colegialacasero.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
200 OK 6.3 kB URL GET HTTP/2 colegialacasero.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (6274)
Hash c0dc04a574108028bf6bde0c0e6d8e88
61237ccd1f8af2ae508382ded36af62bd54cb6c2
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
GET /wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 6275
last-modified: Thu, 24 Aug 2023 18:10:03 GMT
vary: Accept-Encoding
etag: "64e79cfb-1883"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/d7cb9.css
98 kB URL colegialacasero.com/wp-content/cache/minify/d7cb9.css
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (48308)
Hash 94fd426a6fbe6821634cb273e79d7680
a3d5e8a18bbff53e6a230785da40115fd2660307
6c0ff0a93fb444f65539bcbce40e8b351eacc3829efae7f679d299d1590a56f6
GET /wp-content/cache/minify/d7cb9.css HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: text/css; charset=utf-8
content-length: 97791
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-17dff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/afe26.css
200 OK 20 kB URL GET HTTP/2 colegialacasero.com/wp-content/cache/minify/afe26.css
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (1254)
Hash c88385069f7cae5b76e46c036bc2a7a0
2092211c78fa31fb314a096286e5beedab3f8359
764da3f378f044069ac046ef4074c4969cddf6d6908fe3609581c85f5962b7bb
GET /wp-content/cache/minify/afe26.css HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: text/css; charset=utf-8
content-length: 19794
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-4d52"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash d96cb786152bb72d6f09e98ca29809ac
ffb619a4d1e6a68fd44ad11d4ed2ca52d7a88c37
16c972ddd6ec3ecd9c906cb4a6ece797e6b95416637da172a1d905fd38866995
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 03:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
colegialacasero.com/wp-content/cache/minify/818c0.js
200 OK 103 kB URL GET HTTP/2 colegialacasero.com/wp-content/cache/minify/818c0.js
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (65447)
Size 103 kB (103241 bytes)
Hash 526d823f4711fd3c2fe24f87c50f94af
2a1e11b3528adca8381b1d90343ec75cd05d1617
aaf6391bf8b10fdb8de54f5535182f5f326df098344f30c86a79e91a05e7fa80
GET /wp-content/cache/minify/818c0.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 103241
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-19349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
28 kB URL colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type gzip compressed data, from Unix\012- data
Hash 32f0d7ca1bda0900fdafe8d3a29b1148
80b0c02b121728f6435c9fcc16954201fe2a3db9
c78f057dd181d97be6cbc9e4c32f157d142a3d4618c7e83c31cb2816654b5dc3
GET /chibola-le-gusta-saborear-la-verga-de-su-amigo/ HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.29
x-pingback: https://colegialacasero.com/xmlrpc.php
link: <https://colegialacasero.com/wp-json/>; rel="https://api.w.org/", <https://colegialacasero.com/wp-json/wp/v2/posts/9154>; rel="alternate"; type="application/json", <https://colegialacasero.com/?p=9154>; rel=shortlink
last-modified: Wed, 20 Sep 2023 03:37:55 GMT
pragma: public
cache-control: max-age=2941, public
etag: "2e08c6c5edba0f6ecd03aa45ddfa458a"
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/f6708.js
200 OK 435 B URL GET HTTP/2 colegialacasero.com/wp-content/cache/minify/f6708.js
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (435), with no line terminators
Hash 67ca0a2f163d25cfdb37b13312ac0d9b
70510056e841740637ca5c486d6640c85489d873
0c9216d36578e6f5370d3d6c657fb6bc88fe2cea130f0024c4979fe57fd08653
GET /wp-content/cache/minify/f6708.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 435
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-1b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/07fdb.js
12 kB URL colegialacasero.com/wp-content/cache/minify/07fdb.js
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (7024)
Hash 4b11cf2969ad3ddc4203992a1879c2f3
e620e926a4b766c8827707a812b7520a5d658c2b
40ba3f37c20ef806aafae872226f25b5a9bce758c65dcdd7439cc8b1591fdeab
GET /wp-content/cache/minify/07fdb.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 11622
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-2d66"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/0ae4b.js
200 OK 16 kB URL GET HTTP/2 colegialacasero.com/wp-content/cache/minify/0ae4b.js
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (9681)
Hash ac42108bcc2d245ea6930812f327fc9b
5fafea831258bd5972562ad22bb1f5bcdd4b6844
458d45d5a4bc36b410bbeabcb1dddc5474ca44faaf7f32ffda453354796dc1a5
GET /wp-content/cache/minify/0ae4b.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 16407
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-4017"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/b68ea.js
200 OK 12 kB URL GET HTTP/2 colegialacasero.com/wp-content/cache/minify/b68ea.js
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 3f3fc23f477a3849aa5677c585b2a2b4
ccf0865ebd37f76c450c7a377a86ff2448288db3
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
GET /wp-content/cache/minify/b68ea.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 12211
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-2fb3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/cache/minify/5df12.js
200 OK 13 kB URL GET HTTP/2 colegialacasero.com/wp-content/cache/minify/5df12.js
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type ASCII text, with very long lines (7875)
Hash 2444add4cfd36ccf893cf3e6077370d8
dfef4ebb27c79115d3caa2d1e0aa635025c60e43
367fcbf4782e4d563aed6f4e4587dd3bfa8f0ea4bab295fe723de3b127f018d9
GET /wp-content/cache/minify/5df12.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:54 GMT
content-type: application/javascript
content-length: 12676
last-modified: Tue, 19 Sep 2023 13:16:18 GMT
vary: Accept-Encoding
etag: "65099f22-3184"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.12.2
200 OK 86 B URL GET HTTP/2 colegialacasero.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.12.2
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
Hash e77387958ae617db5ccdb69b2cb54496
a9b4ba56928f44121201c000967e5407425cd844
914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b
GET /wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.12.2 HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: text/css; charset=utf-8
content-length: 86
last-modified: Thu, 24 Aug 2023 18:11:21 GMT
vary: Accept-Encoding
etag: "64e79d49-56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-TF7CDNVE74
85 kB URL www.googletagmanager.com/gtag/js?id=G-TF7CDNVE74
IP
File type ASCII text, with very long lines (3034)
Hash fdfc3287594f053a84e62e52887b13bd
4d23fbe8c08231593c4c49231536951c8d4eadce
f0d4269fb6c559b37f07f29708f9b4530197328b09ae3a16baf336034a45dcde
GET /gtag/js?id=G-TF7CDNVE74 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 20 Sep 2023 03:48:55 GMT
expires: Wed, 20 Sep 2023 03:48:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash d96cb786152bb72d6f09e98ca29809ac
ffb619a4d1e6a68fd44ad11d4ed2ca52d7a88c37
16c972ddd6ec3ecd9c906cb4a6ece797e6b95416637da172a1d905fd38866995
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 20 Sep 2023 03:48:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
colegialacasero.com/wp-content/themes/torotube/fonts/fontawesome-webfont.woff?v=4.2.0
84 kB URL colegialacasero.com/wp-content/themes/torotube/fonts/fontawesome-webfont.woff?v=4.2.0
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type Web Open Font Format, TrueType, length 83588, version 1.0\012- data
Hash a35720c2fed2c7f043bc7e4ffb45e073
4a313eb93b959cc4154c684b915b0a31ddb68d84
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40
GET /wp-content/themes/torotube/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: font/woff
content-length: 83588
last-modified: Sat, 30 May 2020 12:49:14 GMT
vary: Accept-Encoding
etag: "5ed2564a-14684"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/uploads/2022/05/Colegiala-casero-logo.jpg
3.6 kB URL colegialacasero.com/wp-content/uploads/2022/05/Colegiala-casero-logo.jpg
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x60, components 3\012- data
Hash 933badf08b49f3c6a678e1465b656656
b00f364be80d70b15af05c0bdf3a0c5cc1ab3e8a
fedf9d08050afa4abec7a01c872efb2f8d6e859d5cf6661c3f81c9b6cab23c52
GET /wp-content/uploads/2022/05/Colegiala-casero-logo.jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/jpeg
content-length: 3570
last-modified: Sun, 08 May 2022 22:50:30 GMT
vary: Accept-Encoding
etag: "62784936-df2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/uploads/2023/06/vip-portada-1.jpg
200 OK 12 kB URL GET HTTP/2 colegialacasero.com/wp-content/uploads/2023/06/vip-portada-1.jpg
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x225, components 3\012- data
Hash b3c30bd8799f3e3ddded945b64b51c14
d91b531ee962bc10a85450748806cd05082be673
3afe999b65e76f591ecc0de57023c8bc2c5f3baea9ad1a455baee5060725f953
GET /wp-content/uploads/2023/06/vip-portada-1.jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/jpeg
content-length: 12265
last-modified: Thu, 29 Jun 2023 04:20:59 GMT
vary: Accept-Encoding
etag: "649d06ab-2fe9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/uploads/2021/06/colegiala-se-deja-lamer-su-panocha-por-su-perro.png
34 kB URL colegialacasero.com/wp-content/uploads/2021/06/colegiala-se-deja-lamer-su-panocha-por-su-perro.png
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type PNG image data, 300 x 250, 8-bit colormap, non-interlaced\012- data
Hash 3fed9d56ff9090631a07cbd01dd02a66
de10d9aee8625566fe7414505c07375612d83bec
ab456b486f54418cabaa37c9adfd737bf926814ef4951b154d080b3b10f6a552
GET /wp-content/uploads/2021/06/colegiala-se-deja-lamer-su-panocha-por-su-perro.png HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/png
content-length: 34345
last-modified: Thu, 11 May 2023 06:27:16 GMT
vary: Accept-Encoding
etag: "645c8ac4-8629"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/uploads/2021/06/morra-golosa-se-mete-con-sus-tres-companeros..jpg
200 OK 12 kB URL GET HTTP/2 colegialacasero.com/wp-content/uploads/2021/06/morra-golosa-se-mete-con-sus-tres-companeros..jpg
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 45fca2388c40a68f8d50c5ef76373cf9
1dd2b5fa53d3065874549f67c77cb4c20abc82fb
62eceb2c82e5394bcfbd3962d6b0aad55ad56d983c0159a7d1c559a60e8b3963
GET /wp-content/uploads/2021/06/morra-golosa-se-mete-con-sus-tres-companeros..jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/jpeg
content-length: 11546
last-modified: Thu, 11 May 2023 06:27:14 GMT
vary: Accept-Encoding
etag: "645c8ac2-2d1a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/uploads/2021/06/en-el-cole.jpg
15 kB URL colegialacasero.com/wp-content/uploads/2021/06/en-el-cole.jpg
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 2d9712ad389278fd69a0fb6a9909d1d9
850069f2120bab562de413826f0910c7d795e5f6
95466078035f151db3a45e5d5fdd4aaf717bf859959c394a31ec713ce5aaed6b
GET /wp-content/uploads/2021/06/en-el-cole.jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/jpeg
content-length: 14574
last-modified: Thu, 11 May 2023 06:27:35 GMT
vary: Accept-Encoding
etag: "645c8ad7-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
colegialacasero.com/wp-content/uploads/2020/02/LOGO-COLEGIALASENACCION-PNG.png
28 kB URL colegialacasero.com/wp-content/uploads/2020/02/LOGO-COLEGIALASENACCION-PNG.png
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Hash 3a2e44b2e37ed337bf240e7b20f6cf0b
705092e899bb7f8b4ae8194fc9c694e801ff9221
33a0fc810da2cb37030c6ad27283c1f2ea117dc64412b220cfdea2f6453c42f3
GET /wp-content/uploads/2020/02/LOGO-COLEGIALASENACCION-PNG.png HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Cookie: _ga_TF7CDNVE74=GS1.1.1695181735.1.0.1695181735.0.0.0; _ga=GA1.1.1326764757.1695181736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/png
content-length: 28414
last-modified: Thu, 11 May 2023 05:55:54 GMT
vary: Accept-Encoding
etag: "645c836a-6efe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
69 kB URL www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
File type ASCII text, with very long lines (4179)
Hash 7973da786dabbbb024492085b4b971b9
a8b937eb4b4f557ee468ff25ab7d7b7685b8dac2
e159b9850b647f5096b9141d1eaf608edeeafefe1d7622382f13645ec55b7bf6
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 20 Sep 2023 03:48:55 GMT
expires: Wed, 20 Sep 2023 03:48:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
colegialacasero.com/wp-content/themes/torotube/img/transparent.gif
43 B URL colegialacasero.com/wp-content/themes/torotube/img/transparent.gif
IP
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /wp-content/themes/torotube/img/transparent.gif HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Cookie: _ga_TF7CDNVE74=GS1.1.1695181735.1.0.1695181735.0.0.0; _ga=GA1.1.1326764757.1695181736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/gif
content-length: 43
last-modified: Sat, 30 May 2020 12:49:14 GMT
vary: Accept-Encoding
etag: "5ed2564a-2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
vidoza.net/js/pop.js?v=1.0
35 B URL vidoza.net/js/pop.js?v=1.0
IP
Hash da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
GET /js/pop.js?v=1.0 HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: application/javascript
content-length: 35
last-modified: Mon, 31 Jul 2023 10:28:11 GMT
etag: "64c78cbb-23"
expires: Fri, 20 Oct 2023 03:46:44 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
vidoza.net/embed-7vh7zzzwbrkb.html
7.9 kB URL vidoza.net/embed-7vh7zzzwbrkb.html
IP
File type gzip compressed data, max speed, from Unix\012- data
Hash 5e01513c3431a0e1edbcfb6c5e3b50bf
310caf3255752663c0cbce2b98b00cdef96a085c
5baeda8d9c1be398464f1c0e6e0f1b1edf13af4c5fc60b6b3fcd60b6a4a06503
GET /embed-7vh7zzzwbrkb.html HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 19 Sep 2023 03:48:55 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.vidoza.net; path=/; HttpOnly
xfsts=; domain=.vidoza.net; path=/; expires=Tue, 20-Sep-2022 03:48:55 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
vidoza.net/images-newtheme/adb_logo.png
200 OK 8.3 kB URL GET HTTP/2 vidoza.net/images-newtheme/adb_logo.png
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced\012- data
Hash 98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/png
content-length: 8308
last-modified: Mon, 31 Jul 2023 10:28:23 GMT
etag: "64c78cc7-2074"
expires: Fri, 20 Oct 2023 03:46:51 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
vidoza.net/images-newtheme/attention.png
6.4 kB URL vidoza.net/images-newtheme/attention.png
IP
File type PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced\012- data
Hash d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
GET /images-newtheme/attention.png HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: image/png
content-length: 6377
last-modified: Mon, 31 Jul 2023 10:28:17 GMT
etag: "64c78cc1-18e9"
expires: Fri, 20 Oct 2023 03:42:39 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.o333o.com/vast-im.js
200 OK 87 kB IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerSectigo Limited
Subjectcdn.o333o.com
FingerprintFB:66:28:3D:02:6C:92:DD:C0:E6:56:E4:1A:15:F1:A2:D5:2E:50:7F
ValidityMon, 14 Nov 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash 977ada5925493cec9e324a48eae6359c
5c35c24ea6c373aa83640f5e597164d753c3e8b4
2f7b0746d92d39869e08c65fd9797ffb76d5f7be81a5d486bce5e21ada0fa9c4
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:56 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 86666
Content-Type: application/javascript
Last-Modified: Wed, 06 Sep 2023 08:28:04 GMT
Accept-Ranges: bytes
Server: nginx
ETag: "64f83814-1528a"
Cache-Control: max-age=315360000, public
X-HW: 1695181735.dop210.sk1.t,1695181736.cds224.sk1.shn,1695181736.dop210.sk1.t,1695181736.cds258.sk1.c
Access-Control-Allow-Origin: *
vv.7vid.net/henYKwb.js
200 OK 87 kB IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint64:CC:6A:07:24:55:16:B1:A1:1A:A6:1D:C5:70:3D:12:BA:98:31:61
ValidityFri, 25 Aug 2023 12:27:10 GMT - Thu, 23 Nov 2023 12:27:09 GMT
File type Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Hash 977ada5925493cec9e324a48eae6359c
5c35c24ea6c373aa83640f5e597164d753c3e8b4
2f7b0746d92d39869e08c65fd9797ffb76d5f7be81a5d486bce5e21ada0fa9c4
GET /henYKwb.js HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: application/javascript
content-length: 86666
last-modified: Wed, 06 Sep 2023 08:28:04 GMT
vary: Accept-Encoding
etag: "64f83814-1528a"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 3010
cf-ray: 8025a5cd7f979915-ARN
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
vv.7vid.net/Sb7AkA7.js
68 kB IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint64:CC:6A:07:24:55:16:B1:A1:1A:A6:1D:C5:70:3D:12:BA:98:31:61
ValidityFri, 25 Aug 2023 12:27:10 GMT - Thu, 23 Nov 2023 12:27:09 GMT
File type Unicode text, UTF-8 text, with very long lines (65436)
Hash f27801db3bc3aac3d0ad33e2832c951f
24c9c9c244447d01759ffd30998b347e46db044b
3ee6f2be8010f039a09e2a91ec6505c08deb2284c3c7056318ebf05161b56640
GET /Sb7AkA7.js HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: application/javascript
content-length: 67935
last-modified: Wed, 06 Sep 2023 11:56:24 GMT
vary: Accept-Encoding
etag: "64f868e8-1095f"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 103
cf-ray: 80268da4ab60d906-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
vz.7vid.net/Sb7AkA7.js
68 kB IP
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65436)
Hash f27801db3bc3aac3d0ad33e2832c951f
24c9c9c244447d01759ffd30998b347e46db044b
3ee6f2be8010f039a09e2a91ec6505c08deb2284c3c7056318ebf05161b56640
GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: application/javascript
content-length: 67935
last-modified: Wed, 06 Sep 2023 11:56:24 GMT
vary: Accept-Encoding
etag: "64f868e8-1095f"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 103
cf-ray: 80268da4ab60d906-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
qo.kelephoodmen.com/1clkn/14903
200 OK 26 B URL GET HTTP/1.1 qo.kelephoodmen.com/1clkn/14903
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectqo.kelephoodmen.com
Fingerprint98:67:52:D9:B0:D2:7C:9B:98:10:F3:9A:A7:36:74:62:D3:13:53:DB
ValiditySun, 13 Aug 2023 23:24:36 GMT - Sat, 11 Nov 2023 23:24:35 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
GET /1clkn/14903 HTTP/1.1
Host: qo.kelephoodmen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 Sep 2023 03:48:56 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Thu, 21-Sep-2023 03:48:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjCC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7B3R; expires=Thu, 21-Sep-2023 03:48:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 463749
expires: Mon, 09 Sep 2024 03:48:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQBOMOmtV9AaPj6t9NcsKPbxuouaP5tYYwQuz2lD%2BI6TRRyRsSZhCUVKaJ%2F4Qk9YnmY0EcxlunzuKUphPSL6ZA3y1UkhQQFMqZRfVERsZXziS7ZhGQHcsiIP68OUXDB%2FMntWLgln"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8097187bf942b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ubbfpm.com/ms/1000284/inpage_adult.js
200 OK 256 kB URL GET HTTP/1.1 ubbfpm.com/ms/1000284/inpage_adult.js
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectubbfpm.com
Fingerprint25:92:F4:F8:26:7D:0F:6B:64:48:C5:6C:F4:27:C9:EB:C9:A0:CA:EE
ValidityThu, 27 Jul 2023 20:52:45 GMT - Wed, 25 Oct 2023 20:52:44 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 256 kB (255601 bytes)
Hash 3208d9d292aa283e89c77e1f4e58c612
79c9c6386365ba5bd430d96feebd9af2318d49eb
c7db360813223c6b0dfa3a65d6ba6dc1202b32ba3f7aa0d070c238e670a6885a
GET /ms/1000284/inpage_adult.js HTTP/1.1
Host: ubbfpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 Sep 2023 03:48:56 GMT
Content-Type: application/javascript
Content-Length: 255601
Last-Modified: Fri, 21 Apr 2023 15:45:14 GMT
Connection: keep-alive
ETag: "6442af8a-3e671"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
200 OK 67 kB URL GET HTTP/3 www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (3287)
Hash b17ce8b894b8539a04c026ca1aa21b97
bc6f7df8697488d13cdcad73707c7c15e3e1835b
33dbea7aec83216a0c4b2879ce4ebbeb24f379e53317ec92491eb89a44ab3d94
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 20 Sep 2023 03:48:56 GMT
expires: Wed, 20 Sep 2023 03:48:56 GMT
cache-control: private, max-age=900
last-modified: Wed, 20 Sep 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.tapioni.com/adgpt.js
200 OK 812 B IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint67:5F:F1:E0:0C:5E:00:4E:6A:BF:B1:5F:40:29:66:0E:3F:9C:24:5F
ValidityWed, 30 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (2004), with no line terminators
Hash de3db63f8a8c26873d6733206a241593
b66369c935a8d293e2aff6148823984ccbd95ce2
a78f227636231ecdf3248db39efc2afeddb5e265526465faf531e9dcd0a2d155
GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: application/javascript
content-length: 812
last-modified: Wed, 06 Sep 2023 08:28:04 GMT
vary: Accept-Encoding
etag: "64f83814-32c"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1180205
accept-ranges: bytes
server: cloudflare
cf-ray: 8097187da8462e07-ARN
X-Firefox-Spdy: h2
kindledrummerhitch.com/97/85/38/9785383bf0d8f2fb611d938245088565.js
13 kB URL kindledrummerhitch.com/97/85/38/9785383bf0d8f2fb611d938245088565.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37160), with no line terminators
Hash 5e9af6b5bc4a97b07892132ad224aa81
1233663bcc3ad8117eb439ab65ef108040494773
57c7abce52628e4212c6fb6ee77240b6c36f3af763efe720e41ca5da9b1f3839
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: kindledrummerhitch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 20 Sep 2023 03:48:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1708c3e8738add20e92089b5ef66abf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
xngqoc.com/er?a=1
200 OK 0 B IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint72:3D:8C:DE:14:53:13:4C:23:00:B1:8D:16:EC:18:3F:17:95:FC:09
ValidityTue, 29 Aug 2023 01:02:29 GMT - Mon, 27 Nov 2023 01:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:48:57 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
vidoza.net/js/videojs.stm.5.min.js?0.0130702372471276
200 OK 2.8 kB URL GET HTTP/2 vidoza.net/js/videojs.stm.5.min.js?0.0130702372471276
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type ASCII text, with very long lines (6997), with no line terminators
Hash cb8d9f88fc9f998dba0edc190da44c19
20617cdb68e7e847b8b5d86adf08f1a82b36615f
0b78f38b41621a880c3253ab87b06b6d2f3da4c5a3d597b0cdfd4545950737e9
GET /js/videojs.stm.5.min.js?0.0130702372471276 HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: application/javascript
last-modified: Mon, 31 Jul 2023 10:28:05 GMT
vary: Accept-Encoding
etag: W/"64c78cb5-1b55"
expires: Fri, 20 Oct 2023 03:48:55 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 866cc5377ec4f2a691c145d6e33fec79
1aeccac39631ad0dac58f26672a6e47ad52132ad
db12cd8762166401cf740d1d49ed341dd71b74b9b47679dd4bda1eb8c92b1a08
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 20 Sep 2023 03:48:57 GMT
Last-Modified: Wed, 20 Sep 2023 02:30:08 GMT
Server: ECAcc (ska/F78B)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DLG3ieVF2iCX3_5m7HjTHMj3yXWuuAv8abCUSwWl2iP25D87S5-tMw==
Age: 4729
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 617768edfa86c5ffee86fb69098b4510
06aa1c873b966884e746ba149b0798b0b3aebfdf
b6201081f24f1bffd8377290ab57db56abddf36a1dc86b3dc07ee92e0cdea25e
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vidoza.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1; expires=Sat, 17 Sep 2033 03:48:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
str30.vidoza.net/i/02/05852/7vh7zzzwbrkb.jpg?v=1695181735
200 OK 17 kB URL GET HTTP/2 str30.vidoza.net/i/02/05852/7vh7zzzwbrkb.jpg?v=1695181735
IP
ASN #49453 Global Layer B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 360x638, components 3\012- data
Hash 534eeefc5a676f9c0b8b850acba7fde4
b299237829d73fea69b29bf22d7adaec4c86ca24
8f80311abec2c40ab9f6914390c49bcdcba4a69ed29a857aa63d0e0944595e0a
GET /i/02/05852/7vh7zzzwbrkb.jpg?v=1695181735 HTTP/1.1
Host: str30.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: image/jpeg
content-length: 17346
last-modified: Thu, 27 Apr 2023 04:34:55 GMT
etag: "6449fb6f-43c2"
expires: Wed, 04 Oct 2023 03:48:58 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
84 kB URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
File type ASCII text, with very long lines (7558)
Hash b98bfaf199fdba132414c8961b9768f4
042f84cd33b3d3593970eeaf17f4f59adc2d4d66
f94c40b23d5a869a123cefe8e4822545255605b497988096e07cb96d5101ebe9
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 20 Sep 2023 03:48:58 GMT
expires: Wed, 20 Sep 2023 03:48:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
haveproceeding.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js
29 kB URL haveproceeding.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 112484880e2ca531914f032d8012a659
7e8b5875bce792e74eebaca047b3cad98b8c588a
5f0044c90882e367c1875ee9e1ce323fe1c3d2b8eb5cfcbfe79a9486f401915d
GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: haveproceeding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3493493e1c7d50d49abc77c7cc1fdce7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
bid.bidclickmedia.com/sub/Pj8pz0z
200 OK 144 B URL GET HTTP/2 bid.bidclickmedia.com/sub/Pj8pz0z
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
FingerprintD1:5D:81:3A:5B:E4:F4:78:FD:8B:31:0D:00:37:C9:89:8A:23:35:82
ValidityTue, 08 Aug 2023 16:08:48 GMT - Mon, 06 Nov 2023 16:08:47 GMT
File type HTML document, ASCII text
Hash e151e24dc5b354ea8ee36534a8264594
4b5f293d59d009ee46087f164ee86d066e8e83f4
b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NERUo4x2TcvUJfdaNa8J5MOIx7Cm2PXN0iadDK%2BVFrcY7S3wwD4SAKvzrLNo3BPvGGlH0FG2AFt2eQ6E7%2FT%2B4zauPIu%2BQxr4iCWMai2eiiRem9Q50abioUYN964ywwiP7rfEYnfX0Kk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 809718834eb7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 617768edfa86c5ffee86fb69098b4510
06aa1c873b966884e746ba149b0798b0b3aebfdf
b6201081f24f1bffd8377290ab57db56abddf36a1dc86b3dc07ee92e0cdea25e
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Cookie: uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vidoza.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 718
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-08-02 20:43:32
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6430a348077fc32fb455ebd2f4b207b4
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 9089363
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 809718898fbc56c9-OSL
alt-svc: h3=":443"; ma=86400
str30.vidoza.net/nvl4fywjqeeuieno3v5q3xnym75y2vfu52wlunivg3wwefv25cd6yd7ha55q/v.mp4
1.6 MB URL str30.vidoza.net/nvl4fywjqeeuieno3v5q3xnym75y2vfu52wlunivg3wwefv25cd6yd7ha55q/v.mp4
IP
ASN #49453 Global Layer B.V.
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.6 MB (1572865 bytes)
Hash 628d4b91443a8c8a30f73b69e90bc067
2bedf9fa5c8c71a8d19972c557d0b1df37f1fc8d
903f68af48be632c09e2b0e6127e5c607883be319bb2e4ecc6b56bceb70d9eae
GET /nvl4fywjqeeuieno3v5q3xnym75y2vfu52wlunivg3wwefv25cd6yd7ha55q/v.mp4 HTTP/1.1
Host: str30.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: video/mp4
content-length: 6705579
last-modified: Thu, 27 Apr 2023 04:34:54 GMT
etag: "6449fb6e-6651ab"
content-range: bytes 0-6705578/6705579
X-Firefox-Spdy: h2
xngqoc.com/trt?a=1&t=1448
200 OK 0 B URL GET HTTP/2 xngqoc.com/trt?a=1&t=1448
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint72:3D:8C:DE:14:53:13:4C:23:00:B1:8D:16:EC:18:3F:17:95:FC:09
ValidityTue, 29 Aug 2023 01:02:29 GMT - Mon, 27 Nov 2023 01:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /trt?a=1&t=1448 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:48:58 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
471 B IP
Hash a5d0ac81295853f61388cba898dd7b03
7a65c393ba555604bddd999b12503fb69c743dfd
d51cdbc70b293a4ec3f1ef775779e683f19e4a9710d4ab479896366c5ef2c828
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 13:51:34 GMT
Expires: Tue, 26 Sep 2023 13:51:33 GMT
Etag: "7a65c393ba555604bddd999b12503fb69c743dfd"
Cache-Control: max-age=554281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8097188b4e5f5688-OSL
ocsp.sectigo.com/
472 B IP
Hash 3b430c63069d3ddbe34e49f32bf222b2
b6ae695efdf7c5c19cd871e670c3de22b3472e90
db33b36f6f3aba56626552b9493dbf47e54f94c55d6d3180854d2859cbae6b1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 00:09:13 GMT
Expires: Tue, 26 Sep 2023 00:09:12 GMT
Etag: "b6ae695efdf7c5c19cd871e670c3de22b3472e90"
Cache-Control: max-age=505847,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8097188c0ebf5688-OSL
ocsp.sectigo.com/
472 B IP
Hash 3b430c63069d3ddbe34e49f32bf222b2
b6ae695efdf7c5c19cd871e670c3de22b3472e90
db33b36f6f3aba56626552b9493dbf47e54f94c55d6d3180854d2859cbae6b1d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 00:09:13 GMT
Expires: Tue, 26 Sep 2023 00:09:12 GMT
Etag: "b6ae695efdf7c5c19cd871e670c3de22b3472e90"
Cache-Control: max-age=506284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8097188c1a0e56bb-OSL
zv.7vid.net/api/users/17538697239922614095/1984638?fill=0&kw=file%20upload,share%20files,free%20upload
1.0 kB URL zv.7vid.net/api/users/17538697239922614095/1984638?fill=0&kw=file%20upload,share%20files,free%20upload
IP
ASN #24940 Hetzner Online GmbH
File type gzip compressed data, from Unix\012- data
Hash 71f0797431788cbccf94bf2c16ca1053
668a16005f2ccfd99ea78e6d19ea462e5a905fcc
686a61fe17d126804bf576ab97cda9575533f5fc0c872c3fa2f58e2e4c88f4ba
GET /api/users/17538697239922614095/1984638?fill=0&kw=file%20upload,share%20files,free%20upload HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Cookie: nauid=P5rSJfJOiWFr2OXBoB3p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://vidoza.net
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
zv.7vid.net/api/users/17538697239922614095/1987790?fill=0&kw=file%20upload,share%20files,free%20upload
200 OK 470 B URL GET HTTP/2 zv.7vid.net/api/users/17538697239922614095/1987790?fill=0&kw=file%20upload,share%20files,free%20upload
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject1111.spinna.online
Fingerprint1A:5C:4B:9B:F4:67:EE:3C:8A:B4:5C:15:34:00:99:7E:17:6D:15:28
ValidityThu, 14 Sep 2023 13:12:16 GMT - Wed, 13 Dec 2023 13:12:15 GMT
File type XML 1.0 document text\012- XML document, ASCII text
Hash 1f873e079defc49a9e986edfa0d3345c
5f8914a435e22723383b17ab1a48df65e38ac6f9
d8d74dd3f7f33b337426e98d1ab1a5b189f1b5be276160fda09db4f560566fde
GET /api/users/17538697239922614095/1987790?fill=0&kw=file%20upload,share%20files,free%20upload HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Cookie: nauid=P5rSJfJOiWFr2OXBoB3p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://vidoza.net
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
471 B IP
Hash a5d0ac81295853f61388cba898dd7b03
7a65c393ba555604bddd999b12503fb69c743dfd
d51cdbc70b293a4ec3f1ef775779e683f19e4a9710d4ab479896366c5ef2c828
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 13:51:34 GMT
Expires: Tue, 26 Sep 2023 13:51:33 GMT
Etag: "7a65c393ba555604bddd999b12503fb69c743dfd"
Cache-Control: max-age=555316,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8097188b4fbb56aa-OSL
ocsp.sectigo.com/
471 B IP
Hash a5d0ac81295853f61388cba898dd7b03
7a65c393ba555604bddd999b12503fb69c743dfd
d51cdbc70b293a4ec3f1ef775779e683f19e4a9710d4ab479896366c5ef2c828
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 13:51:34 GMT
Expires: Tue, 26 Sep 2023 13:51:33 GMT
Etag: "7a65c393ba555604bddd999b12503fb69c743dfd"
Cache-Control: max-age=555316,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8097188b4fc7b4ee-OSL
octavianimmaculate.com/pixel/purst?dl=0&th=0&sc=0&rs=3081&rd=3081&fd=978&bv=22.10.v.10&tmpl=136
200 OK 0 B URL GET HTTP/1.1 octavianimmaculate.com/pixel/purst?dl=0&th=0&sc=0&rs=3081&rd=3081&fd=978&bv=22.10.v.10&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectoctavianimmaculate.com
Fingerprint6E:F0:4C:AE:FD:B5:D2:79:5A:DE:C1:2B:EF:11:A8:64:66:D7:26:E3
ValidityTue, 19 Sep 2023 06:52:25 GMT - Mon, 18 Dec 2023 06:52:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3081&rd=3081&fd=978&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: octavianimmaculate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 20 Sep 2023 03:48:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 617768edfa86c5ffee86fb69098b4510
06aa1c873b966884e746ba149b0798b0b3aebfdf
b6201081f24f1bffd8377290ab57db56abddf36a1dc86b3dc07ee92e0cdea25e
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Cookie: uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vidoza.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 617768edfa86c5ffee86fb69098b4510
06aa1c873b966884e746ba149b0798b0b3aebfdf
b6201081f24f1bffd8377290ab57db56abddf36a1dc86b3dc07ee92e0cdea25e
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Cookie: uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vidoza.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
s.magsrv.com/splash.php?idzone=5075898&sub=1186451501&ad_tags=
200 OK 2.5 kB URL GET HTTP/1.1 s.magsrv.com/splash.php?idzone=5075898&sub=1186451501&ad_tags=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
Fingerprint9C:9C:8C:15:3B:65:AB:34:94:B5:CD:26:D6:67:61:2A:99:F9:0A:7B
ValidityTue, 01 Aug 2023 11:24:30 GMT - Mon, 30 Oct 2023 11:24:29 GMT
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1559)
Hash ae876bf97bb0b5ac89b4d246614b8e87
adaf1b0119655a22daa3218dce481e28da1595c5
6873c6a1f67f9935ab0642b0dcec7bb690e1e56a7cb8bdbd98aa6743b97d1602
GET /splash.php?idzone=5075898&sub=1186451501&ad_tags= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 Sep 2023 03:48:59 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22650a6bab5ba375.398285344116290916%22%3B%7D; expires=Fri, 19 Sep 2025 03:48:59 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C5075898%7C84865580%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1186451501%7Cvidoza.net%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1695181739%7C80c4c548265085a7890c8199ece7a46b%7Cok%22%7D; expires=Thu, 21 Sep 2023 03:48:59 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://vidoza.net
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
zv.7vid.net/api/spots/70101?s1=123521&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1
685 B URL zv.7vid.net/api/spots/70101?s1=123521&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1
IP
ASN #24940 Hetzner Online GmbH
File type gzip compressed data, from Unix\012- data
Hash 2da9de20f8ef5ece338cf6c415c86c12
66d74a226b08520e61cac10f7fa7992b5150e522
999f57056ab1d4fbc39a37b85d6bf453ac52689f19a43922611e9ec4f627d056
GET /api/spots/70101?s1=123521&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://vidoza.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=P5rSJfJOiWFr2OXBoB3p; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
bid.bidclickmedia.com/load
302 Found 361 B URL POST HTTP/3 bid.bidclickmedia.com/load
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
FingerprintD1:5D:81:3A:5B:E4:F4:78:FD:8B:31:0D:00:37:C9:89:8A:23:35:82
ValidityTue, 08 Aug 2023 16:08:48 GMT - Mon, 06 Nov 2023 16:08:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6610c77cad5adb691fd5f9ffa06b9486
d003b0d6d8bb61e5fd17dc635c017f6393e0c24c
83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx09GdlgQXrsYA997TTirvzetRcCPgGy3bMw5r1D7jsILjaZEah%2FqW4xCXyMMAWM3HeZP4JyZVuEi714d%2BXysPXewc9sA6XARPhmAPJMUJbbL1s1v6yh3FYZ9f2L06UJ0vFxkoZdeOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80971888a8bbb50f-OSL
alt-svc: h3=":443"; ma=86400
static.addtoany.com/menu/svg/icons/whatsapp.js
200 OK 982 B URL GET HTTP/3 static.addtoany.com/menu/svg/icons/whatsapp.js
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:A5:DB:83:09:73:10:48:06:97:65:2A:D9:27:B7:67:2D:7E:9D:6C
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1137), with no line terminators
Hash a85a710aa4b2371a7d11c225ad6eb877
5c5407b0588a94421c68416d16c1075e89a24023
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 26077070
etag: W/"471-5edb43f896478"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8097188668ea0a1d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.sectigo.com/
471 B IP
Hash 6081aeb11beb6ba617097203aebe90bb
c279a4e34d19b03b7c128ee111ac4cfc1a2175f6
ac5d9d19733544e9e7dd9fe4f9eab5263696cd6fb9add5fa4c2945e5f5d3cc74
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:48:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 22:54:29 GMT
Expires: Tue, 26 Sep 2023 22:54:28 GMT
Etag: "c279a4e34d19b03b7c128ee111ac4cfc1a2175f6"
Cache-Control: max-age=587096,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80971891c96a5688-OSL
i.wmgtr.com/cim/fQGdkCqPGvKCgjtfINqwhFuDvEfMKFtB.png
50 kB URL i.wmgtr.com/cim/fQGdkCqPGvKCgjtfINqwhFuDvEfMKFtB.png
IP
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, from Unix\012- data
Hash 66b7f131bc3f8ab89939177a4c703071
012110a2948ed5d08094d4ed964f1666eb33f284
d387773b0f5220c36502b0fcd28245cb7ab474b2df226171f1a70a1baaf04a9a
GET /cim/fQGdkCqPGvKCgjtfINqwhFuDvEfMKFtB.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 21 Sep 2023 02:48:59 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/viber.js
870 B URL static.addtoany.com/menu/svg/icons/viber.js
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:A5:DB:83:09:73:10:48:06:97:65:2A:D9:27:B7:67:2D:7E:9D:6C
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1009), with no line terminators
Hash 927cd8715da3791c6a768bc4e0be9528
894072e308613f645fb978ac71cdb9744ebb4902
cb79f192691a7328c0bc35b8fa9650495d4ac4656dbcf64d3fa8fdf15b5aeef1
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 26077070
etag: W/"3f1-5edb43f877078"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8097188658e80a1d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
unseenreport.com/pxf.gif?uuid=a6be39a9-4a41-449b-868e-b08aefb28a76&eb=6adde438baa0fa92530e8a3115bdffc1&te=37396b568500723acebf9a99ac43aeca&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=1&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3
1 B URL unseenreport.com/pxf.gif?uuid=a6be39a9-4a41-449b-868e-b08aefb28a76&eb=6adde438baa0fa92530e8a3115bdffc1&te=37396b568500723acebf9a99ac43aeca&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=1&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=a6be39a9-4a41-449b-868e-b08aefb28a76&eb=6adde438baa0fa92530e8a3115bdffc1&te=37396b568500723acebf9a99ac43aeca&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=1&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 20 Sep 2023 03:48:59 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22db6aee681baa0eef32585fb3a4a017
Strict-Transport-Security: max-age=0; includeSubdomains
bid.bidclickmedia.com/sub/Pj8pz0z
200 OK 505 B URL GET HTTP/2 bid.bidclickmedia.com/sub/Pj8pz0z
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
FingerprintD1:5D:81:3A:5B:E4:F4:78:FD:8B:31:0D:00:37:C9:89:8A:23:35:82
ValidityTue, 08 Aug 2023 16:08:48 GMT - Mon, 06 Nov 2023 16:08:47 GMT
File type HTML document, ASCII text
Hash e151e24dc5b354ea8ee36534a8264594
4b5f293d59d009ee46087f164ee86d066e8e83f4
b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ox%2FDVoaWkYep%2FLHj7vvE1ODb61g44BBotJosfHRqx%2FV5ExpmZWmIudw6ulycrir2PaPePYV8%2BRMeouhZNCRokmdw2hxi17hnZLIBsuPdUy3ojpmdcTDbpsdG8qstjg6KSqkvtt%2FVID8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80971882a898b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/reddit.js
200 OK 443 B URL GET HTTP/3 static.addtoany.com/menu/svg/icons/reddit.js
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:A5:DB:83:09:73:10:48:06:97:65:2A:D9:27:B7:67:2D:7E:9D:6C
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (929), with no line terminators
Hash d50e42f61f1d3dbc1633a4ff5eed88a1
cadabf0478cb26debca880e64243fecd79051318
16ea98df371c043e34589b849544118a55801022a4898cb4809c63af0cade307
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 26077070
etag: W/"3a1-5edb43f7d1fd8"
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8097188658e30a1d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
clarklyons.net/sc?t=1695181739877&a=5KQJ&c=6oCrnQnJzNuEkqqGLF8Xgj&e=gAAAAABlCmur6KKFen3Twp3_Ngc1Hh4bxPREqfozx77Qpy0Ooq1HWk_76m2Q70yuZFwTW-grFZCS4DOIP8SgOEoUyUJfbBMn1R9kAlXb56_WScthsRxwGVxaTqiDVztcN27DQWBaf1DtwNuu1Qsu447ds-bhKCJwbPr8k2817MGmZmnI1zLlUusYSCaCS3B9dW9ZgICY9dlxzzdrDPLWnGLYFvEnGTxMkK-dGoPE1AuS9-E5Xg6o4E9jdJlDckPwTl5wILgelXj85M7MGfnqmRYy-5yjd4_V7Bakt2HbOD1-KVgoxOkbH6rLfatEABxDgsbUA7S-j7Gr17X850mT-wZvcbgEc-fEsOAwFbj5MOywPR7F7nr-D5MakvERyvM9UOwNerOmxEl4q7T8o2rLXG7UNLHsTX3Tz1mNSRkPNhjkxJ9iFq_kQ-lQVh2M0iN0aWgP1rfeG9wfE9vBgQ_rQAnibJHjsLoCGA==&f=2048
302 Found 56 B URL GET HTTP/2 clarklyons.net/sc?t=1695181739877&a=5KQJ&c=6oCrnQnJzNuEkqqGLF8Xgj&e=gAAAAABlCmur6KKFen3Twp3_Ngc1Hh4bxPREqfozx77Qpy0Ooq1HWk_76m2Q70yuZFwTW-grFZCS4DOIP8SgOEoUyUJfbBMn1R9kAlXb56_WScthsRxwGVxaTqiDVztcN27DQWBaf1DtwNuu1Qsu447ds-bhKCJwbPr8k2817MGmZmnI1zLlUusYSCaCS3B9dW9ZgICY9dlxzzdrDPLWnGLYFvEnGTxMkK-dGoPE1AuS9-E5Xg6o4E9jdJlDckPwTl5wILgelXj85M7MGfnqmRYy-5yjd4_V7Bakt2HbOD1-KVgoxOkbH6rLfatEABxDgsbUA7S-j7Gr17X850mT-wZvcbgEc-fEsOAwFbj5MOywPR7F7nr-D5MakvERyvM9UOwNerOmxEl4q7T8o2rLXG7UNLHsTX3Tz1mNSRkPNhjkxJ9iFq_kQ-lQVh2M0iN0aWgP1rfeG9wfE9vBgQ_rQAnibJHjsLoCGA==&f=2048
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerSectigo Limited
Subjectclarklyons.net
Fingerprint36:B0:F0:46:74:13:55:42:89:2F:3E:40:9B:E6:5B:83:9C:60:0C:C3
ValidityTue, 25 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 20350e06f316fe1f8323350c00f4a568
1f403224fa81dde25beb3708ae65a4e1fdf886e3
1784f72b21da6b5c9c19b90fecc66d3ebf9981318804a5630b44cfa683711c15
GET /sc?t=1695181739877&a=5KQJ&c=6oCrnQnJzNuEkqqGLF8Xgj&e=gAAAAABlCmur6KKFen3Twp3_Ngc1Hh4bxPREqfozx77Qpy0Ooq1HWk_76m2Q70yuZFwTW-grFZCS4DOIP8SgOEoUyUJfbBMn1R9kAlXb56_WScthsRxwGVxaTqiDVztcN27DQWBaf1DtwNuu1Qsu447ds-bhKCJwbPr8k2817MGmZmnI1zLlUusYSCaCS3B9dW9ZgICY9dlxzzdrDPLWnGLYFvEnGTxMkK-dGoPE1AuS9-E5Xg6o4E9jdJlDckPwTl5wILgelXj85M7MGfnqmRYy-5yjd4_V7Bakt2HbOD1-KVgoxOkbH6rLfatEABxDgsbUA7S-j7Gr17X850mT-wZvcbgEc-fEsOAwFbj5MOywPR7F7nr-D5MakvERyvM9UOwNerOmxEl4q7T8o2rLXG7UNLHsTX3Tz1mNSRkPNhjkxJ9iFq_kQ-lQVh2M0iN0aWgP1rfeG9wfE9vBgQ_rQAnibJHjsLoCGA==&f=2048 HTTP/1.1
Host: clarklyons.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clarklyons.net/click?a=5KQJ&e=gAAAAABlCmurEbp7H2x7Y4c4sfZyJGP9NEsmyyrMu-_f-GsQc2BqFJ1fnmBvisEVhrffBcBYPqNjM8wkYb7ZkfAatEyMpi2khJtfzbRnVoUr64dm1HySJyTcHWgwMoPHg8CdzalJxF0ZBzS2gBBD9971YEyoezh7_ISp62-EEKFVZNR8GhWF4AT1ZZ3rW0lOVOWQE3urO7teCRyyTojqUQAb_YpQZg1K6FnO1cXIxQMVSvn1sDHw1T-iygM84Rheuif3ygBa7AgMHyNR_G3fiPo0WXEGijc1MRNh8h0yLTQHjCpkFfzEQQtwZDXKv1U3fCYpf6uBEFN8runpVB0qmn4gSIxpGpfOZhsLTxHQLHGk9UqTM03ZeStLeBoklI-LEyrsLFOY5YIPyuAHu1E4MtFyiTtA1XsAoYWp2uZ09mgZ0400tYe-qyymHzJZwdoti5JsPRNZNt81DuOKidLt9Z8jwYtExV8AbQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 20 Sep 2023 03:49:00 GMT
content-type: text/html; charset=utf-8
content-length: 56
location: http://alfad.pro/go/266933/701284
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
kpdofa.xyz/dsp/cu/clc?aid=16268044803981460182&t=1695181739&s=1041651&sid=411
302 Found 157 B URL GET HTTP/2 kpdofa.xyz/dsp/cu/clc?aid=16268044803981460182&t=1695181739&s=1041651&sid=411
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectkpdofa.xyz
Fingerprint0E:00:89:E4:28:9A:1B:1A:D2:FB:7A:35:B5:6E:A3:AB:73:6B:EF:51
ValidityMon, 11 Sep 2023 11:07:40 GMT - Sun, 10 Dec 2023 11:07:39 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 9d24a80b8777139e5f61ce4d7928617d
131baeafdc757b8ec502999f09c9ec9b2744ae0a
ac78b2baa702693ae60028123d1e729e7d319bcc21a0c32c8e3a59dc17bd938b
GET /dsp/cu/clc?aid=16268044803981460182&t=1695181739&s=1041651&sid=411 HTTP/1.1
Host: kpdofa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:49:00 GMT
content-type: text/html; charset=utf-8
content-length: 157
location: https://bizzstreams2u.live/espn.php
X-Firefox-Spdy: h2
vast.livejasmin.com/?psid=ed_exo0vb0no&subaffid=1005888&ms_notrack=1&pstour=t1&psprogram=REVS&utm_source=exo&site=jsm&utm_medium=network&categoryName=girl
3.3 kB URL vast.livejasmin.com/?psid=ed_exo0vb0no&subaffid=1005888&ms_notrack=1&pstour=t1&psprogram=REVS&utm_source=exo&site=jsm&utm_medium=network&categoryName=girl
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type HTML document, ASCII text, with very long lines (662)
Hash f5cce1c7dc3bcf029f568b4f3beeb3ee
588b9ac2a9db46621bca652f579d22ec84a9bd28
3ef8ce413e98b1f930799894b1d23717c773bfef9af2fff7dc0e477bee074545
GET /?psid=ed_exo0vb0no&subaffid=1005888&ms_notrack=1&pstour=t1&psprogram=REVS&utm_source=exo&site=jsm&utm_medium=network&categoryName=girl HTTP/1.1
Host: vast.livejasmin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/xml; charset=utf-8
x-target-pstool: 401_18
x-ud-id: j3syr/0jG
access-control-allow-origin: https://vidoza.net
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET
server: unknown
set-cookie: psui=7c488d85daecc2bf18f4f49ac0fc0392; Path=/; Expires=Fri, 20-Oct-23 03:48:59 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
kpdofa.xyz/dsp/cu/clc?aid=7270308038621611384&t=1695181739&s=1041651&sid=411
157 B URL kpdofa.xyz/dsp/cu/clc?aid=7270308038621611384&t=1695181739&s=1041651&sid=411
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectkpdofa.xyz
Fingerprint0E:00:89:E4:28:9A:1B:1A:D2:FB:7A:35:B5:6E:A3:AB:73:6B:EF:51
ValidityMon, 11 Sep 2023 11:07:40 GMT - Sun, 10 Dec 2023 11:07:39 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 9d24a80b8777139e5f61ce4d7928617d
131baeafdc757b8ec502999f09c9ec9b2744ae0a
ac78b2baa702693ae60028123d1e729e7d319bcc21a0c32c8e3a59dc17bd938b
GET /dsp/cu/clc?aid=7270308038621611384&t=1695181739&s=1041651&sid=411 HTTP/1.1
Host: kpdofa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:49:00 GMT
content-type: text/html; charset=utf-8
content-length: 157
location: https://bizzstreams2u.live/espn.php
X-Firefox-Spdy: h2
filter.bidforclicks.com/filter?q=&i=8bKUGGtzeQg_0&ci=-6480773741129569307&t=2072793519
13 kB URL filter.bidforclicks.com/filter?q=&i=8bKUGGtzeQg_0&ci=-6480773741129569307&t=2072793519
IP
ASN #27257 WEBAIR-INTERNET
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (524)
Hash c12418f8135dc43afe877ec573b49764
a06da74327acb2082bda7ba2219d3ff55f3107df
e00f5bd62c9593de712c81a236353557e2154c91e91f4d9d3f5431d7f83024bd
GET /filter?q=&i=8bKUGGtzeQg_0&ci=-6480773741129569307&t=2072793519 HTTP/1.1
Host: filter.bidforclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 Sep 2023 03:49:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12922
Connection: keep-alive
Cache-Control: no-store
Age: 0
Set-Cookie: c476384352=-1766613230
x3333609=1766613230; Domain=.bidforclicks.com
Pragma: no-cache
ocsp.sectigo.com/
471 B IP
Hash f4c2a51d2945fd8e168d3bef860449d0
de2a0c4b2b9dfa8a7bd2839414abb60985291675
3c085f10308ce7a5f7969e468774306279e8a043a8dfbe95fc71472e9dd750b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 20 Sep 2023 03:49:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 19 Sep 2023 11:48:46 GMT
Expires: Tue, 26 Sep 2023 11:48:45 GMT
Etag: "de2a0c4b2b9dfa8a7bd2839414abb60985291675"
Cache-Control: max-age=547726,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 809718976da856bb-OSL
xml.flairadscpc.com/click?i=9FrmAUPRPLY_0
0 B URL xml.flairadscpc.com/click?i=9FrmAUPRPLY_0
IP
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=9FrmAUPRPLY_0 HTTP/1.1
Host: xml.flairadscpc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 20 Sep 2023 03:49:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://xmlclick.flairadscpc.com/nrtb/click?bid=Q1sSftEgHmjGdm7g_vT_zvg_fwo6YEVnHFixbB1RfQTAveu4hUnuovXQ1iLLMmQE_0_15
Pragma: no-cache
bizzstreams2u.live/espn.php
1.9 kB URL bizzstreams2u.live/espn.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (529)
Hash d6f2bad5509d7f3b81eaa060037366b3
1225028dcc07d9e5156c31017e231518b13fc877
2cbecdb046ad0091906a6d6931e53ab8523b1801518c4368c31df5d44bc014ab
GET /espn.php HTTP/1.1
Host: bizzstreams2u.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:49:00 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCXV2DJKNKeGAXq%2B2MYosrrqoG9sA3p8%2FG4DVUb2F2zZdUjqnQJkH4kfUOUSa%2BPzmoiHb6rD%2FlvaS%2Fvv1xtdb3XrKDTZwopDO38HdTohGSbIjcgrgvawSxn0%2B5l3eNfi8tJKQao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80971895296e0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
demiseskill.com/ymy1bdj24q?key=4461951782dd558766f49988bbe471c4
200 OK 1.3 kB URL GET HTTP/1.1 demiseskill.com/ymy1bdj24q?key=4461951782dd558766f49988bbe471c4
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectdemiseskill.com
Fingerprint4B:FD:CC:5B:DB:CB:AB:56:9F:53:84:E3:53:71:88:39:25:B4:44:DE
ValidityThu, 07 Sep 2023 06:19:03 GMT - Wed, 06 Dec 2023 06:19:02 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash acddbb6b5b7c756f76d58bd5666445cd
c3ce0b245d27fd2466c3162969cae74b45cc2d49
5dc1855a0ad4624d8581ddd0a78ef0958e19e43eea2ba36325cedb86c2d5fc83
GET /ymy1bdj24q?key=4461951782dd558766f49988bbe471c4 HTTP/1.1
Host: demiseskill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 20 Sep 2023 03:49:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=20231345; expires=Thu, 21 Sep 2023 03:49:01 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDIzMTM0NSwiayI6IjQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODU2MDc4LCJwaWQiOjE5Njk2NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoieW15MWJkajI0cSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzkwODg5NDgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTI0Mzg2LCJibiI6IkZpcmVmb3giLCJidiI6IjExMS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.Y4LuqDh4Re8jfftz70WnQrrAq7wlb3hzUHJlWjaA-lA; expires=Wed, 20 Sep 2023 03:50:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52c482b3af481151504ea51c090e6774
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
xmlclick.flairadscpc.com/nrtb/click?bid=Q1sSftEgHmjGdm7g_vT_zvg_fwo6YEVnHFixbB1RfQTAveu4hUnuovXQ1iLLMmQE_0_15
302 Found 137 B URL GET HTTP/2 xmlclick.flairadscpc.com/nrtb/click?bid=Q1sSftEgHmjGdm7g_vT_zvg_fwo6YEVnHFixbB1RfQTAveu4hUnuovXQ1iLLMmQE_0_15
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerSectigo Limited
Subject*.flairadscpc.com
FingerprintB3:B5:E7:4B:0D:FD:4B:66:13:B8:3B:23:55:C9:A8:6A:98:27:01:A4
ValidityFri, 10 Mar 2023 00:00:00 GMT - Fri, 22 Mar 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 547d460b917dfb183341a9e48564204f
45d5169c521bc0ca22801124d31c0f61e7e55303
56082d565b22d11dc0be444576e008324f5cdffa055fe60c90021e0179c1b4f3
GET /nrtb/click?bid=Q1sSftEgHmjGdm7g_vT_zvg_fwo6YEVnHFixbB1RfQTAveu4hUnuovXQ1iLLMmQE_0_15 HTTP/1.1
Host: xmlclick.flairadscpc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:49:01 GMT
content-type: text/html; charset=utf-8
content-length: 137
location: https://us.justtoo.net/nty/postback/click?key=v2-1695181739278-4-6681-1270992-930a3d4d-5d6c-c62e-2709-bb54aa4e3220
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 617768edfa86c5ffee86fb69098b4510
06aa1c873b966884e746ba149b0798b0b3aebfdf
b6201081f24f1bffd8377290ab57db56abddf36a1dc86b3dc07ee92e0cdea25e
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://demiseskill.com
DNT: 1
Connection: keep-alive
Referer: https://demiseskill.com/
Cookie: uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:49:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://demiseskill.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 617768edfa86c5ffee86fb69098b4510
06aa1c873b966884e746ba149b0798b0b3aebfdf
b6201081f24f1bffd8377290ab57db56abddf36a1dc86b3dc07ee92e0cdea25e
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://demiseskill.com
DNT: 1
Connection: keep-alive
Referer: https://demiseskill.com/
Cookie: uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:49:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://demiseskill.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
xml.bidforclicks.com/click2?i=8bKUGGtzeQg_0&ci=-6480773741129569307&j=rv%3Db%26ss%3D1280x1024%26ws%3D1362x764%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D3477%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D7%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.bidforclicks.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A109.0%29%2BGecko%252F20100101%2BFirefox%252F111.0%26nd%3D2%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1362x764%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1346x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0
0 B URL xml.bidforclicks.com/click2?i=8bKUGGtzeQg_0&ci=-6480773741129569307&j=rv%3Db%26ss%3D1280x1024%26ws%3D1362x764%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D3477%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D7%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.bidforclicks.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A109.0%29%2BGecko%252F20100101%2BFirefox%252F111.0%26nd%3D2%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1362x764%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1346x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0
IP
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click2?i=8bKUGGtzeQg_0&ci=-6480773741129569307&j=rv%3Db%26ss%3D1280x1024%26ws%3D1362x764%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D3477%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D7%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.bidforclicks.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A109.0%29%2BGecko%252F20100101%2BFirefox%252F111.0%26nd%3D2%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1362x764%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1346x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 HTTP/1.1
Host: xml.bidforclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filter.bidforclicks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 20 Sep 2023 03:49:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache
bid.bidclickmedia.com/sub/0YDX8OE
200 OK 6.7 MB URL GET HTTP/2 bid.bidclickmedia.com/sub/0YDX8OE
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
FingerprintD1:5D:81:3A:5B:E4:F4:78:FD:8B:31:0D:00:37:C9:89:8A:23:35:82
ValidityTue, 08 Aug 2023 16:08:48 GMT - Mon, 06 Nov 2023 16:08:47 GMT
File type HTML document, ASCII text
Size 6.7 MB (6705723 bytes)
Hash f5ed6ce7b82ba2323315254d8ec73268
130f2deb64cffe104ed683e06bb6f60d3755ac1c
fea4d8201695c74087e6b7cdd58df01361f12fcad31870e7d9fbbed7402a2926
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdAf753x0lnMJXwb5v9GeQ1xL%2BrKk8hs%2BgUU8sTgbGzcysj%2F2A25xtWFsOeL6RYIW1hR%2Bbg4z8c0gBaqQfvjFT8ZcaRu5fpE6Fbp1okcxLVgJmJZdRSg8%2BM9RV77WO1%2F%2B%2B8oyvwf5rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80971882a896b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
demiseskill.com/api/users?token=L3lteTFiZGoyNHE_a2V5PTQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0JnBzdD0xNjk1MTgxODAxJnJtdGM9dCZzaHU9MDIzYWU5YzBhNjI5ODU0OWY2NDk2M2NlNDRiODA1MWRlMTBlNWMwYzJiNGUzZGI5ZDYzYTFmZjNkMjU5MjAyM2FiY2QwYzNhZDMzMmJhNzcyNjhlZmZhNDE5NTg1Y2VlYWY4ZTg4MjFkZmQ0OTY5ZWU2OTA1NTRlNmUzMjE4NDc2ODExYjdiZDJjYjI0NWFmZjdkMmFhYjljZDU4MjgxZDlhYmJiZQ%3D%3D&uuid=a6be39a9-4a41-449b-868e-b08aefb28a76%3A3%3A1&pii=true&in=false
0 B URL demiseskill.com/api/users?token=L3lteTFiZGoyNHE_a2V5PTQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0JnBzdD0xNjk1MTgxODAxJnJtdGM9dCZzaHU9MDIzYWU5YzBhNjI5ODU0OWY2NDk2M2NlNDRiODA1MWRlMTBlNWMwYzJiNGUzZGI5ZDYzYTFmZjNkMjU5MjAyM2FiY2QwYzNhZDMzMmJhNzcyNjhlZmZhNDE5NTg1Y2VlYWY4ZTg4MjFkZmQ0OTY5ZWU2OTA1NTRlNmUzMjE4NDc2ODExYjdiZDJjYjI0NWFmZjdkMmFhYjljZDU4MjgxZDlhYmJiZQ%3D%3D&uuid=a6be39a9-4a41-449b-868e-b08aefb28a76%3A3%3A1&pii=true&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectdemiseskill.com
Fingerprint4B:FD:CC:5B:DB:CB:AB:56:9F:53:84:E3:53:71:88:39:25:B4:44:DE
ValidityThu, 07 Sep 2023 06:19:03 GMT - Wed, 06 Dec 2023 06:19:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/users?token=L3lteTFiZGoyNHE_a2V5PTQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0JnBzdD0xNjk1MTgxODAxJnJtdGM9dCZzaHU9MDIzYWU5YzBhNjI5ODU0OWY2NDk2M2NlNDRiODA1MWRlMTBlNWMwYzJiNGUzZGI5ZDYzYTFmZjNkMjU5MjAyM2FiY2QwYzNhZDMzMmJhNzcyNjhlZmZhNDE5NTg1Y2VlYWY4ZTg4MjFkZmQ0OTY5ZWU2OTA1NTRlNmUzMjE4NDc2ODExYjdiZDJjYjI0NWFmZjdkMmFhYjljZDU4MjgxZDlhYmJiZQ%3D%3D&uuid=a6be39a9-4a41-449b-868e-b08aefb28a76%3A3%3A1&pii=true&in=false HTTP/1.1
Host: demiseskill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demiseskill.com/ymy1bdj24q?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=20231345
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Wed, 20 Sep 2023 03:49:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=20231345
Set-Cookie: u_pl=20231345; expires=Thu, 21 Sep 2023 03:49:01 GMT
uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1; expires=Wed, 27 Sep 2023 03:49:01 GMT
pdhtkv=true; expires=Thu, 21 Sep 2023 03:49:01 GMT
uncs=1; expires=Thu, 21 Sep 2023 03:49:01 GMT
pdhtkv28=true; expires=Thu, 21 Sep 2023 03:49:01 GMT
uncs28=1; expires=Thu, 21 Sep 2023 03:49:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d71cb5c832233d4ce35c2cc182ada705
Strict-Transport-Security: max-age=0; includeSubdomains
demiseskill.com/api/users?token=L3lteTFiZGoyNHE_a2V5PTQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0JnBzdD0xNjk1MTgxODAxJnJtdGM9dCZzaHU9YTViNzI3ZDJhODkwNGQ5ODI1ZGUyMGZiMzIyNzdjMzZjNWZlMDQ2MzQ3MTYwZjc5ZjUwYTM4ZjZhZDhiMjgxOWJiNzE5MTNlZDQ3NmY1ODYwNWNiOTUxMjZmZGYyZGUxNmFjOWUyMjFjODc1NTk2MjIyOGQ0NDc1YWYxZjJiZDczMDhjYTZhMzRmNmI2NzkxNGIwZWZlOTlmNDY3MGRhZDA0NGYxMDg2ZTIzYmZkYTNhNzFjY2MyMmUzMTRjNw%3D%3D&uuid=a6be39a9-4a41-449b-868e-b08aefb28a76%3A3%3A1&pii=true&in=false
0 B URL demiseskill.com/api/users?token=L3lteTFiZGoyNHE_a2V5PTQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0JnBzdD0xNjk1MTgxODAxJnJtdGM9dCZzaHU9YTViNzI3ZDJhODkwNGQ5ODI1ZGUyMGZiMzIyNzdjMzZjNWZlMDQ2MzQ3MTYwZjc5ZjUwYTM4ZjZhZDhiMjgxOWJiNzE5MTNlZDQ3NmY1ODYwNWNiOTUxMjZmZGYyZGUxNmFjOWUyMjFjODc1NTk2MjIyOGQ0NDc1YWYxZjJiZDczMDhjYTZhMzRmNmI2NzkxNGIwZWZlOTlmNDY3MGRhZDA0NGYxMDg2ZTIzYmZkYTNhNzFjY2MyMmUzMTRjNw%3D%3D&uuid=a6be39a9-4a41-449b-868e-b08aefb28a76%3A3%3A1&pii=true&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectdemiseskill.com
Fingerprint4B:FD:CC:5B:DB:CB:AB:56:9F:53:84:E3:53:71:88:39:25:B4:44:DE
ValidityThu, 07 Sep 2023 06:19:03 GMT - Wed, 06 Dec 2023 06:19:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/users?token=L3lteTFiZGoyNHE_a2V5PTQ0NjE5NTE3ODJkZDU1ODc2NmY0OTk4OGJiZTQ3MWM0JnBzdD0xNjk1MTgxODAxJnJtdGM9dCZzaHU9YTViNzI3ZDJhODkwNGQ5ODI1ZGUyMGZiMzIyNzdjMzZjNWZlMDQ2MzQ3MTYwZjc5ZjUwYTM4ZjZhZDhiMjgxOWJiNzE5MTNlZDQ3NmY1ODYwNWNiOTUxMjZmZGYyZGUxNmFjOWUyMjFjODc1NTk2MjIyOGQ0NDc1YWYxZjJiZDczMDhjYTZhMzRmNmI2NzkxNGIwZWZlOTlmNDY3MGRhZDA0NGYxMDg2ZTIzYmZkYTNhNzFjY2MyMmUzMTRjNw%3D%3D&uuid=a6be39a9-4a41-449b-868e-b08aefb28a76%3A3%3A1&pii=true&in=false HTTP/1.1
Host: demiseskill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demiseskill.com/ymy1bdj24q?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=20231345
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Wed, 20 Sep 2023 03:49:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=20231345
Set-Cookie: u_pl=20231345; expires=Thu, 21 Sep 2023 03:49:01 GMT
uid_id2=a6be39a9-4a41-449b-868e-b08aefb28a76:3:1; expires=Wed, 27 Sep 2023 03:49:01 GMT
pdhtkv=true; expires=Thu, 21 Sep 2023 03:49:01 GMT
uncs=1; expires=Thu, 21 Sep 2023 03:49:01 GMT
pdhtkv28=true; expires=Thu, 21 Sep 2023 03:49:01 GMT
uncs28=1; expires=Thu, 21 Sep 2023 03:49:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 606df36b317120400e2831b97f7ae595
Strict-Transport-Security: max-age=0; includeSubdomains
vidoza.net/js/footer.static.min.js?v=e3c7d9fd0df850502be3b22ed6f1b215
200 OK 140 kB URL GET HTTP/2 vidoza.net/js/footer.static.min.js?v=e3c7d9fd0df850502be3b22ed6f1b215
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
Size 140 kB (140132 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/footer.static.min.js?v=e3c7d9fd0df850502be3b22ed6f1b215 HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: application/javascript
last-modified: Mon, 31 Jul 2023 10:28:11 GMT
vary: Accept-Encoding
etag: W/"64c78cbb-22364"
expires: Fri, 20 Oct 2023 03:43:01 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiIiLCJsaSI6MX0=&tz=0&if=1&u=aHR0cHM6Ly92aWRvemEubmV0L2VtYmVkLTd2aDd6enp3YnJrYi5odG1s&inc=1
200 OK 400 B URL GET HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiIiLCJsaSI6MX0=&tz=0&if=1&u=aHR0cHM6Ly92aWRvemEubmV0L2VtYmVkLTd2aDd6enp3YnJrYi5odG1s&inc=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
Fingerprint2E:D5:C6:9C:6B:6A:AB:A9:51:C2:F6:26:25:43:3C:E8:C2:75:F9:0B
ValidityTue, 18 Jul 2023 08:00:58 GMT - Mon, 16 Oct 2023 08:00:57 GMT
File type Unicode text, UTF-8 text, with very long lines (433), with no line terminators
Hash 73534f81a2818bc49d0097ab55dde400
bbcb0ff1c92cfb4688bb0aba5a344fcd0493e731
fc46898aef040a83fed11ac9c1558bcd1bf88de49888ee95b68378df4b5c936b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiIiLCJsaSI6MX0=&tz=0&if=1&u=aHR0cHM6Ly92aWRvemEubmV0L2VtYmVkLTd2aDd6enp3YnJrYi5odG1s&inc=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
vv.7vid.net/api/users/59845?host=vidoza.net&ev=210&wh=556&ww=856&uuid=&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521
200 OK 589 B URL GET HTTP/2 vv.7vid.net/api/users/59845?host=vidoza.net&ev=210&wh=556&ww=856&uuid=&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint64:CC:6A:07:24:55:16:B1:A1:1A:A6:1D:C5:70:3D:12:BA:98:31:61
ValidityFri, 25 Aug 2023 12:27:10 GMT - Thu, 23 Nov 2023 12:27:09 GMT
File type ASCII text, with very long lines (665), with no line terminators
Hash dc4b2940752d2b42d0b6659d6b124639
ba256203cee1bf26fb8a049d76dcb112a72d3eb9
15fd51f139e62f2857832681546abce1c79d70774b4e04bb45809f778c44f103
GET /api/users/59845?host=vidoza.net&ev=210&wh=556&ww=856&uuid=&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521 HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Cookie: nauid=YtqfNfRkg1bUfhkUUq8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
vidoza.net/js/jquery.min.js
200 OK 96 kB URL GET HTTP/2 vidoza.net/js/jquery.min.js
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /js/jquery.min.js HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: application/javascript
last-modified: Mon, 31 Jul 2023 10:28:05 GMT
vary: Accept-Encoding
etag: W/"64c78cb5-1762a"
expires: Fri, 20 Oct 2023 03:45:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
302 Found 2.8 kB URL GET HTTP/1.1 xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 20 Sep 2023 03:48:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://www.toromclick.com/feed/click/?t1=128&tid=768&uid=90&subid=592169&id=0baee1a84340a8fcb1b75cb9e1d2b1f5:92bcf1b5736ce992a6949770c7e95230b08f12f4ad9cbea474225af2f008c66d168bc330f4d239529f2374f1f1285264e4e98f647446ff014ba1c35b8d5a963ec2d4eae8ccf377d2088cac4ca7b96812f6d29d9a803e99116a8a6b8779d5781a0ab8e38db8bf144d52994be1d06f579637676c371b70ac66c0ceae1286a8ed29eb6cf74d697db74b4de924f30b053ffcb165297a2795343c78ff20db650459c36ab64839dfbab32e1cd03d6df54ae972c073ef86d232d2bf7fc452719287f02afd436cfa22e51d01a4a09283bfbeda1b0b80e7ee970c1bb4d1fc78acd2dba6f778576f4048ed06032ddbc8eb84b7d80a95eaa08887f68098fc9ab910bf90091577d6af7fc5a62de7058bd99911227dbcc9a89e078c04f7ceb78939fc79cc29b0
Pragma: no-cache
bid.bidclickmedia.com/sub/31pnK5n
200 OK 234 B URL GET HTTP/2 bid.bidclickmedia.com/sub/31pnK5n
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
FingerprintD1:5D:81:3A:5B:E4:F4:78:FD:8B:31:0D:00:37:C9:89:8A:23:35:82
ValidityTue, 08 Aug 2023 16:08:48 GMT - Mon, 06 Nov 2023 16:08:47 GMT
File type HTML document, ASCII text, with no line terminators
Hash f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOK5v2e2kDtnLPwf%2FCMCHNNTOavSNOk3iRDsoaboQkXOWE4uklUQBXYdIlRJJrmvIoGPFdx8BK5O3jXF%2B3m4eDpSRfIg%2Bmjk37MRQUr5hsW1xLt5UvRyLVrh4lip9X88buhwE2omdRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80971882586eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/sm.24.html
200 OK 677 B URL GET HTTP/3 static.addtoany.com/menu/sm.24.html
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:A5:DB:83:09:73:10:48:06:97:65:2A:D9:27:B7:67:2D:7E:9D:6C
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (700), with no line terminators
Hash cfd119cf6bef57fab6c6d11a41f5551a
479462a99e186c36e68e3fc8f12dd795c65d4366
8460305d50a708748c228ecefae928f9392d4e451b89106021434c989eef106b
GET /menu/sm.24.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: text/html; charset=utf-8
via: e3s
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
etag: W/"2a5-5edb40e6d10d8"
cache-control: max-age=315360000, immutable
age: 1885165
vary: Accept-Encoding
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8097187ecd350a1d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
vast.yomeno.xyz/?tcid=16960
200 OK 3.0 kB URL GET HTTP/2 vast.yomeno.xyz/?tcid=16960
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvast.yomeno.xyz
FingerprintA0:E6:73:AA:51:01:53:5D:BB:48:25:4A:91:0F:6D:FF:17:32:02:71
ValidityThu, 27 Jul 2023 03:09:07 GMT - Wed, 25 Oct 2023 03:09:06 GMT
File type ASCII text, with very long lines (2997), with no line terminators
Hash c972eeb5c4c49d91ef9a837214ea0592
a2c068451b71db9f32525e9631ab4017773ab2ea
f1cf3270f71168c581ab27a1fb6ffdbf3d87bf44ef2d22ba44d6aed752dd7c6b
GET /?tcid=16960 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://vidoza.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
i.wmgtr.com/cic/jM3-cBg6FdfQzbNCLprsoWE9X3xuNSno.png
0 B URL GET i.wmgtr.com/cic/jM3-cBg6FdfQzbNCLprsoWE9X3xuNSno.png
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjecti.wmgtr.com
FingerprintD8:69:D2:88:90:5F:B7:96:97:28:36:0A:E4:7F:92:76:A5:85:79:93
ValidityWed, 23 Aug 2023 00:01:47 GMT - Tue, 21 Nov 2023 00:01:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cic/jM3-cBg6FdfQzbNCLprsoWE9X3xuNSno.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Thu, 21 Sep 2023 02:48:59 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=1&u=aHR0cHM6Ly92aWRvemEubmV0L2VtYmVkLTd2aDd6enp3YnJrYi5odG1s
204 No Content 0 B URL GET HTTP/2 xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=1&u=aHR0cHM6Ly92aWRvemEubmV0L2VtYmVkLTd2aDd6enp3YnJrYi5odG1s
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint72:3D:8C:DE:14:53:13:4C:23:00:B1:8D:16:EC:18:3F:17:95:FC:09
ValidityTue, 29 Aug 2023 01:02:29 GMT - Mon, 27 Nov 2023 01:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0MzMzNDAsImQiOiIiLCJsaSI6MX0=&tz=0&if=1&u=aHR0cHM6Ly92aWRvemEubmV0L2VtYmVkLTd2aDd6enp3YnJrYi5odG1s HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:48:57 GMT
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
302 Found 1.4 kB URL GET HTTP/1.1 xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerSectigo Limited
Subject*.zeusadx.com
Fingerprint2C:AF:19:E8:DD:55:43:54:DA:37:15:08:CF:0A:D3:25:10:D3:0B:E2
ValiditySun, 23 Oct 2022 00:00:00 GMT - Mon, 23 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 20 Sep 2023 03:48:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://kpdofa.xyz/dsp/cu/clc?aid=16268044803981460182&t=1695181739&s=1041651&sid=411
Pragma: no-cache
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
302 Found 1.4 kB URL GET HTTP/1.1 xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerSectigo Limited
Subject*.zeusadx.com
Fingerprint2C:AF:19:E8:DD:55:43:54:DA:37:15:08:CF:0A:D3:25:10:D3:0B:E2
ValiditySun, 23 Oct 2022 00:00:00 GMT - Mon, 23 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 20 Sep 2023 03:48:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://kpdofa.xyz/dsp/cu/clc?aid=7270308038621611384&t=1695181739&s=1041651&sid=411
Pragma: no-cache
us.justtoo.net/nty/postback/click?key=v2-1695181739278-4-6681-1270992-930a3d4d-5d6c-c62e-2709-bb54aa4e3220
200 OK 2.8 kB URL GET HTTP/2 us.justtoo.net/nty/postback/click?key=v2-1695181739278-4-6681-1270992-930a3d4d-5d6c-c62e-2709-bb54aa4e3220
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject*.justtoo.net
Fingerprint56:8B:B0:D4:EA:CE:44:95:E6:86:C7:73:A9:03:35:0E:49:CD:91:AB
ValidityThu, 31 Aug 2023 23:05:59 GMT - Wed, 29 Nov 2023 23:05:58 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2927), with no line terminators
Hash e09b96b04014ea485f3f5f2fdb086544
b23e46716059f3a4ecd85e4614914bc2c8e776ab
bebfa96465cfb0b87fb540c742e946feb0e5430cae9e41f5ea0af13c00069041
GET /nty/postback/click?key=v2-1695181739278-4-6681-1270992-930a3d4d-5d6c-c62e-2709-bb54aa4e3220 HTTP/1.1
Host: us.justtoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 20 Sep 2023 03:49:01 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
static.addtoany.com/menu/modules/core.c78901bc.js
200 OK 71 kB URL GET HTTP/3 static.addtoany.com/menu/modules/core.c78901bc.js
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:A5:DB:83:09:73:10:48:06:97:65:2A:D9:27:B7:67:2D:7E:9D:6C
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5bff8a92e2aa9a2b5decead3ffa11ca2
4ce405183cf896c930da9b53455ace837397adcf
05d18955853a018a783dde77bcf072fb4e36df5bffafefb7be0e5e97411ab092
GET /menu/modules/core.c78901bc.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-bgj: minify
access-control-allow-origin: *
etag: W/"1140a-6027af129c545"
last-modified: Wed, 09 Aug 2023 10:28:35 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3604709
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8097187efd4a0a1d-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
pusishegre.com/dmmNFpz.dEGnNGvUZMGAUo/sefmD9UusZBUVlXkqPYTzQN1tOYTqgnzjNXzrQYtmNED/UG5-OZDPMV3BNjQS
200 OK 68 B URL GET HTTP/2 pusishegre.com/dmmNFpz.dEGnNGvUZMGAUo/sefmD9UusZBUVlXkqPYTzQN1tOYTqgnzjNXzrQYtmNED/UG5-OZDPMV3BNjQS
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectpusishegre.com
FingerprintBF:FC:4A:B7:0A:E3:E1:19:D7:50:BF:42:CA:46:8D:B1:4F:9D:4D:80
ValiditySun, 23 Jul 2023 05:37:35 GMT - Sat, 21 Oct 2023 05:37:34 GMT
File type ASCII text, with no line terminators
Hash c094782391d18d2a0a285b6de6c2a9ed
33df3d5a8d139b7795330e623b5f0439f96c3134
1390f8e4f4ee7778ee9a80654d7100671039c6604e3d090a15d178bc1f3a9b75
GET /dmmNFpz.dEGnNGvUZMGAUo/sefmD9UusZBUVlXkqPYTzQN1tOYTqgnzjNXzrQYtmNED/UG5-OZDPMV3BNjQS HTTP/1.1
Host: pusishegre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/xml
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-origin: https://vidoza.net
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
vv.7vid.net/api/users/246356?host=vidoza.net&ev=210&wh=556&ww=856&uuid=&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521
200 OK 852 B URL GET HTTP/2 vv.7vid.net/api/users/246356?host=vidoza.net&ev=210&wh=556&ww=856&uuid=&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint64:CC:6A:07:24:55:16:B1:A1:1A:A6:1D:C5:70:3D:12:BA:98:31:61
ValidityFri, 25 Aug 2023 12:27:10 GMT - Thu, 23 Nov 2023 12:27:09 GMT
File type ASCII text, with very long lines (904), with no line terminators
Hash 62112f4eec108fc7824e31ab3a705dfd
094937c90f3adba6339bd23a75781c80312a55f3
9e4df0578ce1903965bc237e9ee8e51c033959ea0d06dd64132988c0faadc504
GET /api/users/246356?host=vidoza.net&ev=210&wh=556&ww=856&uuid=&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521 HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Cookie: nauid=YtqfNfRkg1bUfhkUUq8d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
vidoza.net/css/videojs.5.min.css?v=e3c7d9fd0df850502be3b22ed6f1b215
200 OK 170 kB URL GET HTTP/2 vidoza.net/css/videojs.5.min.css?v=e3c7d9fd0df850502be3b22ed6f1b215
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type ASCII text, with very long lines (50421)
Size 170 kB (169541 bytes)
Hash bf9af199b5ef61988f82fa239ebf61da
d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc
e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
GET /css/videojs.5.min.css?v=e3c7d9fd0df850502be3b22ed6f1b215 HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: text/css
last-modified: Mon, 31 Jul 2023 10:28:05 GMT
vary: Accept-Encoding
etag: W/"64c78cb5-29645"
expires: Fri, 20 Oct 2023 03:45:25 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
colegialacasero.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1¤t_page_type=post¤t_page_id=9154&search_query&page_uri=L2NoaWJvbGEtbGUtZ3VzdGEtc2Fib3JlYXItbGEtdmVyZ2EtZGUtc3UtYW1pZ28v&referred=&_=1695181735308
200 OK 89 B URL GET HTTP/2 colegialacasero.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1¤t_page_type=post¤t_page_id=9154&search_query&page_uri=L2NoaWJvbGEtbGUtZ3VzdGEtc2Fib3JlYXItbGEtdmVyZ2EtZGUtc3UtYW1pZ28v&referred=&_=1695181735308
IP
Requested by https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
Fingerprint36:32:AE:D2:F3:3D:C2:9A:F7:31:82:54:51:E2:23:D4:74:E3:F2:00
ValidityTue, 08 Aug 2023 06:10:53 GMT - Mon, 06 Nov 2023 06:10:52 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash b3a747591fa6d0a9726a9035a65c539b
76ea7b30b9975994d516803cfbff7497832bbadc
8be9f8641a1f9093f445d67a756256e10d6b89483355dac6438da4b900b995da
GET /wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1¤t_page_type=post¤t_page_id=9154&search_query&page_uri=L2NoaWJvbGEtbGUtZ3VzdGEtc2Fib3JlYXItbGEtdmVyZ2EtZGUtc3UtYW1pZ28v&referred=&_=1695181735308 HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/chibola-le-gusta-saborear-la-verga-de-su-amigo/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:49:01 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.4.29
x-robots-tag: noindex
link: <https://colegialacasero.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cache-control: no-cache
allow: GET
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
prhzxq.com/wnrw?aid=9451186308093986317&a=1
200 OK 0 B URL GET HTTP/2 prhzxq.com/wnrw?aid=9451186308093986317&a=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectprhzxq.com
Fingerprint2E:D5:C6:9C:6B:6A:AB:A9:51:C2:F6:26:25:43:3C:E8:C2:75:F9:0B
ValidityTue, 18 Jul 2023 08:00:58 GMT - Mon, 16 Oct 2023 08:00:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wnrw?aid=9451186308093986317&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:48:58 GMT
content-length: 0
access-control-allow-origin: https://vidoza.net
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/3 friendshipmale.com/sfp.js
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 20 Sep 2023 03:48:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 10e54e18c6f176ebe29ab7f6937e257f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 20 Sep 2023 03:48:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=am5Ef5BRD6Bj3%2BSqy2imWZ8iAMbkafuOjgByX1VL8RTMS5KvQLYELmYrdprt6%2B18Tfh9n%2Fu619vv%2FYmOIyfpOGGd%2BsF5CEpt5T9ladDhlxZkCtx0%2BgQ1CdU8jS9vdr3C9ZNepVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 809718892cfc24da-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
vidoza.net/js/static.min.js?v=e3c7d9fd0df850502be3b22ed6f1b215
200 OK 159 kB URL GET HTTP/2 vidoza.net/js/static.min.js?v=e3c7d9fd0df850502be3b22ed6f1b215
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintAE:67:99:8B:FD:6F:18:E4:2D:D2:D3:43:A5:A3:2A:28:9F:2C:53:33
ValidityThu, 24 Aug 2023 00:22:18 GMT - Wed, 22 Nov 2023 00:22:17 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 159 kB (158902 bytes)
Hash 7c33538390b466ae717449d729bb32ea
49ea1eb1dc06467f516eae28e09863a23b244a31
a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
GET /js/static.min.js?v=e3c7d9fd0df850502be3b22ed6f1b215 HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/embed-7vh7zzzwbrkb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: application/javascript
last-modified: Mon, 31 Jul 2023 10:28:05 GMT
vary: Accept-Encoding
etag: W/"64c78cb5-26cb6"
expires: Fri, 20 Oct 2023 03:45:23 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
www.toromclick.com/feed/click/?t1=128&tid=768&uid=90&subid=592169&id=0baee1a84340a8fcb1b75cb9e1d2b1f5:92bcf1b5736ce992a6949770c7e95230b08f12f4ad9cbea474225af2f008c66d168bc330f4d239529f2374f1f1285264e4e98f647446ff014ba1c35b8d5a963ec2d4eae8ccf377d2088cac4ca7b96812f6d29d9a803e99116a8a6b8779d5781a0ab8e38db8bf144d52994be1d06f579637676c371b70ac66c0ceae1286a8ed29eb6cf74d697db74b4de924f30b053ffcb165297a2795343c78ff20db650459c36ab64839dfbab32e1cd03d6df54ae972c073ef86d232d2bf7fc452719287f02afd436cfa22e51d01a4a09283bfbeda1b0b80e7ee970c1bb4d1fc78acd2dba6f778576f4048ed06032ddbc8eb84b7d80a95eaa08887f68098fc9ab910bf90091577d6af7fc5a62de7058bd99911227dbcc9a89e078c04f7ceb78939fc79cc29b0
302 Found 2.8 kB URL GET HTTP/1.1 www.toromclick.com/feed/click/?t1=128&tid=768&uid=90&subid=592169&id=0baee1a84340a8fcb1b75cb9e1d2b1f5:92bcf1b5736ce992a6949770c7e95230b08f12f4ad9cbea474225af2f008c66d168bc330f4d239529f2374f1f1285264e4e98f647446ff014ba1c35b8d5a963ec2d4eae8ccf377d2088cac4ca7b96812f6d29d9a803e99116a8a6b8779d5781a0ab8e38db8bf144d52994be1d06f579637676c371b70ac66c0ceae1286a8ed29eb6cf74d697db74b4de924f30b053ffcb165297a2795343c78ff20db650459c36ab64839dfbab32e1cd03d6df54ae972c073ef86d232d2bf7fc452719287f02afd436cfa22e51d01a4a09283bfbeda1b0b80e7ee970c1bb4d1fc78acd2dba6f778576f4048ed06032ddbc8eb84b7d80a95eaa08887f68098fc9ab910bf90091577d6af7fc5a62de7058bd99911227dbcc9a89e078c04f7ceb78939fc79cc29b0
IP
ASN #14061 DIGITALOCEAN-ASN
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectwww.toromclick.com
FingerprintEF:36:78:0D:4B:A5:61:20:37:42:DF:2B:69:4A:BA:3C:9C:70:E1:FB
ValidityWed, 02 Aug 2023 05:45:37 GMT - Tue, 31 Oct 2023 05:45:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feed/click/?t1=128&tid=768&uid=90&subid=592169&id=0baee1a84340a8fcb1b75cb9e1d2b1f5:92bcf1b5736ce992a6949770c7e95230b08f12f4ad9cbea474225af2f008c66d168bc330f4d239529f2374f1f1285264e4e98f647446ff014ba1c35b8d5a963ec2d4eae8ccf377d2088cac4ca7b96812f6d29d9a803e99116a8a6b8779d5781a0ab8e38db8bf144d52994be1d06f579637676c371b70ac66c0ceae1286a8ed29eb6cf74d697db74b4de924f30b053ffcb165297a2795343c78ff20db650459c36ab64839dfbab32e1cd03d6df54ae972c073ef86d232d2bf7fc452719287f02afd436cfa22e51d01a4a09283bfbeda1b0b80e7ee970c1bb4d1fc78acd2dba6f778576f4048ed06032ddbc8eb84b7d80a95eaa08887f68098fc9ab910bf90091577d6af7fc5a62de7058bd99911227dbcc9a89e078c04f7ceb78939fc79cc29b0 HTTP/1.1
Host: www.toromclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Expires: 0
Location: https://xml.flairadscpc.com/click?i=9FrmAUPRPLY_0
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 142
Date: Wed, 20 Sep 2023 03:49:00 GMT
Connection: keep-alive
Keep-Alive: timeout=5
static.addtoany.com/menu/page.js
200 OK 3.1 kB URL GET HTTP/2 static.addtoany.com/menu/page.js
IP
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint20:A5:DB:83:09:73:10:48:06:97:65:2A:D9:27:B7:67:2D:7E:9D:6C
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3218), with no line terminators
Hash 1951ca33daed8c7a3876863c07acf12b
f1f089cb2edb78d7cfaee1f45fccdcdfaed59ed9
59922c8dc07001f190cc592b1d81db6c3e1fedb394db2426cee71050ea780c30
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 20 Sep 2023 03:48:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
etag: W/"c09-6027af130ca25"
last-modified: Wed, 09 Aug 2023 10:28:36 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 148760
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80971878eab009a4-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vv.7vid.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=%25subid1%25&s2=%25subid2%25&i=1
200 OK 67 B URL GET HTTP/2 vv.7vid.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=%25subid1%25&s2=%25subid2%25&i=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint64:CC:6A:07:24:55:16:B1:A1:1A:A6:1D:C5:70:3D:12:BA:98:31:61
ValidityFri, 25 Aug 2023 12:27:10 GMT - Thu, 23 Nov 2023 12:27:09 GMT
File type XML document, ASCII text, with no line terminators
Hash c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=%25subid1%25&s2=%25subid2%25&i=1 HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Cookie: nauid=YtqfNfRkg1bUfhkUUq8d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://vidoza.net
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
vv.7vid.net/api/spots/96846?p=1&s1=%subid1%&kw=
200 OK 94 B URL GET HTTP/2 vv.7vid.net/api/spots/96846?p=1&s1=%subid1%&kw=
IP
ASN #24940 Hetzner Online GmbH
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint64:CC:6A:07:24:55:16:B1:A1:1A:A6:1D:C5:70:3D:12:BA:98:31:61
ValidityFri, 25 Aug 2023 12:27:10 GMT - Thu, 23 Nov 2023 12:27:09 GMT
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash c118b24869f85e4f08ea9cef3bde4492
7a7f0b87ac0967b24b246f54e649e640bd7d6c45
976c66117f2dcd0d138138f1cb8bb49aba832c76cf821cae5321e0217b92367d
GET /api/spots/96846?p=1&s1=%subid1%&kw= HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidoza.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 20 Sep 2023 03:48:56 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=YtqfNfRkg1bUfhkUUq8d; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
xngqoc.com/admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=37396b568500723acebf9a99ac43aeca&f=8&tz=0
200 OK 0 B URL GET HTTP/2 xngqoc.com/admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=37396b568500723acebf9a99ac43aeca&f=8&tz=0
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://vidoza.net/embed-7vh7zzzwbrkb.html
Certificate IssuerLet's Encrypt
Subjectxngqoc.com
Fingerprint72:3D:8C:DE:14:53:13:4C:23:00:B1:8D:16:EC:18:3F:17:95:FC:09
ValidityTue, 29 Aug 2023 01:02:29 GMT - Mon, 27 Nov 2023 01:02:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=37396b568500723acebf9a99ac43aeca&f=8&tz=0 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidoza.net/
Origin: https://vidoza.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 20 Sep 2023 03:48:58 GMT
content-length: 0
access-control-allow-origin: https://vidoza.net
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
77.73.70.171
185.162.85.4
104.18.11.207
192.243.59.20
52.58.179.111
109.200.209.143
95.216.206.230
93.93.51.191
188.114.97.1
0.0.0.0