Report - vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false

Report Overview

Visited public
2025-04-06 23:55:14
Tags
URL
vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Finishing URL
vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
IP / ASN
104.21.45.240
#13335 CLOUDFLARENET
Title
vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
vidfast.pro	unknown	unknown	No data	No data	8.2 kB	2.9 MB	104.21.45.240
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-02	432 B	374 kB	142.250.74.136
wsrv.nl	unknown	2011-01-20	2021-12-09	2025-04-04	508 B	12 kB	188.114.96.1
image.tmdb.org	17757	2009-09-15	2021-01-09	2025-04-01	464 B	317 kB	169.150.247.40
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-04-02	500 B	20 kB	104.16.80.73
www.cdn4ads.com	105393	2020-04-18	2020-04-19	2025-04-01	444 B	38 kB	95.173.205.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	1.0 kB	2023-05-20	2025-06-20
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 19:28 Last Seen2025-06-20 03:47 Times Seen619 Hash 7bca0babc086467e20722ef6b9860936 e2cc6aead68396bce89ff2a28104866e0d0b72da 09042e176523e1d3eee9044fbf91745a221f804b00827517eafb417387a0b61e Loading...

	vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-06 23:55 Times Seen2 Hash 3f94bb6b712d62bacc6f644f2b829de7 28fe14059f300c3f8610134447165cf142fc17e1 a07b1f56a1f121a9ce1e979dcbe0f1c07971149bd91ca9d44046bdefe7aafbd1 Loading...

	vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js	ScriptElement	3.5 kB	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash 9ca1ebe798464be9dd3573095fb02576 1c69ab091d8ef7ee451df69ff8b1e19b481852fb 88620bcbfc5c2957cc8783dd39c235090bfd45196d0f375e16cf91442da29109 Loading...

	vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js	ScriptElement	507 B	2025-04-06	2025-06-08
Pretty URL vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-06-08 23:52 Times Seen8 Hash e06f301d355f493514eea80cc6726d3d cb1755858456b4c9d6370ec94e9df8fb8dd0ad73 f0455d401f499dac227a2d5e148a1fa830d71033add85218f1cedb3761dbe57a Loading...

	vidfast.pro/_next/static/chunks/633-d9bb244a396562f8.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/633-d9bb244a396562f8.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:55 Last Seen2025-04-06 23:55 Times Seen1 Hash f1c1c2095d5a5ba97fff81f210629111 39fa99a6ade2497e25447e4aed1cec3a704fd667 3c3edaf29783484dac75aeb241a66781c8c3e193877e89d1380744fec876b41f Loading...

	vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-06 23:55 Times Seen2 Hash baea0c45908c0483145acd320be025a5 64d54db2b55d56b3d4c382b2f934616919414747 c5f9109587f8201074dc866d4dfabcbe5adeb2e022cdeaf34d0f6193b29d047a Loading...

	vidfast.pro/_next/static/chunks/aaea2bcf-20557530bb6d62be.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/aaea2bcf-20557530bb6d62be.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:55 Last Seen2025-04-06 23:55 Times Seen1 Hash 788cf416e67c5d308f68cf7160e5b374 1d74d9e44f6047b5c36d9f3d64c39c8515e19083 80c09c6b4ee82d2704b0cbbdbab76ec035de0394e708af808f5e40d221639ab5 Loading...

	vidfast.pro/_next/static/chunks/493-15ee833434071b60.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/493-15ee833434071b60.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-06 23:55 Times Seen2 Hash 4a1004c7e19c36b54fc67f9c99e87819 ee7ab137be5054f119770dadfe384f50579d1ddf 1f937c1c8a7bf2fa1d46920e60c34a9589fd934765caf07b1bd36f037fe8eccf Loading...

	vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js	ScriptElement	1.7 kB	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash 0018380946d8bb809307ece63031a672 0265c6d6897f2535ed09ca6a3c87eb167d29f4db f0deec7b7666325e0019b044f3e605f544cd75d7195212914d5060173c0abb7a Loading...

	vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js	ScriptElement	154 B	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js IP 104.21.45.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash c9d89442bba6a352dc4eb50b54ba8e1e 70df7967df738b0769e59ede04983613af49fb2f e8f7d13ccfcbe708430536285ad8284badb1a7fa3100ef91e8e73f9c8bead06b Loading...

HTTP Transactions (21)

URL IP Response Size

GET vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js

104.21.45.240

200 OK

1.7 kB

URL GET
vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (1701), with no line terminators
Size
1.7 kB (1701 bytes)
Hash
0018380946d8bb809307ece63031a672
0265c6d6897f2535ed09ca6a3c87eb167d29f4db
f0deec7b7666325e0019b044f3e605f544cd75d7195212914d5060173c0abb7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/layout-d744ef52078dcaf8.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UQEUB3PypXDUWjuZUOeHxsWV%2Fp7tvvc9xwO3PrhtYp9xggbajaa4r6tATawkdo3TwrYcKBFAlyzdKx4uuenIND5I8IRHTGHdUkG4QoGg1hOHt3so%2BTT%2BQyeFEvmGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"6a5-1960c87774e"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12062
cf-ray: 92c5367b1d371c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=362&x=16"

GET www.googletagmanager.com/gtag/js?id=G-JMWN78FZNK

142.250.74.136

200 OK

373 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-JMWN78FZNK
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
373 kB (372908 bytes)
Hash
8d419331e8bc36bb6525f332d4c66957
7ed601cfb25413b2e98e68acdf0fb71eca7c002c
ba28c8d1e5b2b7012ac163c2d42a57acf4cd51785bc01784644cdb653f9ad8ab

HTTP Headers

GET /gtag/js?id=G-JMWN78FZNK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Apr 2025 23:54:52 GMT
expires: Sun, 06 Apr 2025 23:54:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 124409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET vidfast.pro/_next/static/css/6ddd6eb8f4a6994e.css

104.21.45.240

200 OK

3.8 kB

URL GET
vidfast.pro/_next/static/css/6ddd6eb8f4a6994e.css
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
ASCII text, with very long lines (3780), with no line terminators
Size
3.8 kB (3780 bytes)
Hash
a828a022452b7c629cdd5a3505875edc
ec66be58e9caa2f8d256410e98d410c0dd7c5fa7
6209eaf576dda9c2dd78807d83684b62a1417942fe96f1788f5c490464591014

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/6ddd6eb8f4a6994e.css HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EX%2Fc62ge9qs4KIq3zsxJGtz3f5XryrLtcJVRxcyHq6DZVDBX5S7XGNJyL7w65YyWb0r4lE2zXF%2FOL%2FhwV524MNhZzj9ePpYu8XdnKfRfxmR3jELhPAbor8Hh7C6Zjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"ec4-1960c877755"
vary: Accept-Encoding
content-encoding: gzip
age: 12061
cf-cache-status: HIT
cf-ray: 92c5367b0d2f1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=372&x=16"

GET wsrv.nl/?url=https://image.tmdb.org/t/p/w500/vlg654HjwNc1J8bmjBtmRxgLs36.jpg&bg=black&blur=3&tint=black

188.114.96.1

200 OK

11 kB

URL GET
wsrv.nl/?url=https://image.tmdb.org/t/p/w500/vlg654HjwNc1J8bmjBtmRxgLs36.jpg&bg=black&blur=3&tint=black
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectwsrv.nl
Fingerprint4C:A0:DD:D8:66:38:A6:6E:DB:B0:95:4B:42:41:FF:36:BB:94:40:17
ValiditySun, 09 Feb 2025 22:40:01 GMT - Sat, 10 May 2025 23:38:44 GMT

File type
JPEG image data, baseline, precision 8, 500x281, components 3
Size
11 kB (10928 bytes)
Hash
1a5bacdee99ee5a2cfd2258440e3f546
21890c6f3051996db7f89b9a23361f4c62a98b49
f1dbc0e01aa9c3c08ba98f522cdea66c9dcdbc1edec0ae69a781bff39a43e49c

HTTP Headers

GET /?url=https://image.tmdb.org/t/p/w500/vlg654HjwNc1J8bmjBtmRxgLs36.jpg&bg=black&blur=3&tint=black HTTP/1.1
Host: wsrv.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: image/jpeg
content-length: 10928
server: cloudflare
content-disposition: inline; filename=image.jpg
link: <https://image.tmdb.org/t/p/w500/vlg654HjwNc1J8bmjBtmRxgLs36.jpg>; rel="canonical"
expires: Sat, 04 Apr 2026 22:08:42 GMT
cache-control: public, max-age=31536000
x-upstream-response-length: 18532
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
timing-allow-origin: *
x-images-api: 5
x-cache-status: MISS
last-modified: Fri, 04 Apr 2025 22:08:42 GMT
age: 148599
cf-cache-status: HIT
cf-ray: 92c5367bd91ab518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET vidfast.pro/_next/static/chunks/493-15ee833434071b60.js

104.21.45.240

200 OK

173 kB

URL GET
vidfast.pro/_next/static/chunks/493-15ee833434071b60.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
173 kB (172561 bytes)
Hash
7bae7e6fbd7c3f89856b862830c9736e
461251d062186fbda834eba22c587c121cb58e5a
6005dcb2f3b76afe98083f47f5ad59c0bf31c222bfee25916d4c0b0dcebe31ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/493-15ee833434071b60.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9lnFQzDCQkMbnakqcBfnLed%2FqEw9J1%2B1JpzSsG69AWNmVZZyJO4F%2FpIKx6aQREaoqzQClLT9nq1fLrX9xOe35onqz50VwogO%2BJuTZ0iz3Kg8uxqazrEAQVS0OcV%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"2a211-1960c8f88fc"
vary: Accept-Encoding
content-encoding: gzip
age: 12061
cf-cache-status: HIT
cf-ray: 92c5367b1d341c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=357&x=16"

GET vidfast.pro/_next/static/chunks/633-d9bb244a396562f8.js

104.21.45.240

200 OK

289 kB

URL GET
vidfast.pro/_next/static/chunks/633-d9bb244a396562f8.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators
Size
289 kB (289339 bytes)
Hash
04d8ed448d0f59e5a2c73ee321b5d234
3bdf9f3fb45e8f9083d629c9796a15a435ee729f
f0b973eeafcfebec3bf96b71aae791619e52d52a0e42f204bd47b07ae600e613

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/633-d9bb244a396562f8.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMmoJTf%2FW25iCOVVMQ2gDYlO1pE2HSlkXr0IDVe%2BPcSsjOCk7KUabkaytSNtlR%2FVx%2F0YIcYnsYMymdy8ZcoDGXAc283x6QdFShweVvym6r6xQ9dshJUmPLqKqOsPkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"46a3b-1960c877752"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12062
cf-ray: 92c5367b1d381c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=363&x=16"

GET vidfast.pro/_next/static/media/a34f9d1faa5f3315-s.p.woff2

104.21.45.240

200 OK

49 kB

URL GET
vidfast.pro/_next/static/media/a34f9d1faa5f3315-s.p.woff2
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48556, version 1.0
Size
49 kB (48556 bytes)
Hash
d4fe31e6a2aebc06b8d6e558c9141119
bcdc4f0b431d4c8065a83bb736c56ff6494d0091
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/a34f9d1faa5f3315-s.p.woff2 HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: font/woff2
content-length: 48556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bd4aefGxyob7Cijsb6NW0q%2FEoi%2BGPYn18tu7ZXj5hjHTbK6n%2FBaDycycQciRiqWjcxywnB2%2Bj%2BfLPV3vi0MQH%2Bz4ZS1FM3qdc0beLpryzYibGJWOip%2B8ytv2PhkfxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"bdac-1960c8f88f9"
age: 12061
cf-cache-status: HIT
cf-ray: 92c5367d2d421c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=693&x=16"

GET image.tmdb.org/t/p/original/vlg654HjwNc1J8bmjBtmRxgLs36.jpg

169.150.247.40

200 OK

316 kB

URL GET
image.tmdb.org/t/p/original/vlg654HjwNc1J8bmjBtmRxgLs36.jpg
IP
169.150.247.40:443
ASN
#60068 Datacamp Limited

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint10:6F:2B:AC:40:A0:C6:7E:52:63:8A:A2:D9:53:8B:14:CC:B5:C4:87
ValidityMon, 31 Mar 2025 16:12:43 GMT - Sun, 29 Jun 2025 16:12:42 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 3840x2160, Scaling: [none]x[none], YUV color, decoders should clamp
Size
316 kB (315986 bytes)
Hash
7c5b31eafb90b656663373ba3e4c7d5a
f17abcece0b19c7f686e0232574a6ca015c1a9f6
32720afab9af7e28ca764cdbe026e4e958971ac2a247cdba50490d3f977b3bf7

HTTP Headers

GET /t/p/original/vlg654HjwNc1J8bmjBtmRxgLs36.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: image/webp
content-length: 315986
server: BunnyCDN-DE1-1075
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 02 Apr 2025 05:50:02 GMT
perma-cache: MISS
x-bo-server: LA-295
x-downloadsize: 409491
x-bo-origindownloadtime: 650
x-bo-compressionratio: 22.83%
x-bo-processingtime: 398
x-bo-version: 1.0.26
cdn-proxyver: 1.22
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/02/2025 05:50:03
cdn-edgestorageid: 863
cdn-requestid: 7e30de65ab6fe24404da20fc07b8bb62
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
X-Firefox-Spdy: h2

GET vidfast.pro/_next/static/chunks/214-c428fea6c42f9e18.js

104.21.45.240

200 OK

1.4 MB

URL GET
vidfast.pro/_next/static/chunks/214-c428fea6c42f9e18.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.4 MB (1449459 bytes)
Hash
31037092fac5aa2f631ccf9a5e6df20b
ba24146432adacdf66a4300abf69825ca7d2a7c5
280b2b7777cd23f8a9383dcee19022852ef995378e68248ceabee0eb358f3055

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/214-c428fea6c42f9e18.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gPepo4w6QwqnjCScWoK9Itab9pE674SLuCsrB%2BNA%2F24SlupUZodECPG3N2ovHP%2BmOH9hsDdSzfWUzxQlr%2BMB%2F%2BqnYk54qj7skVAmYM710wN%2B4IFJ5DrAWH2GQ4zWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"161df3-1960c877752"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12494
cf-ray: 92c5367b2d3a1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=366&x=16"

GET vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js

104.21.45.240

200 OK

15 kB

URL GET
vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (14626), with no line terminators
Size
15 kB (14626 bytes)
Hash
cace43b02db9130b96e656ed449640a8
614cb446d78f8718babcc361311dc54ee37daf0a
678e185eb49b68774b4ee30cb44eb2399584a54f11005683ac436607af65753a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/687-171a5bc7e13c045f.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UF3JNq%2BGFVp2ZQNgnjiAsf7nCK5USiI1anMy6Hi9ogoeBxK2v9ysrlEMHf8sfpuRmlITQRepWRh7QAVCZcyZj2AA7PbDMVN4QcNSKzhC3%2BGkCWpEEdm5Le%2FXdDVHoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"3922-1960c877752"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12062
cf-ray: 92c5367b1d361c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=365&x=16"

GET vidfast.pro/_next/static/chunks/aaea2bcf-20557530bb6d62be.js

104.21.45.240

200 OK

326 kB

URL GET
vidfast.pro/_next/static/chunks/aaea2bcf-20557530bb6d62be.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
326 kB (325557 bytes)
Hash
07b2d3b6aacd9ed1864e3c4e11a677fe
3e6bb5a6c2b827ab62ba6e83acbb8dc3af5e9498
f3a9fb141323e73b2cb98d21fc3e55c129d451cccbe3c0dc4d1e51e29e817045

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/aaea2bcf-20557530bb6d62be.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDnKJ%2B7qE8VNCJfkYGbyKbeZWRhw8D0bMOzl2cCVnmcP0OqbMBFu0ZA6yKAg5A%2FNAiOyQSgk2R%2BuoJUQbhLQwKMnz2ckpSlYRPXJrvQ7g%2FGPMcx0PrEZuL6noMIfig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"4f7b5-1960c877751"
vary: Accept-Encoding
content-encoding: gzip
age: 12061
cf-cache-status: HIT
cf-ray: 92c5367b1d391c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=365&x=16"

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.80.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintAD:90:D1:30:C9:77:BF:DE:1F:AB:8C:0D:6E:67:CB:6A:E8:42:DB:18
ValidityThu, 27 Feb 2025 14:42:34 GMT - Wed, 28 May 2025 15:42:17 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidfast.pro
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 92c5367bddb2b4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.cdn4ads.com/paphrodite.min.css

95.173.205.15

200 OK

37 kB

URL GET
www.cdn4ads.com/paphrodite.min.css
IP
95.173.205.15:443
ASN
#60068 Datacamp Limited

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerLet's Encrypt
Subject1037973644.rsc.cdn77.org
Fingerprint5C:85:F4:84:08:0D:0B:B6:1F:1F:E1:40:3C:BC:41:40:DF:A2:DB:2B
ValidityTue, 04 Feb 2025 22:53:04 GMT - Mon, 05 May 2025 22:53:03 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37166 bytes)
Hash
b1c96d1c28997b39bb6bec846ee681d1
a550609d020cead11991424108320ce85884153f
c6b64395fd112438ae9e163fd4ef4f69710ef6fcb945ead86b279000f778832f

HTTP Headers

GET /paphrodite.min.css HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidfast.pro
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/x-javascript
popads-node: wb8
expires: Wed, 09 Apr 2025 18:25:28 GMT
access-control-allow-origin: https://vidfast.pro
link: <https://cdn4ads.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQH3w5IFAAwBuUwKCQH3VQAAAAwBnJIhJwG3HAAAAA
x-77-nzt-ray: 2a494a15ce2587137114f3672162ca17
x-77-cache: HIT
x-77-age: 365251
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

GET vidfast.pro/_next/static/css/6174c9845b5853d2.css

104.21.45.240

200 OK

2.1 kB

URL GET
vidfast.pro/_next/static/css/6174c9845b5853d2.css
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
ASCII text, with very long lines (2069), with no line terminators
Size
2.1 kB (2069 bytes)
Hash
a2fc44dceea1dbf5410623a26f64eee9
3f7b8092872eadf9ea43ae820df04ce787fcade5
49443191e17109742358806549100520d6fe2f0166f5ae846602345f7f4fec81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/6174c9845b5853d2.css HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: text/css; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pa7MxAcU4wHSILap7fhHBcHf8p5W%2Fy%2Ff2LJOJz%2B9TosSvaaasSE5KBHV2%2Fx%2BO0MawdWDrArbOAsDzHs4XQdYUg4kfki5va9acsQREyiwuvfll9rl6FAWkohPF5P25A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"815-1960c8f88ff"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12062
cf-ray: 92c5367b0d311c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=357&x=16"

GET vidfast.pro/_next/static/media/a34f9d1faa5f3315-s.p.woff2

104.21.45.240

200 OK

49 kB

URL GET
vidfast.pro/_next/static/media/a34f9d1faa5f3315-s.p.woff2
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48556, version 1.0
Size
49 kB (48556 bytes)
Hash
d4fe31e6a2aebc06b8d6e558c9141119
bcdc4f0b431d4c8065a83bb736c56ff6494d0091
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/a34f9d1faa5f3315-s.p.woff2 HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: font/woff2
content-length: 48556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5Q4Q%2FOLncKFSYKLSgzUvShA7xKU2PcZDmJRn8tboIzuDT6tBPXbfd9o1aC4JlVmP%2B622XeApcUZTGHyqGYgcbzJiBVZ6ptGKOtJjXQvgMCGfeyL%2Bg55ZYxb%2B9knAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"bdac-1960c8f88f9"
age: 12061
cf-cache-status: HIT
cf-ray: 92c5367b0d301c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=357&x=16"

GET vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js

104.21.45.240

200 OK

3.5 kB

URL GET
vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3547), with no line terminators
Size
3.5 kB (3547 bytes)
Hash
9ca1ebe798464be9dd3573095fb02576
1c69ab091d8ef7ee451df69ff8b1e19b481852fb
88620bcbfc5c2957cc8783dd39c235090bfd45196d0f375e16cf91442da29109

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-833550a514665e2e.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HyAuTtxdcayXFl1CaTGgykvvVPLtGmBhrAcH9EvzILZE%2B0XVdRbl4WhQptYLrpQuXdojBSQjJeRqegteUdbHIsggvzvYDOorV%2B84kQ1cg4gStAH2vqNmLxsXX%2F9iLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"ddb-1960c877751"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12062
cf-ray: 92c5367b1d331c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=357&x=16"

GET vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js

104.21.45.240

200 OK

154 B

URL GET
vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
c9d89442bba6a352dc4eb50b54ba8e1e
70df7967df738b0769e59ede04983613af49fb2f
e8f7d13ccfcbe708430536285ad8284badb1a7fa3100ef91e8e73f9c8bead06b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSxcHZLjNUN5rESYlY33KZVjzTZ0W0EAYK266%2FBCzJfwtu21OZ8CrB5J0dbKc%2FE7lFSrJ%2BuTFgKRGhkhre2INAIIEJXyoiBMtfhBTLnBexa3I561jaqlIGNmGMaqPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"9a-1960c8f88fe"
vary: Accept-Encoding
age: 11984
cf-cache-status: HIT
content-encoding: br
cf-ray: 92c5367b2d3b1c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=369&x=16"

GET vidfast.pro/favicon.ico

104.21.45.240

200 OK

294 kB

URL GET
vidfast.pro/favicon.ico
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
294 kB (293990 bytes)
Hash
b8b4f7270b3e911edbf763c600a8f4ff
5e11e25003de1d88b0f8674264fedfb9c45d22cb
09d205701120ba861e0d4d377134e9813cfe0b65976bea436d66c491f286b8ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yo7WD%2BjDvVEgE5uVTOrWaBrTWjWaaeeJs3BX%2FFXjvJI4wxLxC6ETgEPSLKsk4sLqQqYZrfMqtThRlyzyGjEEO5JGsg4HoaMoXTCFjCxsVV%2Fmd%2BtyMQcqwsl4PT5y8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
last-modified: Mon, 31 Mar 2025 15:16:52 GMT
etag: W/"47c66-195ecc6e649"
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 92c5367e3d461c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=956&x=16"

GET vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false

104.21.45.240

200 OK

47 kB

URL User Request GET
vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
HTML document, ASCII text, with very long lines (38069)
Size
47 kB (47133 bytes)
Hash
6d8eb05ce35edf1643681c3781b7b19d
6febe93ce3f188d4c496ea5ba0987cb3c3689e0f
d0572144bee9012d5828a17d0b6b4cdb49970859139f7781a4cd800b19fc01c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:54:51 GMT
content-type: text/html; charset=utf-8
content-encoding: br
cf-ray: 92c536782b5cb50c-OSL
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding
link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/css/6ddd6eb8f4a6994e.css>; rel=preload; as="style", </_next/static/css/6174c9845b5853d2.css>; rel=preload; as="style"
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usOLqQaHtRI54P3oMC3uO50rWXmRc%2BOi7YtcTWNvycp7J8FQOZg3Hqpr6UQVnWL8XayUTuWLrLIBTX5SibOqyHaqm1gp92D0xOe481UCNtPnXxNAGV7mDSvI%2BvGM%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=6448&min_rtt=453&rtt_var=11991&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3196&recv_bytes=1165&delivery_rate=7215946&cwnd=254&unsent_bytes=0&cid=6b47d31d8a712893&ts=137&x=0"
X-Firefox-Spdy: h2

GET vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js

104.21.45.240

200 OK

169 kB

URL GET
vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
169 kB (169106 bytes)
Hash
b80ddd0362968b14568a2702930b161a
b56834651a027d08193fa847c078a3192d8eb157
15fb06f22e693b0d2541756094728c138e90cc82c64a3bfc33c7d23c536cc55a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTmedkpMgiUVbhyBb9qm1BA3jLU2gm6LUmjMzCxbKDtxun0Bv%2Bsnt4%2FOEChE%2Bl9kzrSKiq5YKNgd77WwRM5WnKWk69BLYxUYBksKJ29M2TCfQvWXZLpt5VQec0JldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"29492-1960c8f88fb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 12062
cf-ray: 92c5367b1d321c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=357&x=16"

GET vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js

104.21.45.240

200 OK

507 B

URL GET
vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js
IP
104.21.45.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
ASCII text, with very long lines (507), with no line terminators
Size
507 B (507 bytes)
Hash
e06f301d355f493514eea80cc6726d3d
cb1755858456b4c9d6370ec94e9df8fb8dd0ad73
f0455d401f499dac227a2d5e148a1fa830d71033add85218f1cedb3761dbe57a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-app-286098e153a46d48.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/40290/1/12?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:54:52 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3MUQkWSeqVnBW56wpslB5QUv3IagEUVLz%2F43il9RYNZe4ZakguicHyDqE9P3aOhBiiyEsyht8Ddoek1AfA%2BJOdZiPardmaMgff84097VcNSbQ2de1EjGXe%2FKQ83TOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"1fb-1960c87774e"
vary: Accept-Encoding
age: 12061
cf-cache-status: HIT
content-encoding: br
cf-ray: 92c5367b1d351c02-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6694&min_rtt=4182&rtt_var=5250&sent=88&recv=94&lost=0&retrans=0&sent_bytes=7699&recv_bytes=8402&delivery_rate=2341&cwnd=12000&unsent_bytes=0&cid=33083d440db4d858&ts=362&x=16"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML