/webp
content-length: 636
cache-control: max-age=14400
cf-cache-status: HIT
age: 5881
last-modified: Wed, 01 May 2024 19:29:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRq63yVxPre%2FdunfSRIn8ROe1Eji3adH8kMcJO0gahsRCeOA3tMUcGwD%2BA290X2Fk5a3ev90EaH1hgP5X0TXOo%2FvIaeSMH491aK71DUBZyEb8%2BNcT38lBkVi%2BQItFxoS3kA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d2bda50bc95691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0DVFP1JGB0 | 142.250.74.168 | | 102 kB |
URL www.googletagmanager.com/gtag/js?id=G-0DVFP1JGB0 IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size102 kB (101542 bytes) Hash0c428d5a5529b72a31d1ccd3a703e61e 0805aac33a12dda7f51396424231104310f280d2 ff69544e86ad720126b310ce330f0b8f4a7a38c296e38e057a2e0f79c25900f3
GET /gtag/js?id=G-0DVFP1JGB0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:23 GMT
expires: Wed, 01 May 2024 21:07:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| xml.car-bidpush.org/click?i=LjdR1b4lPl8_0 | 198.134.116.29 | 302 Found | 0 B |
URL GET HTTP/1.1xml.car-bidpush.org/click?i=LjdR1b4lPl8_0 IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectcar-bidpush.org Fingerprint70:D3:D0:96:B6:97:0C:96:E6:F4:E5:FA:F6:78:D1:D5:C3:68:17:BC ValidityThu, 29 Feb 2024 07:42:37 GMT - Wed, 29 May 2024 07:42:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=LjdR1b4lPl8_0 HTTP/1.1
Host: xml.car-bidpush.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://forza.idescargarapk.com/get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002
|
|
| www.googletagmanager.com/gtm.js?id=GTM-M7N6624H | 142.250.74.168 | | 64 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-M7N6624H IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (1808) Hashfcff753de0972b6aef3a1dc363a5399b 83b8cd168c7ed49fdf2691b0d9081f68f00eee5d e2888c96bfb4d4c489d77b5056a188dd2a9ed810a561c80c9ae03a09a620bf42
GET /gtm.js?id=GTM-M7N6624H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:23 GMT
expires: Wed, 01 May 2024 21:07:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.click.aliexpress.com/deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage | 104.110.21.5 | 302 Found | 0 B |
URL GET HTTP/2s.click.aliexpress.com/deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage IP104.110.21.5:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerDigiCert Inc Subjectae01.alicdn.com Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /deep_link.htm?aff_short_key=_pz9sEiR&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%2F%3Faff_fcid%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26tt%3DCPS_NORMAL%26aff_fsk%3D_Dk8GAkv%26af%3D5whvIdjGFamo%26aff_platform%3Dportals-tool%26sk%3D_Dk8GAkv%26aff_trace_key%3Dbbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv%26terminal_id%3D9ccdf11b8f754853a637024255251e62%26aff_platform%3Ddefault%26commercial_type%3DbestPage%26hc_1214_tag%3DByAffPage HTTP/1.1
Host: s.click.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: af_ss_a=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-length: 0
x-application-context: global-traffic-holmes-f:7001
access-control-allow-methods: GET, POST, OPTION
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
location: https://best.aliexpress.com/?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 2101fb1217145976431074338ef380
timing-allow-origin: *
date: Wed, 01 May 2024 21:07:23 GMT
set-cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%22a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR%22%2C%22affiliateKey%22%3A%22_pz9sEiR%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%222%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222391147471%22%2C%22tagtime%22%3A1714597643113%7D&acs_rt=f309d47ae7ec4cb092233f61dab141e1; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
acs_usuc_t=x_csrf=eg49qx2fkqfc&acs_rt=f309d47ae7ec4cb092233f61dab141e1; Domain=.aliexpress.com; Path=/
aeu_cid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
xman_t=D85cLBMmUQJ96Fzf8U5GDySFmlKYzvrWx9lCEn4CtDXwUew75x25X8ywzAqHtg4J; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:23 GMT; Path=/; HttpOnly
xman_f=btalBGRZXufZRDzIiV2vNQBMktKM0LwdT8qSjbOBaRBZO6s/R1Ue2ZR9cESwELg79iZiH4IhstgZvC3xOUOdjN7Up0y6XGMpHIZJICenDY6EjOs7Miz66A==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/; HttpOnly
server-timing: ak_p; desc="1714597643054_388255172_197790875_13996_1517_1_0_21";dur=1
X-Firefox-Spdy: h2
|
|
| adeumssp.com/js/deumbld.js | 168.119.90.96 | | 10 kB |
URL adeumssp.com/js/deumbld.js IP168.119.90.96:0 ASN#24940 Hetzner Online GmbH
File typeJavaScript source, ASCII text, with CRLF line terminators Hashe2199caaa92618d4c1c00ab983557812 28472c5cfbf1661d14028ca171058e0d35f2564f d12d54000df41885ecf12fbd0dbcb72681f4dd06a02e1c3fc223516b3d8c6f0e
GET /js/deumbld.js HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:23 GMT
content-type: text/javascript; charset=utf-8
content-length: 10515
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 13:48:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44t0v9104348843z8832020053za200&_p=1714597638959&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=error_network&tfd=8133 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44t0v9104348843z8832020053za200&_p=1714597638959&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=error_network&tfd=8133 IP216.239.34.36:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44t0v9104348843z8832020053za200&_p=1714597638959&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1256158139.1714597640&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714597640&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&dt=Watch%20Horny%20girl%20leaked%20video%20calls%20(4)%20mp4&en=error_network&tfd=8133 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 01 May 2024 21:07:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| forza.idescargarapk.com/get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/2forza.idescargarapk.com/get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002 IP188.114.96.1:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectidescargarapk.com FingerprintE3:36:1E:E0:CB:A7:32:C4:EE:F1:53:24:6C:4D:08:15:31:8C:01:30 ValidityThu, 25 Apr 2024 11:41:38 GMT - Wed, 24 Jul 2024 11:41:37 GMT
File typegzip compressed data, from Unix Hash263e2aa0d3eb08b64499a2f6e7f44848 4bdc0f8e8529381f1b1b31e4829b712164afbad0 fe91c2003b5abf0056201ad40173570d1e93a77a1beff613548df820290d590e
GET /get.php?code=T0pNVHlic00yYWx5N2lXS1VxRTR5Zz09&clickid=QyJuWmp5oqI&campaignid=1037356&siteid=65291.1039225&publishid=65291&country=no&os=Linux&browser=FIREFOX_96.0&referrer=https%3A%2F%2Fbid.bidclickmedia.com%2F&device=Desktop&carrier=Blix+Solutions&connection=&bid=0.0002 HTTP/1.1
Host: forza.idescargarapk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=4af03752ac70331c0ffbf02203e5c487; path=/; secure
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 01 May 2024 21:07:22 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0,pre-check=0
pragma: no-cache
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQBJSe5%2BafhrBrb%2BF4LjoE1Ti5edVXvgGUj%2BChDUZCg1qjbnaAWGU7AW0yqoeQzQ7C%2BOwKdh5cz817m62sS6zr1py86sfnNA6V3G0uBUcPZ1GbW8ZXdZRlNIlJAGDSi84uv1PaMkcWR0SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bda60dd8568d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 104.22.71.197 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDPgy6%2FCFco7ZqeYZITOPpe4G7aTd1GkCTxJkCzo3%2Faq1nSc8YCKI5rv%2FEc26ZobIVPfG95wngqxtuC1v6ytV7ocv34Wmf%2FCJNYbd0Rt8Iro2ga8%2Bx3Q3cFEQLvZQNh9dar9LmUpfyutdXuKILUrcx88"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13549
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a969be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-29645"
expires: Fri, 31 May 2024 20:57:29 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70101?s1=203230&v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70101?s1=203230&v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70101?s1=203230&v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=IbtRgMjMRguc71p4k2WC; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 104.21.37.74 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yh1x1%2Fwri61s6bah7Ad5V14jJ9gyPXLY%2FaqW8WSy5buUV8zjqcNx97SLdWIcuQDYHv4NLMZcqKiW9TqeX2zlZ6pwpZ%2Fncb1ikSiFm6mU41S2z%2BO%2FpIBghXwlb3QZMgdrmbVH6p6KemA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8ebe350b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1; file_id=38001995; aff=203230; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1; _ga_HEX1BG8H46=GS1.1.1714597640.1.0.1714597640.60.0.0; _ga=GA1.1.1256158139.1714597640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:20 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:32 GMT
vary: Accept-Encoding
etag: W/"662ca998-47e"
expires: Fri, 31 May 2024 20:58:10 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D | 178.63.99.108 | 200 OK | 2.4 kB |
URL GET HTTP/2tidyllama.com/click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D IP178.63.99.108:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2470), with no line terminators Hash623a58b6e4ec929b2fda5476090dccb8 916c2e620b624545305cad2f3a55a18c6c1aff70 1f7c5cc90953f885d50399ff79ce41fbb5ab01490b90c2f9d0f1309778623ce5
GET /click?a=FtzT&e=gAAAAABmMq8ISHJ7prNRVL4dHB-DSd9j1JXpzOy3eWBxcQl1SHlmblDXcauydaLxS-uQdjVdXyW2h260uKVgdaWSjAwpV556UAr6cy8gN2cJeGaXHSTObisIXCkBOv3qTNOqGAAQgHqHK1SlNH36xbJCW0moTzdPkiutzJt2e8m2eVZrKZchvpxzTmMIjFIweSb5kaleM8rAwSI7iBPE-gjI6_mpe3xT1TJ2MJYs3cWmzUdmm1JxOZ0Nis2icUOFnBhT5c2PbIf9nsnXvSVZ0z_7VCfr2tE1k-PvJV_NY4AmnZ3p0yFfMp5RKatO2_E_Wqw7N0Z5OcoLQi7lUI9_UF21iK0Nfw4kIA126_elp3rsrQJFeeCMSodqzfUU-RL1nobwXjn_iQwf2zFOtJb2exyl46BT2sS1LGTw7WODlul4S9NVl3T2FFF3FEr9jLEMA93_ddp5U0zDOiufq4dfwSrtvauTdCMYpfBbPQXl0B_eBUqV_P9mHoo%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| tiktokaukey.com/?utm_source=ds | 188.114.96.1 | 200 OK | 7.8 kB |
URL GET HTTP/2tiktokaukey.com/?utm_source=ds IP188.114.96.1:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeJavaScript source, ASCII text, with very long lines (8179), with no line terminators Hash0550dd483859f2f9bc9de04d79107b11 b24518e897c897421ec2d2637c8149f464e1c5b0 4005efc33f7a3d9074e2f88673bcedb091773951b90c45c811bb327a53405f7a
GET /?utm_source=ds HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tidyllama.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jG4aVGz4K0K%2F%2BS4M4YyXGThsMSrlJ4oNSzVf5qON2vTyWVeXEO2KefY9HJWvHurAKVFpSWJ6NeilDugL7wvzQWZ%2FdeQ6iCMSGorEUqaiLwWfEaOuLOEG7at7vEWte%2BW%2FxDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bda37cf70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js | 78.142.18.54 | 200 OK | 42 kB |
IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-a554"
expires: Fri, 31 May 2024 21:04:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/settings/59845 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2tr.7vid.net/api/settings/59845 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59845 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.71.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31%2FEUiBaXPt8cxtkc%2FT4P6x%2BgAHE8dlZKktVqOYLVPWpw%2BfHglaE0%2B2%2FM9CjPirtpgf0Bigqvmt%2B9LVqgh2toon%2FHhopHKjFbbaQkJ0g%2F8jA5jvQMZE7K%2BqPFywD9a7gr7TP8ZDbPRsnYjqVQMeihc8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 7635
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd8d9c8abe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 104.22.71.197 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMNCF5cuYNbdgSQIYvGvJmAiNyrh4kdkShQKpIHbislO3uUBlP2WcmvA7CwUz25UAwFVWMunJPGRuiI78m2oYPQhcG%2FLrEnWp7pzWU%2BujyuRcJns%2FzbfiyL7PHZhZxHqwBORwnEho8YWG5UW6DUZlpFo"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7574
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a96fbe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A- | 66.254.114.234 | 200 OK | 961 kB |
URL GET HTTP/2tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A- IP66.254.114.234:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectbrazzersnetwork.com Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT
Size961 kB (960668 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrronz4lu1o32mljqnsounrpsoquomtlqdrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTU1XWV0zuc6V0rpXSuldK6V0rpXSuzs12z0q20pumoqnmtmtsqzou4ur1203scH2A- HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Wed, 01 May 2024 21:07:22 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2B33FF366644E7A082D3EA086BAA73A48F56FA60CAE48CB43FA27C2B1900
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 281691
x_ats_instance_type: tour
etag: W/"ea89c-3K+iQ2B+jM2JFtLSqE4WdtvQatA"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE0Njk0NDAwLCJpZCI6MjgxNjkxLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.zvQrEL_rvxHoT2qQILmTW972-I3mAORG9lS_ZAAnbZ4; Max-Age=86400; Path=/; Expires=Thu, 02 May 2024 21:07:22 GMT
__s=6632AF0A-42FE72EA01BB2C7902-C81E8;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 274 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size274 kB (274353 bytes) Hashb5412b4a6c48048a75b7d9521f07a463 5baf4b89eabeba3e0d403f79e488e450a4053471 95634a7d300c81d472aef4e97895092e484d2e157e73e3c4ab2f97d8d142b2f3
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 May 2024 21:07:19 GMT
expires: Wed, 01 May 2024 21:07:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| tfosrv.com/show_std.php?id_site=6411&id_channel=25821&uf=true | 216.18.168.29 | 302 Found | 1.2 kB |
URL GET HTTP/1.1tfosrv.com/show_std.php?id_site=6411&id_channel=25821&uf=true IP216.18.168.29:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.tfosrv.com Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80 ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /show_std.php?id_site=6411&id_channel=25821&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289
set-cookie: sppc_uuid=09bdca53-52b6-4846-8c24-773f4cde2d06; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| videzz.net/9rzstwlkppht.html | 78.142.18.54 | 200 OK | 50 kB |
URL User Request GET HTTP/2videzz.net/9rzstwlkppht.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /9rzstwlkppht.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 30 Apr 2024 21:07:17 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 02-May-2023 21:07:17 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 104.22.71.197 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M0rb%2BlxK%2FoVsTW%2BGG0gAV%2FZ1piN8S203kYMFo607CVx%2Fjmecxu8H4kL7bp9jwZt8Egtrpb0rM6tKdsDVCVUAUglqOvAhCFDY1u8NVb6rrNNTQXdM8uqjyqMNub3NThTQ85aCzQ%2FFd2quzTVwUO62Ob6"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13549
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a96ebe4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 104.22.71.197 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0mOx4XlrTIiF2kgPx6kTLqvld9HnTiKfwbHtlQYvoZA5g44lQveP2tVGPcXkEtoJ4gdclI9E4sgSmKYq0PxXzDgMaF%2BsVjnodBsPUjbhHxMB74I6LxuYoSHW9DhGzcNcscDW8G9"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19244
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a962be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| allvideometrika.com/f.php?sid=212515 | 172.67.214.245 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP172.67.214.245:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzRnjgbrnEbxp5vKdZMJOVB1whk8ujohdp2FPKbcDDyYx1XMpfNvoHsy7sY%2F3w5bcmJmjiFWi5zDK%2BN%2FQZx%2BBD2CVxDJqNrNp4I8y6GYqQqEeumZO7WEHQRI%2FKCEYyGV89B3mdFK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd92d9b2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 11 kB |
URL GET HTTP/2videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (11269), with no line terminators Hashf2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-2c05"
expires: Fri, 31 May 2024 21:05:23 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate | 142.250.74.74 | 200 OK | 27 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate IP142.250.74.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (634) Hashb38e93359bf408137b205df1dc494995 c8a136dea93305a6be1a7341e5b1d34145415b37 24b63ecac66577632b7277c0105fedc08608171a8ca4335fa5f8e07104962320
GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 21:07:18 GMT
date: Wed, 01 May 2024 21:07:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet | 142.250.74.74 | 200 OK | 48 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet IP142.250.74.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (1572) Hash61e51ca36cd9e3939eea245c274df4d2 690f446590fd749fcdb23860a787f7075c3ac9df 59d779cc48a40b1dc4f69b77ea6c6e05f4ca8e517e5541a107ff7f09714a7f82
GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 21:07:18 GMT
date: Wed, 01 May 2024 21:07:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKvwmEJtZ2ocs6QWbyU%2Fkq5R5D8G5gR85BtgHaWpwkPUtGqRh9Y%2B9qB7jLWrI5bA4l79Hsqfgt%2Fhh%2BRbENx3xu2WtfwXmJWS5L0WFQZo1XZZ23JbserWj1iXyMkHWnP8XCrXVEYl940%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8d59fbb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 1.8 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 104.22.71.197 | 200 OK | 429 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (439), with no line terminators Hash874e1638740e061f9fa55eda3180724c 108a7e30fa0f7d50b961845ec970a2745f3c821f d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHckTjoXuwSZA9lMRraMKCpOd%2BcFmeHjQbSapL4yb3KetBrr648Avto59mqGEa7rRKEbTaGmjlhEiDLjJQJ4bFxx56XnHuU3vt1j%2FPW7upUauuAxcedteBLZWq7%2B%2Fhu3vpTMQC%2BV"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19244
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd919955be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| best.aliexpress.com/?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1 | 104.110.21.5 | 200 OK | 0 B |
URL GET HTTP/2best.aliexpress.com/?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1 IP104.110.21.5:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerDigiCert Inc Subjectae01.alicdn.com Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?aff_fcid=bbd68e2f5b89448b9ade0ac1c3197dde-1714597642714-02221-_Dk8GAkv&tt=CPS_NORMAL&aff_fsk=_Dk8GAkv&af=5whvIdjGFamo&commercial_type=bestPage&hc_1214_tag=ByAffPage&aff_fcid=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&aff_fsk=_pz9sEiR&aff_platform=portals-promotion&sk=_pz9sEiR&aff_trace_key=a3c202b59877418face9d7242595622c-1714597643113-08469-_pz9sEiR&terminal_id=f309d47ae7ec4cb092233f61dab141e1 HTTP/1.1
Host: best.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: af_ss_a=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-fn-gateway-f:7001
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 2101e63417145976432927329ea961
strict-transport-security: max-age=31536000
timing-allow-origin: *
date: Wed, 01 May 2024 21:07:23 GMT
set-cookie: xman_us_f=x_locale=en_US&x_l=0&x_c_chg=1&acs_rt=44cbe3fe928f4721b5b40e43e263532c; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
intl_common_forever=ITIP2YL2nGcUTTLn/brBGF0BwN7ZRFxVXHXtYyqH9LW2HVBfzCT4qg==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/; HttpOnly
intl_locale=en_US; Domain=.aliexpress.com; Path=/
xman_f=PArsKOtQeps4k5gkTQVDt3LH4gjiL8rzMGv3PEk1HD3QGrA/6o68Sta0WgM5q3KTsZv6zyqKyB98w8JcUZfIeoRmknEKq18BYB3/Xcn8GOddNxvZhq0coA==; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/; HttpOnly
acs_usuc_t=x_csrf=abik02lyywsb&acs_rt=44cbe3fe928f4721b5b40e43e263532c; Domain=.aliexpress.com; Path=/
xman_t=rOlBoDyCrjydohgR4YtjKCdCPQybi/WhXRXpmggD7Bz2h0fql+FLL8T70BApjUzh; Domain=.aliexpress.com; Expires=Tue, 30-Jul-2024 21:07:23 GMT; Path=/; HttpOnly
aep_usuc_f=site=glo&c_tp=NOK®ion=NO&b_locale=en_US; Domain=.aliexpress.com; Expires=Tue, 20-May-2092 00:21:30 GMT; Path=/
e_id=pt20; Expires=Sat, 29 Apr 2034 21:07:23 GMT; Path=/; Domain=.aliexpress.com
server-timing: ak_p; desc="1714597643239_388255172_197790983_44402_1045_2_0_21";dur=1
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgMeNRoULbfMCbnJPV%2Fxn%2BE1z5ql2JdVmMhf7rUvtrmNaCcV%2BM9Z94qSLDrEbYIDI2oI8khEOb1guvkjaSBtyUGsPUD2amuu2bELUiRXIx0viXMBP%2FkugFBE1MGq3RV2bWTTqxuCmWU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8daa59b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2TN9weFq4TyQXjXCLlYMEI8NahPGQ1uj3WfD6oJ9S6Vp5GSuwA3wbqENUnjKjoXxtR5IJgAKPIOFkhBvnsP8J7Tlj%2BmDy5hXp2%2FBVwkCbGWKC3NY7vTt7n1tZMSe87vte5T6NM0AWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8d5a05b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 104.22.71.197 | 200 OK | 360 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (370), with no line terminators Hashd455b7099e753a3680d5e481a7b56a9d 146fdec3f2e51dabdd15fc8acda6d73823b0d44d 4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9pMpDWY00S1UoBh7dh%2BqpIB7xhAcdI3P3uTdcS6qq%2FtzBjk7n4vAi1%2BOKW1Nn2Tu6UDIw%2FTM%2Fn2MlHdbEFjDk6axCU4elS5Yq9F04lGV5fCgvnFISm%2BDhGKCweMmDEI4ytEVFz5JPvB7orF4KjdSsYL"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13549
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd91a968be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7 | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7 IP104.18.11.207:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:07:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ba1343eb3e49a0961974f5c12bb3dd9d
cdn-cache: HIT
cf-cache-status: HIT
age: 95295
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd877afa1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 | 135.181.208.216 | 200 OK | 655 B |
URL GET HTTP/2tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (789), with no line terminators Hashdd249791354e23cc5ae20fa592c9b09c d5d702486bb5936fdcf693ca2b8dbaf8d82294c4 2d85e70d0dd5bab4eda76e06cbe45aaf7294a9e5c18db19e678468d2813426ca
GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3&i=1&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&s1=203230 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=QOHfaLUnCzj4jvdP7bD9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tfosrv.com/impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289 | 216.18.168.29 | 302 Found | 1.2 kB |
URL GET HTTP/1.1tfosrv.com/impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289 IP216.18.168.29:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.tfosrv.com Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80 ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression.php?channel_id=25821&id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e&site_id=6411&uuid=33a7df41-6552-4414-863f-49da6d1fc289 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=09bdca53-52b6-4846-8c24-773f4cde2d06
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Wed, 01 May 2024 21:07:21 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=265cadc4-93bc-446b-9289-f2c7412914ce%3A3cd5c901-6ecc-4ebb-b022-8a82c310bd6e
set-cookie: sppc_uuid=33a7df41-6552-4414-863f-49da6d1fc289; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| static.addtoany.com/menu/locale/ru.js | 104.22.71.197 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP104.22.71.197:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCGaSgK4l4uuupkt%2Fh48xawn%2FLsP2Oc7FV2rnIbYLl451pxdJ1oMITTRBbvcYnbHpEriv68tYoC1pM1o9lpB%2FEZ9pq%2F%2FeO7UWlZgkAql17yczLWYLrVFfSr7t10H7zZgMjGxgdHMxT1kCepnhNyo7rqx"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3649
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd919953be4c-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 | 0.0.0.0 | | 0 B |
URL GET str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 IP0.0.0.0:0
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 HTTP/1.1
Host: str42.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 01 May 2024 21:07:20 GMT
content-type: video/mp4
content-length: 21495431
last-modified: Sun, 28 Apr 2024 15:56:39 GMT
etag: "662e71b7-147fe87"
content-range: bytes 0-21495430/21495431
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 104.21.37.74 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP104.21.37.74:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiPivMVRo8kK35zU2YuXc8lZUxCwJc4m08%2BlUEb3K12NGzuPPTWupTfz8xVohVctwqMpOm53sLqilEU96uPfSnO1td9n5GUG3EeKSEjaviTWzSW9WV7VwMrYF%2BpqamFNOg5Hmd60x2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d2bd8eae2c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 | 0.0.0.0 | | 0 B |
URL GET str42.vidoza.net/nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 IP0.0.0.0:0
Requested byhttps://videzz.net/9rzstwlkppht.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4jedkpqfeieno3ueangf5g45xhsd6h7wjt3qi2fmpuogylxbg5jubdk7a/v.mp4 HTTP/1.1
Host: str42.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
|
|
| videzz.net/images-newtheme/logo_60.png | 78.142.18.54 | 200 OK | 14 kB |
URL GET HTTP/2videzz.net/images-newtheme/logo_60.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced Hash650a7f14495bcd9ed2140ed51d8b9fef 47cb64b0bc23739e4e25e7c1bea6d63e438ebee0 aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 14101
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-3715"
expires: Fri, 31 May 2024 21:05:05 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 0.0.0.0 | | 0 B |
URL GET xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP0.0.0.0:0
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 111 kB |
URL GET HTTP/2videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111387 bytes) Hash6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
vary: Accept-Encoding
etag: W/"662ca994-1b31b"
expires: Fri, 31 May 2024 21:05:38 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.11.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.11.207:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 103733
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d2bd90ba9d56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1762a"
expires: Fri, 31 May 2024 21:07:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/ico_signup.png | 78.142.18.54 | 200 OK | 1.1 kB |
URL GET HTTP/2videzz.net/images-newtheme/ico_signup.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hasheb2e533fce6d10e6f1231e3c07aa7e7a 194f55dab0899b59605972b6a0edd85bfd975488 6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 1094
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-446"
expires: Fri, 31 May 2024 20:59:16 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/88464?v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2tr.7vid.net/api/users/88464?v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/users/88464?v2=1&fill=0&kw=horny%2Cgirl%2Cleaked%2Cvideo%2Ccalls%2C(4)%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2F9rzstwlkppht.html&sid=3bf97803-a022-40c5-a2cc-0560a55088d3 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=QOHfaLUnCzj4jvdP7bD9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/locale/spritesheet_25.png | 78.142.18.54 | 200 OK | 3.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/locale/spritesheet_25.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced Hashf114e74e1fb82ce234e7a2503506e2ac 5adb3ddc13861aa417471710f1ceaca66ef71c74 e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1; file_id=38001995; aff=203230
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:19 GMT
content-type: image/png
content-length: 3355
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
etag: "662ca99e-d1b"
expires: Fri, 31 May 2024 21:06:48 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 May 2024 21:07:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.animezeno.sbs/
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.25.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.25.14:443
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 95318
expires: Mon, 21 Apr 2025 21:07:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hTkOW1UO6eZQAE58Ta8PLfz35AidGF6vdj297RI6ptINGzEmM7k4wYyLZiPL%2BIC8BPkMVvrn%2FJ9dihraUA6JzOJ8bQRoSr5lsMBo1NB%2FxNrMbQHZsPb5KUrqwiQRzNJi75gctTZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d2bd8db8efb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 2.0 kB |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2144), with no line terminators Hash15c5faf13e6a9fe6956e7a9f8dfc1fe4 d323e8b5e73a2b8697c980370840e9c7b574ad68 53e483dd657b4fb19cce7d604e2b5890d0694b9a2c9190279151ac830d24ba81
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 21:07:19 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/9rzstwlkppht.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 May 2024 21:07:18 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-26cb6"
expires: Fri, 31 May 2024 21:07:13 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/9rzstwlkppht.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=2a0ad835-cecb-439b-874e-3369a032fa4a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 01 May 2024 21:07:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e2a35387e8c88af958e57495a9964ed
Strict-Transport-Security: max-age=0; includeSubdomains
|
|