GET videzz.net/js/jquery.min.js
200 OK 96 kB URL GET videzz.net/js/jquery.min.js
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:22 GMT
vary: Accept-Encoding
etag: W/"6849740e-1762a"
expires: Sat, 19 Jul 2025 06:44:33 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/locale/ru.js
200 OK 2.3 kB URL GET static.addtoany.com/menu/locale/ru.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 6e3dacbbeb8c470dc442a7348237245b
ad8a90c35cb2480a88668348a737ef37e6cd0f93
fe45e4d0549f8d2b4fec29e6db826953ff2484009466a89029003b10a86966fa
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbec56c9-OSL
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
etag: W/"9797b535a7dbc5ec8be5d83312871549"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7R69IvZ9uJ6bo9qWrv84M8zK1GykjT5Xl8EgOWp0k4d6syRQXnGGirGhP4cf4%2BOnBr9yPBNJ4NWqPiVPnqNBFo4zNZkUs54D3NOhGAFwQQ%2F7Q4db42Q243WMeWoAeWUzsXAn1gTd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 28561
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
200 OK 281 kB URL User Request GET colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (59458)
Size 281 kB (280893 bytes)
Hash aa96b7f16d96ccbedc49e48218e92efb
a9123badd9dbd5b522e1bbd7cf281e353e51553f
ad7eaa0d69ce7a9bf3e76e922cf373804142d9e7035d224e7927595a5ad8cb18
GET /follando-a-colegiala-traviesa-en-el-salon/ HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: text/html; charset=UTF-8
link: <https://colegialacasero.com/wp-json/>; rel="https://api.w.org/", <https://colegialacasero.com/wp-json/wp/v2/posts/10092>; rel="alternate"; title="JSON"; type="application/json", <https://colegialacasero.com/?p=10092>; rel=shortlink
last-modified: Thu, 19 Jun 2025 06:47:06 GMT
etag: "58643f1a9418625cc1c5ba2124d790fb"
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET zv.7vid.net/api/spots/70101?s1=123521&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&referrer=colegialacasero.com&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb
200 OK 608 B URL GET zv.7vid.net/api/spots/70101?s1=123521&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&referrer=colegialacasero.com&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint0F:4D:7A:ED:9D:77:5E:06:14:C3:9E:91:06:73:B4:FE:43:3F:A1:06
ValidityMon, 12 May 2025 00:28:43 GMT - Sun, 10 Aug 2025 00:28:42 GMT
File type XML 1.0 document, ASCII text
Hash e0f5d91a31e168f29bc3d64d10525dfc
cdc16173b935f1d151d5655319cdc9dec9c1bee2
5660c5d01aa6084fc8266ace3fac2caba3646e28cf82a3605b013dd432d9b5df
GET /api/spots/70101?s1=123521&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&referrer=colegialacasero.com&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=27tupkis7HoUvFAjg9Q7; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
GET videzz.net/js/videojs.stm.5.min.js?0.0111514994734137
200 OK 4.7 kB URL GET videzz.net/js/videojs.stm.5.min.js?0.0111514994734137
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (4690), with no line terminators
Hash f7568c2a64d753528fbfaa9ddc3b76f3
3858a3fc524a6924f6fb7f4202181f7c840d7e06
ac4448982bf8c239354df9e6aebcc50d39e6e5db2ff7775a4ef64003b32d7725
GET /js/videojs.stm.5.min.js?0.0111514994734137 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-1252"
expires: Sat, 19 Jul 2025 06:47:15 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
GET videzz.net/js/footer.static.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 140 kB URL GET videzz.net/js/footer.static.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 140 kB (140132 bytes)
Hash 8986804e792bac03d992cfa0d65281de
4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44
e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295
GET /js/footer.static.min.js?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-22364"
expires: Sat, 19 Jul 2025 06:41:11 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET xml.zeusadx.com/redirect?feed=754913&auth=p6zs&pubid=162319
200 OK 0 B URL GET xml.zeusadx.com/redirect?feed=754913&auth=p6zs&pubid=162319
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintB6:CE:F6:86:30:F6:C6:02:DE:C2:AB:6A:F8:96:D2:51:69:AE:B0:DB
ValiditySat, 19 Oct 2024 00:00:00 GMT - Tue, 18 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754913&auth=p6zs&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET thursday55315.videocdnmetrika80.com/f.php?sid=212515
200 OK 5.4 kB URL GET thursday55315.videocdnmetrika80.com/f.php?sid=212515
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectvideocdnmetrika80.com
FingerprintBE:0F:74:88:49:5F:35:77:25:DB:F0:D9:94:46:65:A7:FE:1E:B1:A5
ValiditySun, 27 Apr 2025 19:26:18 GMT - Sat, 26 Jul 2025 20:25:02 GMT
File type HTML document, ASCII text, with very long lines (755), with CRLF line terminators
Hash ed85ffef6e588a08d01e00c387ddcd14
e1b37e08529ee199a427d8c1d48299bc2ff4f1e2
661bdebd4b2760a5cac07a4b14b5f378e894b1baac7c1e0d1d633bdff8e7c98e
GET /f.php?sid=212515 HTTP/1.1
Host: thursday55315.videocdnmetrika80.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-powered-by: PHP/7.1.33
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ILS7f7nyJuj%2FEz48m6bARyw0POJFM1rY96kyJFM2wjzE1gpxSqdfYNUu1pwj0mEEeD2KH0dKZVpz26cg%2B7LleaGjVoOhKtW35HfwkkI03ac%2FG5f107bl4MBzz4Ln57snRQ%3D%3D"}]}
content-encoding: br
cf-ray: 95211303a8f6b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 96
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKdzVgsplkJap%2BKM9NlPtZcEZjbgfuB7qMrIwjH%2FmfxKBi3velY6kT%2FWcqs6%2BsOgmAkfmAAMTIZaD2EJa2ypZ%2BIbZ40P6RNZaX11Z4Wq6odwqjbgjFFzftviOPXOePv%2FpOnO4wIQwoo%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.cachegorilla.com/redirect?feed=754963&auth=olGk&pubid=197570
cf-cache-status: DYNAMIC
cf-ray: 95211303f80156bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2060&min_rtt=376&rtt_var=1349&sent=156&recv=164&lost=0&retrans=2&sent_bytes=27123&recv_bytes=15285&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1745&inflight_dur=199&x=44"
GET vast.yomeno.xyz/report?katds_ep=aU8WaO4qHxlHagoZYavXjTOEMTJ_EEOI8PzY52LLsLzm7H13JDTzpj8mQ1A6Q5KOJNMTDJyC8WQL3SBUpjrP4iAycZ8qHduTOTmwHLtQi84610OPZSYQpzZTh2AgLOGJUBd7cyuEQ54NxiemQ9BohSPJ7s7BtQTNQt33gy2mKu2yHKmBAtTqSZL6JCEXMIYkxM0gfRbFPjHoCVvWwg4ArZ0RAdAm5cZdNtIOt_rE9wXlJ__rcHuBF6CcWXV9-4X2Cw7o9623UualmQih391yYsvdPZaQ_5U_QyjGfYEz1zqKH1iB_dtgIK-Pt_N1c_G6SOfxEGGD95SWDba_rgoVvpxRiuOH5rWTfSbNiLCx0rWLPSCI0HfWbSrD8HCFACNIr1eBRWTQyD-WDYDQBu9_bItcQt19jby9TGwA19iB76wIVVXKmEMnkAfeD5y89i0ZUaN3VyD9Z3_XiLvjebsaEJVxKO5mjSiCc0oxxN0F9qtsTrE54S8NK7_XUKtkRqzA57Wq4A8&error=3
204 No Content 0 B URL GET vast.yomeno.xyz/report?katds_ep=aU8WaO4qHxlHagoZYavXjTOEMTJ_EEOI8PzY52LLsLzm7H13JDTzpj8mQ1A6Q5KOJNMTDJyC8WQL3SBUpjrP4iAycZ8qHduTOTmwHLtQi84610OPZSYQpzZTh2AgLOGJUBd7cyuEQ54NxiemQ9BohSPJ7s7BtQTNQt33gy2mKu2yHKmBAtTqSZL6JCEXMIYkxM0gfRbFPjHoCVvWwg4ArZ0RAdAm5cZdNtIOt_rE9wXlJ__rcHuBF6CcWXV9-4X2Cw7o9623UualmQih391yYsvdPZaQ_5U_QyjGfYEz1zqKH1iB_dtgIK-Pt_N1c_G6SOfxEGGD95SWDba_rgoVvpxRiuOH5rWTfSbNiLCx0rWLPSCI0HfWbSrD8HCFACNIr1eBRWTQyD-WDYDQBu9_bItcQt19jby9TGwA19iB76wIVVXKmEMnkAfeD5y89i0ZUaN3VyD9Z3_XiLvjebsaEJVxKO5mjSiCc0oxxN0F9qtsTrE54S8NK7_XUKtkRqzA57Wq4A8&error=3
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvast.yomeno.xyz
Fingerprint8B:6A:4D:FB:A4:A1:8B:3B:9F:CA:01:82:F0:42:F1:27:57:DE:C7:33
ValidityWed, 04 Jun 2025 03:21:44 GMT - Tue, 02 Sep 2025 03:21:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /report?katds_ep=aU8WaO4qHxlHagoZYavXjTOEMTJ_EEOI8PzY52LLsLzm7H13JDTzpj8mQ1A6Q5KOJNMTDJyC8WQL3SBUpjrP4iAycZ8qHduTOTmwHLtQi84610OPZSYQpzZTh2AgLOGJUBd7cyuEQ54NxiemQ9BohSPJ7s7BtQTNQt33gy2mKu2yHKmBAtTqSZL6JCEXMIYkxM0gfRbFPjHoCVvWwg4ArZ0RAdAm5cZdNtIOt_rE9wXlJ__rcHuBF6CcWXV9-4X2Cw7o9623UualmQih391yYsvdPZaQ_5U_QyjGfYEz1zqKH1iB_dtgIK-Pt_N1c_G6SOfxEGGD95SWDba_rgoVvpxRiuOH5rWTfSbNiLCx0rWLPSCI0HfWbSrD8HCFACNIr1eBRWTQyD-WDYDQBu9_bItcQt19jby9TGwA19iB76wIVVXKmEMnkAfeD5y89i0ZUaN3VyD9Z3_XiLvjebsaEJVxKO5mjSiCc0oxxN0F9qtsTrE54S8NK7_XUKtkRqzA57Wq4A8&error=3 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 19 Jun 2025 06:47:24 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
GET my.imageflow.store/api/click/14587968290606056115?c=60&data[error]=3&data[errormsg]=Failed%20to%20decode%20media
200 OK 0 B URL GET my.imageflow.store/api/click/14587968290606056115?c=60&data[error]=3&data[errormsg]=Failed%20to%20decode%20media
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/14587968290606056115?c=60&data[error]=3&data[errormsg]=Failed%20to%20decode%20media HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=cMm3zjA5DUFqKEmPYF2h
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:24 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/themes/torotube/fonts/fontawesome-webfont.woff?v=4.2.0
200 OK 84 kB URL GET colegialacasero.com/wp-content/themes/torotube/fonts/fontawesome-webfont.woff?v=4.2.0
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type Web Open Font Format, TrueType, length 83588, version 1.0
Hash a35720c2fed2c7f043bc7e4ffb45e073
4a313eb93b959cc4154c684b915b0a31ddb68d84
c812ddc9e475d3e65d68a6b3b589ce598a2a5babb7afc55477d59215c4a38a40
GET /wp-content/themes/torotube/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: font/woff
content-length: 83588
last-modified: Sat, 30 May 2020 12:49:14 GMT
vary: Accept-Encoding
etag: "5ed2564a-14684"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET xml.zeusadx.com/redirect?feed=754914&auth=Zc1b&pubid=162319
200 OK 0 B URL GET xml.zeusadx.com/redirect?feed=754914&auth=Zc1b&pubid=162319
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintB6:CE:F6:86:30:F6:C6:02:DE:C2:AB:6A:F8:96:D2:51:69:AE:B0:DB
ValiditySat, 19 Oct 2024 00:00:00 GMT - Tue, 18 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754914&auth=Zc1b&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET str31.vidoza.net/i/01/06164/wfjktvnns0hl.jpg?v=1750315635
200 OK 15 kB URL GET str31.vidoza.net/i/01/06164/wfjktvnns0hl.jpg?v=1750315635
IP
ASN #49453 Global Layer B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
Fingerprint30:B9:25:E1:B3:D8:08:56:59:9D:36:3F:93:9E:B9:FA:BD:B5:75:9E
ValidityFri, 28 Mar 2025 00:21:37 GMT - Thu, 26 Jun 2025 00:21:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 360x640, components 3
Hash bcdee1b6d0506ef1fb7d2702c4591f7c
4e31e292fcaf9373d9f5f8633a76d68d663dfe0b
b98280456038caa505ad3ba17c7fb5960c3a237ca97c37687b5e47e7a4809093
GET /i/01/06164/wfjktvnns0hl.jpg?v=1750315635 HTTP/1.1
Host: str31.vidoza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: image/jpeg
content-length: 15120
last-modified: Tue, 27 Dec 2022 08:19:23 GMT
etag: "63aaaa8b-3b10"
expires: Thu, 03 Jul 2025 06:47:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fcss%2Fstyle.css&l=10008&fd=205
200 OK 0 B URL GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fcss%2Fstyle.css&l=10008&fd=205
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fcss%2Fstyle.css&l=10008&fd=205 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:20 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET colegialacasero.com/wp-content/uploads/2023/06/vip-portada-1.jpg
200 OK 12 kB URL GET colegialacasero.com/wp-content/uploads/2023/06/vip-portada-1.jpg
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x225, components 3
Hash b3c30bd8799f3e3ddded945b64b51c14
d91b531ee962bc10a85450748806cd05082be673
3afe999b65e76f591ecc0de57023c8bc2c5f3baea9ad1a455baee5060725f953
GET /wp-content/uploads/2023/06/vip-portada-1.jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/jpeg
content-length: 12265
last-modified: Thu, 29 Jun 2023 04:20:59 GMT
vary: Accept-Encoding
etag: "649d06ab-2fe9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/e6yMnW6
200 OK 237 B URL GET bid.bidclickmedia.com/sub/e6yMnW6
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 1cc9ee13daa3d976c6182acb7457299a
5f8592119388a9914082531f94529238c9a2c822
3157e02c084934d07c78ff730dd9c2ed5e885e2e44c38ed852550853364ac7f1
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FCHLaPdijx6GbIKn8jVh9PFNYYeOhERCWncgJc0XIdnifPkH242O%2B0PVZRjoBCCZV%2FgMne7HAOjtn7edaLnC%2FIrTHFw8Jc8uNemHm5urxasS9gnJqetJkoFY2YVxWYCCR3elLLPrxo%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbbfb756bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3916&min_rtt=514&rtt_var=3600&sent=115&recv=137&lost=0&retrans=0&sent_bytes=9233&recv_bytes=9054&delivery_rate=433942&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=0701a4c47f253775&ts=427&inflight_dur=34&x=44"
GET wearychallengeraise.com/impr.gif?sid=H4sIAAAAAAAC_1RSQWskRRSunl28KKiLeBFhYBFckEn3dM9kxj2I67qyGJO4WQniqbqrelKmpqutqu6ezCkYkD2ON_FU-SbZoC6yehQEmXgQVoQdTzlsDvoThD3LTAZGH9R773tfFXzvvfrisDgnEQp6tvmBGgop6Uqr4ddf3xYZU5Wpr9-tB37Dv17fFlk7ul4fzJwu3wzCqOFfq7_Hk1210vQD3w_8oH5LaJ6qwcqchcgfdING129EzUbQijDQ_8em8GCoB1aekysQbPr83-knEMkEWf_hTW52rcrfeLdfSGqVRslOPsp2M1Vl6C_TVHtIs5PFbSgzJeSrGlR2sugAqjyadYBYTEnt5SeIs5OFTMTl8YXSWIJniNmzqMoJuJxA0AkSdQDBHhMgYVjfQNa_v650RfcuWDpjp-Ty038gqim5_OQlZP3vb0gxqG8pWVihMoNB6iAGE4jeBHlxCjusQVSnSOznEOwPsvJ0DVn_aMNIBcHcvHuRTiD5CNR4KGZHeChSD0Xuoc_O6pHfiZKAhu20y5JVP6JRxHjsdztN36fdZBVFMpM2gs1HSOQIid5HrvexK0bQxS8wOw6GeTB2SrwP91Eyh4oTVIagogSVIKgsQVW6YyZN07j7TJoiDhaxuYihGyvbO6THyvZ4RkD1CJq5I5F_Zg6Q2EvjYWrYWM0cja0b05i5w_ycvDibnHe1dg27_KzeXe20wk4Ypz7rpM00bgcB64adZtTyO51WuwUjHISpzQcyFFPyWvoTcjElz_1GENNTGHmKRLwAWrwKWjnQHYdh9pCyQtpGKZga0kbGLZhyyO1l2D3vUJ6TV-b7-_ivGnjyiCwMiXbItcOn4leCnrw3vqMqcnRHVYb8sJFb0RdDOtvtlqWWP_Pt-3yvUprdvmlG37ydzIhZ-uAuN3aNZkxkPUO-uyEY4_qW0gknP9822zzeLMzOjUJnRb62-c6t2_1cc2OEyiag4vHVJhIxJVe-5vNf2_z9OoSeQBcO_WKpVKgJknwfJl_WjCLQconj3ENVuLFuxsuiFASSLzGNHcx_cLzMx5rOXlPhDs099LQHag-Q9R1K7VBKBypHMMWlsc31o7f-DOeGWHrjWGrvKJZafnkxZCPO6mnIm4nvd1bbQdhJeRBGLElbnajL2tQPQw5rpjtbP5b_BgAA__95AgjxlwQAAA==
200 OK 0 B URL GET wearychallengeraise.com/impr.gif?sid=H4sIAAAAAAAC_1RSQWskRRSunl28KKiLeBFhYBFckEn3dM9kxj2I67qyGJO4WQniqbqrelKmpqutqu6ezCkYkD2ON_FU-SbZoC6yehQEmXgQVoQdTzlsDvoThD3LTAZGH9R773tfFXzvvfrisDgnEQp6tvmBGgop6Uqr4ddf3xYZU5Wpr9-tB37Dv17fFlk7ul4fzJwu3wzCqOFfq7_Hk1210vQD3w_8oH5LaJ6qwcqchcgfdING129EzUbQijDQ_8em8GCoB1aekysQbPr83-knEMkEWf_hTW52rcrfeLdfSGqVRslOPsp2M1Vl6C_TVHtIs5PFbSgzJeSrGlR2sugAqjyadYBYTEnt5SeIs5OFTMTl8YXSWIJniNmzqMoJuJxA0AkSdQDBHhMgYVjfQNa_v650RfcuWDpjp-Ty038gqim5_OQlZP3vb0gxqG8pWVihMoNB6iAGE4jeBHlxCjusQVSnSOznEOwPsvJ0DVn_aMNIBcHcvHuRTiD5CNR4KGZHeChSD0Xuoc_O6pHfiZKAhu20y5JVP6JRxHjsdztN36fdZBVFMpM2gs1HSOQIid5HrvexK0bQxS8wOw6GeTB2SrwP91Eyh4oTVIagogSVIKgsQVW6YyZN07j7TJoiDhaxuYihGyvbO6THyvZ4RkD1CJq5I5F_Zg6Q2EvjYWrYWM0cja0b05i5w_ycvDibnHe1dg27_KzeXe20wk4Ypz7rpM00bgcB64adZtTyO51WuwUjHISpzQcyFFPyWvoTcjElz_1GENNTGHmKRLwAWrwKWjnQHYdh9pCyQtpGKZga0kbGLZhyyO1l2D3vUJ6TV-b7-_ivGnjyiCwMiXbItcOn4leCnrw3vqMqcnRHVYb8sJFb0RdDOtvtlqWWP_Pt-3yvUprdvmlG37ydzIhZ-uAuN3aNZkxkPUO-uyEY4_qW0gknP9822zzeLMzOjUJnRb62-c6t2_1cc2OEyiag4vHVJhIxJVe-5vNf2_z9OoSeQBcO_WKpVKgJknwfJl_WjCLQconj3ENVuLFuxsuiFASSLzGNHcx_cLzMx5rOXlPhDs099LQHag-Q9R1K7VBKBypHMMWlsc31o7f-DOeGWHrjWGrvKJZafnkxZCPO6mnIm4nvd1bbQdhJeRBGLElbnajL2tQPQw5rpjtbP5b_BgAA__95AgjxlwQAAA==
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC_1RSQWskRRSunl28KKiLeBFhYBFckEn3dM9kxj2I67qyGJO4WQniqbqrelKmpqutqu6ezCkYkD2ON_FU-SbZoC6yehQEmXgQVoQdTzlsDvoThD3LTAZGH9R773tfFXzvvfrisDgnEQp6tvmBGgop6Uqr4ddf3xYZU5Wpr9-tB37Dv17fFlk7ul4fzJwu3wzCqOFfq7_Hk1210vQD3w_8oH5LaJ6qwcqchcgfdING129EzUbQijDQ_8em8GCoB1aekysQbPr83-knEMkEWf_hTW52rcrfeLdfSGqVRslOPsp2M1Vl6C_TVHtIs5PFbSgzJeSrGlR2sugAqjyadYBYTEnt5SeIs5OFTMTl8YXSWIJniNmzqMoJuJxA0AkSdQDBHhMgYVjfQNa_v650RfcuWDpjp-Ty038gqim5_OQlZP3vb0gxqG8pWVihMoNB6iAGE4jeBHlxCjusQVSnSOznEOwPsvJ0DVn_aMNIBcHcvHuRTiD5CNR4KGZHeChSD0Xuoc_O6pHfiZKAhu20y5JVP6JRxHjsdztN36fdZBVFMpM2gs1HSOQIid5HrvexK0bQxS8wOw6GeTB2SrwP91Eyh4oTVIagogSVIKgsQVW6YyZN07j7TJoiDhaxuYihGyvbO6THyvZ4RkD1CJq5I5F_Zg6Q2EvjYWrYWM0cja0b05i5w_ycvDibnHe1dg27_KzeXe20wk4Ypz7rpM00bgcB64adZtTyO51WuwUjHISpzQcyFFPyWvoTcjElz_1GENNTGHmKRLwAWrwKWjnQHYdh9pCyQtpGKZga0kbGLZhyyO1l2D3vUJ6TV-b7-_ivGnjyiCwMiXbItcOn4leCnrw3vqMqcnRHVYb8sJFb0RdDOtvtlqWWP_Pt-3yvUprdvmlG37ydzIhZ-uAuN3aNZkxkPUO-uyEY4_qW0gknP9822zzeLMzOjUJnRb62-c6t2_1cc2OEyiag4vHVJhIxJVe-5vNf2_z9OoSeQBcO_WKpVKgJknwfJl_WjCLQconj3ENVuLFuxsuiFASSLzGNHcx_cLzMx5rOXlPhDs099LQHag-Q9R1K7VBKBypHMMWlsc31o7f-DOeGWHrjWGrvKJZafnkxZCPO6mnIm4nvd1bbQdhJeRBGLElbnajL2tQPQw5rpjtbP5b_BgAA__95AgjxlwQAAA== HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a1ab951e0a357a6100854e066f331ebe
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET colegialacasero.com/wp-content/uploads/2021/06/morra-golosa-se-mete-con-sus-tres-companeros..jpg
200 OK 12 kB URL GET colegialacasero.com/wp-content/uploads/2021/06/morra-golosa-se-mete-con-sus-tres-companeros..jpg
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x250, components 3
Hash 45fca2388c40a68f8d50c5ef76373cf9
1dd2b5fa53d3065874549f67c77cb4c20abc82fb
62eceb2c82e5394bcfbd3962d6b0aad55ad56d983c0159a7d1c559a60e8b3963
GET /wp-content/uploads/2021/06/morra-golosa-se-mete-con-sus-tres-companeros..jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/jpeg
content-length: 11546
last-modified: Thu, 11 May 2023 06:27:14 GMT
vary: Accept-Encoding
etag: "645c8ac2-2d1a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET videzz.net/images-newtheme/adb_logo.png
200 OK 8.3 kB URL GET videzz.net/images-newtheme/adb_logo.png
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Hash 98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
etag: "68497418-2074"
expires: Sat, 19 Jul 2025 06:39:25 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/themes/torotube/js/jquery.lazyload.min.js
200 OK 0 B URL GET colegialacasero.com/wp-content/themes/torotube/js/jquery.lazyload.min.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/torotube/js/jquery.lazyload.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
GET vidoza.net/embed-wfjktvnns0hl.html
301 Moved Permanently 38 kB URL GET vidoza.net/embed-wfjktvnns0hl.html
IP
ASN #213035 Des Capital B.V.
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectvidoza.net
FingerprintB8:5C:5E:94:E1:07:A6:B0:BA:14:FF:C4:34:F9:43:30:DE:CE:0F:4C
ValiditySun, 25 May 2025 01:23:37 GMT - Sat, 23 Aug 2025 01:23:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed-wfjktvnns0hl.html HTTP/1.1
Host: vidoza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: text/html
content-length: 178
location: https://videzz.net/embed-wfjktvnns0hl.html
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-includes/js/comment-reply.min.js
200 OK 3.0 kB URL GET colegialacasero.com/wp-includes/js/comment-reply.min.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type ASCII text, with very long lines (2991)
Hash e4a49df71f8b98c1d9f9d8fce74d89e8
b95fcda0c8c26305ad94e80343d0cfca8a048a10
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f
GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Thu, 02 Jan 2025 23:47:01 GMT
vary: Accept-Encoding
etag: W/"67772575-bd2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/31bV2Jy
200 OK 237 B URL GET bid.bidclickmedia.com/sub/31bV2Jy
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 4c54c2e01c157f168fc4eeb667d9d99b
aa1895ea4f4c3782a606db8b77b5b15d2c0d9c74
052520fc62b23b1e4314551c120511f7e3d609bf0cff89fac2953957dd34271b
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vz0z0Mq3CCxPToZ6VwuIs0UJUY7ybAD5qLf3EylAoFgoaCfsX3f78b9HU6lJyeO0yOqnjWh7W17hs4Jwdf7AQJ%2BMJJ8lHaAHAAJLAGOyrnJYRteUL%2BT1AYQmsru%2BwY%2BU2T8aa%2B3aw%2Fs%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbffbc56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3167&min_rtt=376&rtt_var=3347&sent=121&recv=139&lost=0&retrans=0&sent_bytes=12384&recv_bytes=9144&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=12858&unsent_bytes=0&cid=0701a4c47f253775&ts=442&inflight_dur=38&x=44"
GET 36.us.xmlap.com/feed/?link=true&tid=36
302 Found 171 kB URL GET 36.us.xmlap.com/feed/?link=true&tid=36
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subject*.us.xmlap.com
Fingerprint53:65:9E:D2:C3:D3:2B:C9:5E:9A:A6:2E:F0:92:B3:37:44:30:C4:E8
ValidityTue, 03 Jun 2025 05:17:31 GMT - Mon, 01 Sep 2025 05:17:30 GMT
Size 171 kB (171076 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feed/?link=true&tid=36 HTTP/1.1
Host: 36.us.xmlap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache
Location: https://www.popbutler.net/click/invalid/?tid=36&subid=unknown
Date: Thu, 19 Jun 2025 06:47:18 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
GET bid.bidclickmedia.com/sub/ED7DjzA
200 OK 207 B URL GET bid.bidclickmedia.com/sub/ED7DjzA
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash c92c912a15cac9bbab99b200ef0be7eb
b8a1cb0d1edb08005eeaaa640467ed03b09cc0a0
06de2ab470c79524ed931f0d6e8967a26350c7a5b7dc39c2e22d2ff461468942
GET /sub/ED7DjzA HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FUrRrwQUMDyiI5MfhzYKZSiqQZiwcR2MUZirYo9TF%2FLH629t1n1xKL7KPJji4ekbLTW%2FEZbBtHR9JilBOIKyoWFH26oZMc%2BApQNJcnh5kyGB6Ns%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112f8f9807130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/Pj8pz0z
200 OK 232 B URL GET bid.bidclickmedia.com/sub/Pj8pz0z
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash bd324b12560192fae53a88d42456a237
6608a9f87887479751542bd2a567de64a2155454
482d57be9d80b58ccf56a59147f0e45b2331bee54be54aeedcb3b6ef07f425a4
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Q1B42VXaFmL3Fua2rrAaYlcLKXlkO9cPxYsTPdL%2FkeQTxFNttDZ5ppzex2OO3JVodl3%2FQOTYlINZZNV7BDrIvFSEUgtydrDLz5cp9R%2FTWii0fa0%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbabfe7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLBx2llRxFWHVum5OPHks1oj%2B%2BYYgWeBluuaCQHXwERj2i5srDxVWch5IVIAf1fpk7Iq59%2B8y8JSGGW3%2FukQ%2F0sPMHsERURehD90SuPZBw55me6DgwlFqlqFhdRrkC8UCfgE5SpP%2Bqs%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.zeusadx.com/redirect?feed=754914&auth=Zc1b&pubid=162319
cf-cache-status: DYNAMIC
cf-ray: 952112fcbfbf56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3366&min_rtt=376&rtt_var=3306&sent=126&recv=143&lost=0&retrans=0&sent_bytes=14260&recv_bytes=10159&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=573&inflight_dur=60&x=44"
GET experttrafficcounter.com/stats
200 OK 40 B URL GET experttrafficcounter.com/stats
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5d7c6ff80c775d3ba4c2d53689390759
80c9a399b9affe9c627c4de1b55aea98f7a1b2ed
6a8cdbc534eb1aadd6fc23f1d4884c5dc029deabf43d1bd2e29379fb937dd7fd
GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d2dc779b-53ba-4f8d-a259-a8a0daa590ad:1:1; expires=Sun, 17 Jun 2035 06:47:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET allvideometrika.com/vidozza.php
200 OK 1.1 kB URL GET allvideometrika.com/vidozza.php
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectallvideometrika.com
FingerprintB3:A6:98:08:FE:2D:B7:19:F2:FD:95:B4:54:60:4F:D1:1E:D9:2D:91
ValidityTue, 10 Jun 2025 17:25:54 GMT - Mon, 08 Sep 2025 18:24:27 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 6b5d9d65812583ad3083c4d932522547
cba7769dc4391369633baf9f5c9acc3d940dd987
07f199fb7cdc6796c65dbd72f43741fffbc4bd2f5974c6a1cbe476b82cf5e48d
GET /vidozza.php HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=u%2BW%2FBQ%2B1ukRYSNy7qh9ZD6xHjnEvuU%2FBrR7qwsHEqhxrNs5m98l1QKLiKS2ImBBZemtWfzWpyUgT9XEeh%2Fl%2F92D%2BrsvCBcy7j3a2M91gwzug"}]}
content-encoding: br
cf-ray: 952113010af2b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_2e7cf6f498fa4dd6a02be034aa57b12f.js
200 OK 426 B URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_2e7cf6f498fa4dd6a02be034aa57b12f.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (426), with no line terminators
Hash d9fc891e332d52f0c1d0a63c101d098d
ed532d826648330fe191bf3ed02d1302948da901
3fbcd774bc2c490f7fcf8627c329b00704bfbf5ddb7342e274f39595689f4a1d
GET /wp-content/cache/autoptimize/js/autoptimize_single_2e7cf6f498fa4dd6a02be034aa57b12f.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:46 GMT
vary: Accept-Encoding
etag: W/"6806f416-1aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/modules/core.pt5ow5lr.js
200 OK 72 kB URL GET static.addtoany.com/menu/modules/core.pt5ow5lr.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7e998bb147b26903e88f08f39c0e2cfc
6c93ab9cb3371591d4031dc60b9c3ae571c3329e
ef39bcc03d88448d0d38aba3dc609e9c9c444d037aebec926e6715e1cf956674
GET /menu/modules/core.pt5ow5lr.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112f8b9ab56c9-OSL
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
etag: W/"6e938442141e4680b5bd4187b8d6c216"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWCDVaDc0ESXH05PdeezcuBzxfDEO3Ab%2FC%2FyxbqBbO1Dt0JHJRLjerhTClfIVs9b7mNip8qkwOcA%2BKclTS1ZCHwuKVxxfJPlywyaLFxsMZQUEGGmlnYiR75bGk3w5LLCdLInDNxVb0LVQ3SoASsN87d3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 25006
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET astonishlandmassnervy.com/sc4fr/rwff/f9ef/2023781/dba.xml
200 OK 4.3 kB URL GET astonishlandmassnervy.com/sc4fr/rwff/f9ef/2023781/dba.xml
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerBuypass AS-983163327
Subject
FingerprintE4:BC:3A:35:A7:4A:3D:E5:65:63:12:5B:23:90:D1:80:BA:9B:73:F2
ValidityMon, 03 Mar 2025 23:33:57 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File type XML 1.0 document, ASCII text, with very long lines (4236)
Hash 536bd0877f58167e824128bc4da31675
668ee1936c4fe2ad600e31e78a77bc9229aa713f
efdf46bc69db665cdc350f3a140bfc839604a2905e6c1a9ac026900826daf0ef
GET /sc4fr/rwff/f9ef/2023781/dba.xml HTTP/1.1
Host: astonishlandmassnervy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
x-route-id: script
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
set-cookie: CHCK=1; Path=/; Expires=Thu, 23 Jul 2026 06:47:19 GMT; Secure; SameSite=None
UID=25061901474b1046508f69457b8bbaba4b85; Path=/; Expires=Thu, 23 Jul 2026 06:47:19 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET vast.yomeno.xyz/vast?spot_id=1448816&utm_content=videzz.net
200 OK 21 kB URL GET vast.yomeno.xyz/vast?spot_id=1448816&utm_content=videzz.net
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvast.yomeno.xyz
Fingerprint8B:6A:4D:FB:A4:A1:8B:3B:9F:CA:01:82:F0:42:F1:27:57:DE:C7:33
ValidityWed, 04 Jun 2025 03:21:44 GMT - Tue, 02 Sep 2025 03:21:43 GMT
File type ASCII text, with very long lines (2519)
Hash 96ec57d4aad83799f39a600892ec14c4
ae0d87e2b4d6e9a15b37f446fcf2f397f50cecae
d7f2094ecdb682cf3de41b9f3fd878e0e1fb3774006e8c1b6aa55dfd0a7db0cb
GET /vast?spot_id=1448816&utm_content=videzz.net HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 19 Jun 2025 06:47:20 GMT
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=UA-158623850-1
200 OK 289 kB URL GET www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
File type JavaScript source, ASCII text, with very long lines (5913)
Size 289 kB (288991 bytes)
Hash f502365f159d5531b4121205bc160957
ccff7e4f81684931568794f31f8d2dfeccfab231
2389416b0b7e77788f0b4d803e6b36d6137f37dda22df4d315064fdd016a169e
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jun 2025 06:47:15 GMT
expires: Thu, 19 Jun 2025 06:47:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 101672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET colegialacasero.com/wp-includes/js/jquery/jquery.min.js
200 OK 88 kB URL GET colegialacasero.com/wp-includes/js/jquery/jquery.min.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
vary: Accept-Encoding
etag: W/"64ecd5ef-15601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/svg/icons/twitter.js
200 OK 645 B URL GET static.addtoany.com/menu/svg/icons/twitter.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (645), with no line terminators
Hash ca05cf90bd32d6134c0b92464c343f9a
187feb5cc71d225717838268487a0abc9b8d405c
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbf156c9-OSL
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJFbJiysdDsGhgEN%2BjsoWOH2BC8YaUXGvoWEnpv0jbRdpu0EkHgQSazYlehgIVHaDFMmWE4BeUpcuHw0sDPmkTq4dGW976wxs7CECQuRjUxPcCPSDT8TK7RGgybpRjVVMTyVTu4y0myivmLWQ8pY17J1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 19953
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET xml.xmlking.com/redirect?feed=754940&auth=v5B2&pubid=195183
200 OK 0 B URL GET xml.xmlking.com/redirect?feed=754940&auth=v5B2&pubid=195183
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint5F:CA:E1:A6:CB:14:F1:BB:52:66:BC:7B:3C:0E:33:A4:89:70:E1:5F
ValidityMon, 22 Jul 2024 00:00:00 GMT - Tue, 22 Jul 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754940&auth=v5B2&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/img/close.svg
200 OK 1.0 kB URL GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/img/close.svg
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
File type SVG Scalable Vector Graphics image
Hash 26dd89033221449321cb8c527a691faf
983f7411316deafd84c8cd91fae81b54b583771a
f753b8837c88daa22f91f3fa6d73148ec95ae850b821e0d21c86dcbe30be6733
GET /sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: image/svg+xml
content-length: 1045
server: cloudflare
last-modified: Thu, 15 May 2025 09:23:37 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "6825b299-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 65126
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Ch51LT3EhVGaN7qJgMQmN49a8oek42amkUAQZVNAR2Qka5ew%2FRnhGvpEgNSdjcN5UO2R06Z5nDH%2FQZfwRZuf6CvDVPt8lYsqnDlJ3ALxsXC3h4Ot"}]}
cf-ray: 9521130d6c9fb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fcss%2Fanimate.css&l=79245&fd=210
200 OK 0 B URL GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fcss%2Fanimate.css&l=79245&fd=210
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fcss%2Fanimate.css&l=79245&fd=210 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:20 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET my.arthaven.xyz/Sb7AkA7.js
0 B URL GET my.arthaven.xyz/Sb7AkA7.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Sb7AkA7.js HTTP/1.1
Host: my.arthaven.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.popbutler.net/click/invalid/?tid=36&subid=unknown
302 Found 171 kB URL GET www.popbutler.net/click/invalid/?tid=36&subid=unknown
IP
ASN #14061 DIGITALOCEAN-ASN
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwww.popbutler.net
Fingerprint90:0E:BB:2C:A4:9A:D1:31:05:9A:68:40:01:42:4D:AE:66:22:5F:47
ValidityTue, 03 Jun 2025 05:35:18 GMT - Mon, 01 Sep 2025 05:35:17 GMT
Size 171 kB (171076 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/invalid/?tid=36&subid=unknown HTTP/1.1
Host: www.popbutler.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Expires: 0
Location: https://zap.buzz/Gllbj6M
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 53
Date: Thu, 19 Jun 2025 06:47:18 GMT
Connection: keep-alive
Keep-Alive: timeout=5
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/0YDX8OE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyzQ6OkysYBWHoXXry5NRSQMI2mM8EOVroIH2AgURMR8DebcfSVK49rKkewvqb08pJbSGudiAaL%2Bj0eJ%2FVfjZHMdmBOZ2pS1jYDFHTnLS1s3ocqvt%2BuLdoNTRxC1bXDosuiMJA49Ncg%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.xmlking.com/redirect?feed=754941&auth=mK3C&pubid=195183
cf-cache-status: DYNAMIC
cf-ray: 952113004fe756bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2590&min_rtt=376&rtt_var=2609&sent=135&recv=149&lost=0&retrans=1&sent_bytes=18460&recv_bytes=11657&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1132&inflight_dur=102&x=44"
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 96
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7r3o2divh4tnGIvIvk63iK5w1i21Kp6mg5SVzJna%2BM80E8uYoIeJtodtXNq%2FKiSIJygvnSicJQj1TAsTTtd5wlYtmdCA0S%2BaCh7LEOdWzqWcDf7WPAjwNQPylpFrFuoMEGEJq1TL%2BI%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
cf-cache-status: DYNAMIC
cf-ray: 952113018ff756bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2166&min_rtt=376&rtt_var=1318&sent=144&recv=156&lost=0&retrans=1&sent_bytes=21714&recv_bytes=13233&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1329&inflight_dur=132&x=44"
GET colegialacasero.com/wp-content/uploads/2021/06/en-el-cole.jpg
200 OK 15 kB URL GET colegialacasero.com/wp-content/uploads/2021/06/en-el-cole.jpg
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x250, components 3
Hash 2d9712ad389278fd69a0fb6a9909d1d9
850069f2120bab562de413826f0910c7d795e5f6
95466078035f151db3a45e5d5fdd4aaf717bf859959c394a31ec713ce5aaed6b
GET /wp-content/uploads/2021/06/en-el-cole.jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/jpeg
content-length: 14574
last-modified: Thu, 11 May 2023 06:27:35 GMT
vary: Accept-Encoding
etag: "645c8ad7-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET mcizas.com/pw/waWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsInNyYyI6Mn0=eyJ.js
200 OK 68 kB URL GET mcizas.com/pw/waWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsInNyYyI6Mn0=eyJ.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectmcizas.com
Fingerprint1D:25:39:23:0B:11:63:6C:F1:62:CB:26:31:4A:C4:EA:37:34:73:44
ValidityMon, 19 May 2025 03:25:28 GMT - Sun, 17 Aug 2025 04:23:10 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (62063)
Hash 49f6472b19600801b6c66b6fd63e2579
eaf61c153bc5cfd0813aa3ccbfad8544e8574dc2
27c20184ae60c7dc21cc1825f399162a46779187ac6f166f67a6213088034108
GET /pw/waWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: mcizas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: https://videzz.net
e-tag: 412e1797a343e84a43d70cb170636f62
content-encoding: gzip
age: 5871
cache-control: max-age=14400
cf-cache-status: HIT
last-modified: Thu, 19 Jun 2025 05:09:24 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2MvrTNzck1QV8Gu%2B6KlEMPGHX1IDhgGmuXS%2BFHtOTROmgybn8EC1%2BgL3QcsWcMgMk6bo2vmX3QpmNblkad5Fq32mfFq8ku15"}]}
cf-ray: 952112f3698f56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
200 OK 259 kB URL GET cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP
Requested by https://thursday55315.videocdnmetrika80.com/f.php?sid=212515
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT
File type JavaScript source, ASCII text, with very long lines (675)
Size 259 kB (258776 bytes)
Hash 10e4af75f4b15de4ffc1a0e00096e98c
c2d69ed2860c4ada092e30691720ed33902fb71c
2e204b9fd9ffd4f06ec2500387a13bafa4b5a96c3f95a72ff214e6826fcae8f6
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thursday55315.videocdnmetrika80.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.381.0
x-jsd-version-type: version
etag: W/"3f2d8-uSd6lVdgXN7BfZt8TzwoXxWB77Y"
content-encoding: br
accept-ranges: bytes
date: Thu, 19 Jun 2025 06:47:19 GMT
age: 2361
x-served-by: cache-fra-eddf8230100-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 100319
X-Firefox-Spdy: h2
GET my.artshelf.xyz/Sb7AkA7.js
200 OK 248 kB URL GET my.artshelf.xyz/Sb7AkA7.js
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectadspy.hdthot.com
Fingerprint7F:9C:48:66:3D:20:EC:99:DD:D5:63:C9:EE:3F:9B:B7:34:9C:F1:92
ValidityWed, 18 Jun 2025 09:28:37 GMT - Tue, 16 Sep 2025 09:28:36 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size 248 kB (247835 bytes)
Hash d21cc54c55f74c347f0e22ea516d1594
d997d3b1583de52b0f116419679e17d8d53bcac3
6ea5019aa17b8666e68c050669100296404df8f2b1e21defe01ed284c10901d2
GET /Sb7AkA7.js HTTP/1.1
Host: my.artshelf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
content-length: 79343
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-135ef"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 62
cf-ray: 942af002bef24e15-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
GET my.arthaven.xyz/Sb7AkA7.js
0 B URL GET my.arthaven.xyz/Sb7AkA7.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Sb7AkA7.js HTTP/1.1
Host: my.arthaven.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3cHB52gRRhHN51b6nEojBaGcBgdS7WE1CVkUMSawamssxFebFEyxFa7SZI8HqzokQq%2FcQRhrmjjGDLyoGKe5SEJ3yL1Hf9EvYR28pYiMV%2F%2Fwc5xnpuoERqLXiu4v%2FOt1fHCg%2FOtI%2FE%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.zeusadx.com/redirect?feed=754913&auth=p6zs&pubid=162319
cf-cache-status: DYNAMIC
cf-ray: 952112fe1fc556bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2842&min_rtt=376&rtt_var=2807&sent=132&recv=147&lost=0&retrans=0&sent_bytes=16366&recv_bytes=11150&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=792&inflight_dur=65&x=44"
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_83a062cf6545b990c13b4398035a29d0.js
200 OK 13 kB URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_83a062cf6545b990c13b4398035a29d0.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (13182), with no line terminators
Hash 83a062cf6545b990c13b4398035a29d0
5cf24bc45fcbc6f416ea9671e089ca00ef0080d2
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
GET /wp-content/cache/autoptimize/js/autoptimize_single_83a062cf6545b990c13b4398035a29d0.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:45 GMT
vary: Accept-Encoding
etag: W/"6806f415-337e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/uploads/2022/05/Colegiala-casero-logo.jpg
200 OK 3.6 kB URL GET colegialacasero.com/wp-content/uploads/2022/05/Colegiala-casero-logo.jpg
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x60, components 3
Hash 933badf08b49f3c6a678e1465b656656
b00f364be80d70b15af05c0bdf3a0c5cc1ab3e8a
fedf9d08050afa4abec7a01c872efb2f8d6e859d5cf6661c3f81c9b6cab23c52
GET /wp-content/uploads/2022/05/Colegiala-casero-logo.jpg HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/jpeg
content-length: 3570
last-modified: Sun, 08 May 2022 22:50:30 GMT
vary: Accept-Encoding
etag: "62784936-df2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET videzz.net/css/embed.min.css?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 620 kB URL GET videzz.net/css/embed.min.css?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type ASCII text, with very long lines (63495)
Size 620 kB (620408 bytes)
Hash 48211ce781545f35b37aeba8a5b89a5d
6812513ca680643740156f1439f5b6c586dce14d
dc6fd948ad775a1f8a194b82aaadfa71e251905d78baa26cc3346be937b51ee8
GET /css/embed.min.css?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: text/css
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-97778"
expires: Sat, 19 Jul 2025 06:44:24 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET cdn.tapioni.com/adgpt.js
200 OK 2.4 kB IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcdn.tapioni.com
Fingerprint9D:5E:8D:89:3F:44:95:41:D4:6B:BF:25:E3:95:5E:B8:BE:81:F7:17
ValidityThu, 22 May 2025 00:42:30 GMT - Wed, 20 Aug 2025 01:42:27 GMT
File type ASCII text, with very long lines (2391), with no line terminators
Hash c8353a641602ac900bafa496ff76e18c
3ac832327c6f7e906d569b0f19180171f6da53ba
03f32871a596ccf145436c0c232c51ea74b2267a747edcd0f7a1eeb5828ca676
GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
content-length: 879
cf-ray: 952112f85cb6ebcc-CPH
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-36f"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 530336
accept-ranges: bytes
server: cloudflare
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
200 OK 303 kB URL GET www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
File type JavaScript source, ASCII text, with very long lines (4971)
Size 303 kB (302848 bytes)
Hash dead2d751be903beb80aaad39e5627d1
58e6f157f10c22f7084192f40a044bff939838b3
96456c0862a8688d1f43c7629bf8c5e53aa6347b3a493a9577e7e2f604909d67
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jun 2025 06:47:16 GMT
expires: Thu, 19 Jun 2025 06:47:16 GMT
cache-control: private, max-age=900
last-modified: Thu, 19 Jun 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0
report-to: {"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
server: Google Tag Manager
content-length: 102134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET recordedthereby.com/sfp.js
200 OK 85 kB URL GET recordedthereby.com/sfp.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 61259d638d725553c719329d98075524
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 96
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2eLlQFTwYpZLWyrZhYFzSOkyLU5IivRoLBOUKfIIpvi4Vi%2FeQz26USFOOqLN44cJ50sMr1gnAEO31t9eFyiq28AyMMIre1UGfkyP%2B2AaWLMl1KjuXaaTII%2BRDVAweInEOCXYCOJlU0w%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.cachegorilla.com/redirect?feed=754963&auth=olGk&pubid=197570
cf-cache-status: DYNAMIC
cf-ray: 952113030ffd56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2369&min_rtt=376&rtt_var=1401&sent=150&recv=160&lost=0&retrans=2&sent_bytes=24935&recv_bytes=14259&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1572&inflight_dur=191&x=44"
GET my.imageflow.store/api/users/5187489555101542115/90263?fill=0&kw=file%20upload,share%20files,free%20upload
200 OK 1.9 kB URL GET my.imageflow.store/api/users/5187489555101542115/90263?fill=0&kw=file%20upload,share%20files,free%20upload
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
File type XML 1.0 document, ASCII text
Hash caed740e223c957a9026690ff1dce228
86a85d19c39f8850ceb58b55b60b743c63ee140e
0ddb266dcb50d5902a3d784455dae88119ddb492255b45921c1661c3dd44ec95
GET /api/users/5187489555101542115/90263?fill=0&kw=file%20upload,share%20files,free%20upload HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=cMm3zjA5DUFqKEmPYF2h
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
GET xml.xmlking.com/redirect?feed=754941&auth=mK3C&pubid=195183
200 OK 0 B URL GET xml.xmlking.com/redirect?feed=754941&auth=mK3C&pubid=195183
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint5F:CA:E1:A6:CB:14:F1:BB:52:66:BC:7B:3C:0E:33:A4:89:70:E1:5F
ValidityMon, 22 Jul 2024 00:00:00 GMT - Tue, 22 Jul 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754941&auth=mK3C&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
POST my.imageflow.store/api/pageview/88464?host=videzz.net&ev=220&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb&i=true&referrer=colegialacasero.com
200 OK 0 B URL POST my.imageflow.store/api/pageview/88464?host=videzz.net&ev=220&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb&i=true&referrer=colegialacasero.com
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/pageview/88464?host=videzz.net&ev=220&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb&i=true&referrer=colegialacasero.com HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=cMm3zjA5DUFqKEmPYF2h
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:19 GMT
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
GET videzz.net/css/videojs.5.min.css?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 170 kB URL GET videzz.net/css/videojs.5.min.css?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type ASCII text, with very long lines (50566)
Size 170 kB (170030 bytes)
Hash fd9e7c8760e8296582ec3127380c1dfe
678b1f3ad8c859bb84da239bab5e837d65fba390
b872d557a0ad8860869bbf63c49b7bd5c38bfe8f611766b73022e93994b4640d
GET /css/videojs.5.min.css?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: text/css
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-2982e"
expires: Sat, 19 Jul 2025 06:44:00 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET videzz.net/js/embed.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 4.5 kB URL GET videzz.net/js/embed.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (4483), with no line terminators
Hash b3415295ff8e1f9ac2ee3804686e8000
aa440d72b1f380d6b63cea2615984bddfd78c3d0
e5b0442a1e812c047177f669bec8d9f81678b0e26d4cc98c642a00da19ccb1b7
GET /js/embed.min.js?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-1183"
expires: Sat, 19 Jul 2025 06:44:33 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET xml.cachegorilla.com/redirect?feed=754963&auth=olGk&pubid=197570
200 OK 0 B URL GET xml.cachegorilla.com/redirect?feed=754963&auth=olGk&pubid=197570
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint1E:39:C2:D1:11:DE:4C:ED:E1:3E:BA:6E:CE:AF:6B:FA:81:EB:69:49
ValidityMon, 11 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754963&auth=olGk&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET capaciousdrewreligion.com/advertisers.js
200 OK 0 B URL GET capaciousdrewreligion.com/advertisers.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
ValidityFri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 74dd1811590b86e6e626043ce8f2a928
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET zv.7vid.net/api/users/10852483963485686115/2065411?fill=0&kw=file%20upload,share%20files,free%20upload
200 OK 1.7 kB URL GET zv.7vid.net/api/users/10852483963485686115/2065411?fill=0&kw=file%20upload,share%20files,free%20upload
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint0F:4D:7A:ED:9D:77:5E:06:14:C3:9E:91:06:73:B4:FE:43:3F:A1:06
ValidityMon, 12 May 2025 00:28:43 GMT - Sun, 10 Aug 2025 00:28:42 GMT
File type XML 1.0 document, ASCII text
Hash 7513571e15ef09375aa40fca09e4a299
a7b097f535fdf45b41e5440c5c66b3b1c6966dea
bfc567d35e2d5376184c2735c044d3429f7e66b1f2296cf66210f8b3d740c392
GET /api/users/10852483963485686115/2065411?fill=0&kw=file%20upload,share%20files,free%20upload HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=27tupkis7HoUvFAjg9Q7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
GET thursday55315.videocdnmetrika80.com/ads/banner.gif
200 OK 42 B URL GET thursday55315.videocdnmetrika80.com/ads/banner.gif
IP
Requested by https://thursday55315.videocdnmetrika80.com/f.php?sid=212515
Certificate IssuerGoogle Trust Services
Subjectvideocdnmetrika80.com
FingerprintBE:0F:74:88:49:5F:35:77:25:DB:F0:D9:94:46:65:A7:FE:1E:B1:A5
ValiditySun, 27 Apr 2025 19:26:18 GMT - Sat, 26 Jul 2025 20:25:02 GMT
File type GIF image data, version 89a, 1 x 1
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/banner.gif HTTP/1.1
Host: thursday55315.videocdnmetrika80.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thursday55315.videocdnmetrika80.com/f.php?sid=212515
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmYgTnwQ3hKrry9MP1X3kkDpTexl%2F6ZwapzXjhn9%2Fo1bpu1%2FGlOKOv9ArrPb2TuMskggIUJwLXslY5e9NQPdkvYLX92ybeVbcMLkbjpw%2FOfIQ6jyrQilQ8didTvVZXD0bPUlXZstGPQkciQErsIB4R1wOVgFOA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 05 Jul 2022 17:05:12 GMT
etag: "62c46f48-2a"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 952113073a3256be-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5715&min_rtt=1577&rtt_var=4082&sent=44&recv=43&lost=0&retrans=0&sent_bytes=5501&recv_bytes=3069&delivery_rate=384394&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15521&unsent_bytes=0&cid=20e8101946036eaa&ts=532&inflight_dur=11&x=44"
GET wearychallengeraise.com/pixel/sbs?c=1
200 OK 0 B URL GET wearychallengeraise.com/pixel/sbs?c=1
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:20 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET static.addtoany.com/menu/page.js
200 OK 3.2 kB URL GET static.addtoany.com/menu/page.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type JavaScript source, ASCII text, with very long lines (3179), with no line terminators
Hash 57b268c32627d8d13671f43be7c47b84
0eebe8bc9958922a2a354b4abdca2f4d326f49e9
53d16f311b01e5f9b5e7dcb2ec11b11e5ed23e155ed05727a7a42472d608118f
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
cf-ray: 952112f33ede5693-OSL
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
etag: W/"060b0026b51016bf08c9d4b4a73b7960"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unUAPN3B5wKbXhD0BGQH4p45HBcGXr1LGj9oYc6tgxnHw0vs0sXIXGrTV6oqDOfIM2I7sDI26oCHqMHqXepBRTtojVa1TcWhYjTBiD6CSEvke94bywgJalEE4%2BMIVcGmbQKlL%2FU9mU8XhV959C1FpcMc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 17631
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.o333o.com/vast-im.js
200 OK 319 kB IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint56:03:6C:C0:93:AB:C5:81:85:83:E0:1B:B6:1B:E7:B5:0E:37:48:81
ValidityMon, 18 Nov 2024 00:00:00 GMT - Tue, 09 Dec 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size 319 kB (318632 bytes)
Hash da0d8c423dbcf62d995e29a4fc7aa1d3
388b97710b17c984740c4a7b76e768a51df3447c
7b0e9b2d40030ef123764ff920f1fac77d572e6ee06fcca47927307c77cedcf9
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 20 May 2025 09:50:48 GMT
cache-control: max-age=315360000, public
last-modified: Tue, 20 May 2025 09:46:13 GMT
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
etag: W/"682c4f65-4dca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1ij9D65OFwPgZF7SJFoJkBUw97gK78rnZTTHmOCWXWyeORJ5oufLvg==
age: 2580988
X-Firefox-Spdy: h2
GET unseenreport.com/pxf.gif?uuid=&eb=261ac21b37834b7a6fd503b50244c53a&te=1f871680377679925981487981fe64fb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=1&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
200 OK 0 B URL GET unseenreport.com/pxf.gif?uuid=&eb=261ac21b37834b7a6fd503b50244c53a&te=1f871680377679925981487981fe64fb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=1&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=&eb=261ac21b37834b7a6fd503b50244c53a&te=1f871680377679925981487981fe64fb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=1&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 19 Jun 2025 06:47:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c5c66155b2c77255272e5231103d9b8c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET videzz.net/js/static.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 154 kB URL GET videzz.net/js/static.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 154 kB (153918 bytes)
Hash 7ce55a3a976ccc01c64062238ee5995f
a51b07ad6e48340321d25a74441b87cc4e64992a
2621b97006cce96850ec4f8461658f1b6f26d8f2e830071e52d6dfb338c3bb5f
GET /js/static.min.js?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-2593e"
expires: Sat, 19 Jul 2025 06:41:30 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/e6yMnW6
200 OK 237 B URL GET bid.bidclickmedia.com/sub/e6yMnW6
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 1cc9ee13daa3d976c6182acb7457299a
5f8592119388a9914082531f94529238c9a2c822
3157e02c084934d07c78ff730dd9c2ed5e885e2e44c38ed852550853364ac7f1
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92ECM2MhUYZekUdQGXBr%2FhjplG0T0az36dutIsajkm4Jj922hIwBY0nMx175%2FuxdSmhwmnvL0ifNhOmUD3jqbuz%2Bi%2FihhLKcLz1daisJJefm9mzIOoUus9LCxiqohGSfyJFgmavjudM%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbbfba56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3916&min_rtt=514&rtt_var=3600&sent=115&recv=137&lost=0&retrans=0&sent_bytes=9233&recv_bytes=9054&delivery_rate=433942&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=0701a4c47f253775&ts=427&inflight_dur=34&x=44"
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_1387bc200b5160496146770b97bba587.js
200 OK 21 kB URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_1387bc200b5160496146770b97bba587.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (2393)
Hash aa601b49d126c03386274b0f07696bda
c209b61d36d6ed82ddeb9c11fa8f81f1beb0a149
a5c9eb68cf56706ab1ea26f9fe46f0120dd869b29aa2f21cd13e11017c6508f9
GET /wp-content/cache/autoptimize/js/autoptimize_single_1387bc200b5160496146770b97bba587.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:45 GMT
vary: Accept-Encoding
etag: W/"6806f415-52fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js
200 OK 8.2 kB URL GET colegialacasero.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (8166)
Hash 7da243dd32c3bf034fc958b6537532df
3fd1e05cc9f0e2de539ed714843d059f606d2578
807419d5f60f78d0c2d04b0bf5e3f80410fe7ffaa2bfee30646e4c6f47838b4f
GET /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 00:40:16 GMT
vary: Accept-Encoding
etag: W/"67c8eef0-2016"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET xml.zeusadx.com/redirect?feed=754913&auth=p6zs&pubid=162319
200 OK 0 B URL GET xml.zeusadx.com/redirect?feed=754913&auth=p6zs&pubid=162319
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintB6:CE:F6:86:30:F6:C6:02:DE:C2:AB:6A:F8:96:D2:51:69:AE:B0:DB
ValiditySat, 19 Oct 2024 00:00:00 GMT - Tue, 18 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754913&auth=p6zs&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fjs%2Fscript.js&l=445&fd=195
200 OK 0 B URL GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fjs%2Fscript.js&l=445&fd=195
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Fjs%2Fscript.js&l=445&fd=195 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:20 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Hash 9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jun 2025 08:13:08 GMT
expires: Sat, 13 Jun 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 513255
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
ValidityMon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Hash 9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jun 2025 08:13:08 GMT
expires: Sat, 13 Jun 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 513255
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET videzz.net/embed-wfjktvnns0hl.html
200 OK 38 kB URL GET videzz.net/embed-wfjktvnns0hl.html
IP
ASN #213035 Des Capital B.V.
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type HTML document, ASCII text, with very long lines (1931), with CRLF, LF line terminators
Hash e2961c5bb6b106d8e643c864daa02ad4
2f3b21b389c65fe262f5d5f6a62bb5f7c5c82ae8
57a876de36f1ef09f6936d55bd2694400c5354e7720988e0f6e3d4957ef81a03
GET /embed-wfjktvnns0hl.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 18 Jun 2025 06:47:15 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Wed, 19-Jun-2024 06:47:15 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_a53a916adf48efefd5a2aa0861ebbc07.js
200 OK 11 kB URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_a53a916adf48efefd5a2aa0861ebbc07.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (11117), with no line terminators
Hash a53a916adf48efefd5a2aa0861ebbc07
46acfa0be9dd623a7aa9bceb1344c152a8adc13b
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
GET /wp-content/cache/autoptimize/js/autoptimize_single_a53a916adf48efefd5a2aa0861ebbc07.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:45 GMT
vary: Accept-Encoding
etag: W/"6806f415-2b6d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 96
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nflRc1R2fQki7MGDcl5K0esC0wrMdlbrpZIS2EB1JoxEUmoIOJISqPs%2BOE0eNxDM2Z3hSLwCydQjY8Fd5WKqnrgUS8Da%2BAodvbKubaZgndAe7aV7N5QMv4e5rPYV8AKzF0Ns0IVM9j0%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
cf-cache-status: DYNAMIC
cf-ray: 952113037ffe56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2254&min_rtt=376&rtt_var=1280&sent=153&recv=162&lost=0&retrans=2&sent_bytes=26031&recv_bytes=14772&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1645&inflight_dur=196&x=44"
GET www.googletagmanager.com/a?v=3&t=l&pid=714139817&rv=56g0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104779683~104791498~104791500&u=AAAAggAAAAAAAIAAAAAAAAE&h=Ag>m=45je56g0v9104348843za200&cl=1.6.0&ccid=104348843&cid=G-HEX1BG8H46&l=L1287.S101.B68.E3407.I2230.TC14.HTC0~gtm.init_consent.S3.V2.E484.TS5ogtdma.TI13.TE1~gtm.init.S3.V2.E480.TS5ogtautoevents.TI10.TE3.TS5ogtgasend.TI12.TE1.TS5ogt1pdatav2.TI15.TE4.TS5ccdgafirst.TI24.TE1.TS5setproductsettings.TI23.TE1.TS5ogtgooglesignals.TI22.TE1.TS5ccdgaregscope.TI21.TE7.TS5ccdempageview.TI20.TE3.TS5ccdconversionmarking.TI19.TE2.TS5ogteventcreate.TI18.TE3.TS5ccdautoredact.TI17.TE2.TS5ccdgalast.TI16.TE1~gtm.js.S2.V2.E444.TS5gct.TI7.TE349~gtm.dom.S1.V1.E236~gtm.load.S1.V1.E5
200 OK 0 B URL GET www.googletagmanager.com/a?v=3&t=l&pid=714139817&rv=56g0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104779683~104791498~104791500&u=AAAAggAAAAAAAIAAAAAAAAE&h=Ag>m=45je56g0v9104348843za200&cl=1.6.0&ccid=104348843&cid=G-HEX1BG8H46&l=L1287.S101.B68.E3407.I2230.TC14.HTC0~gtm.init_consent.S3.V2.E484.TS5ogtdma.TI13.TE1~gtm.init.S3.V2.E480.TS5ogtautoevents.TI10.TE3.TS5ogtgasend.TI12.TE1.TS5ogt1pdatav2.TI15.TE4.TS5ccdgafirst.TI24.TE1.TS5setproductsettings.TI23.TE1.TS5ogtgooglesignals.TI22.TE1.TS5ccdgaregscope.TI21.TE7.TS5ccdempageview.TI20.TE3.TS5ccdconversionmarking.TI19.TE2.TS5ogteventcreate.TI18.TE3.TS5ccdautoredact.TI17.TE2.TS5ccdgalast.TI16.TE1~gtm.js.S2.V2.E444.TS5gct.TI7.TE349~gtm.dom.S1.V1.E236~gtm.load.S1.V1.E5
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?v=3&t=l&pid=714139817&rv=56g0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684204~104684207~104718208~104779683~104791498~104791500&u=AAAAggAAAAAAAIAAAAAAAAE&h=Ag>m=45je56g0v9104348843za200&cl=1.6.0&ccid=104348843&cid=G-HEX1BG8H46&l=L1287.S101.B68.E3407.I2230.TC14.HTC0~gtm.init_consent.S3.V2.E484.TS5ogtdma.TI13.TE1~gtm.init.S3.V2.E480.TS5ogtautoevents.TI10.TE3.TS5ogtgasend.TI12.TE1.TS5ogt1pdatav2.TI15.TE4.TS5ccdgafirst.TI24.TE1.TS5setproductsettings.TI23.TE1.TS5ogtgooglesignals.TI22.TE1.TS5ccdgaregscope.TI21.TE7.TS5ccdempageview.TI20.TE3.TS5ccdconversionmarking.TI19.TE2.TS5ogteventcreate.TI18.TE3.TS5ccdautoredact.TI17.TE2.TS5ccdgalast.TI16.TE1~gtm.js.S2.V2.E444.TS5gct.TI7.TE349~gtm.dom.S1.V1.E236~gtm.load.S1.V1.E5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:893:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:893:0
report-to: {"group":"ascgcycc:893:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:893:0"}],}
date: Thu, 19 Jun 2025 06:47:23 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEJmb8xj4c0C7bAO8ke93%2FmIyjQxVO8AvEuhxuQe1%2BgM1JjwCX9I5VkVX90kYKEA2p2QAX%2B7uslZHC%2FpWnBwI%2F%2F675UgK1Xx%2Blk0jZUIlXHcxcQgY%2Fy0FmkH%2FmYzMnHrVO6Ae046NpY%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.xmlking.com/redirect?feed=754940&auth=v5B2&pubid=195183
cf-cache-status: DYNAMIC
cf-ray: 952113012ff656bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2264&min_rtt=376&rtt_var=1497&sent=141&recv=154&lost=0&retrans=1&sent_bytes=20623&recv_bytes=12721&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1272&inflight_dur=128&x=44"
GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/css/style.css
200 OK 10 kB URL GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/css/style.css
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
Hash 8e2b823b6de6509e79ba3d1e1ef6ef55
b937a4666fe32721cac699123ea78872acc839a0
6a0a6ae471e19a24f9f9a463718deb8570927f2c4ff9f0e292b2e44186d54a6a
GET /sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/css
server: cloudflare
last-modified: Thu, 15 May 2025 09:23:35 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6825b297-2718"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 60716
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H9fX6nWXJgeQK44ngVZMpKLnmUbnH1GRvLzUCcAxOVDx8TM20kAZ1iXbGu%2BBy8QrS%2FHCUaPJYMmxK%2FE3WF4FvrRYSIpglkNHtAH1NKYJfFwyPN33"}]}
cf-ray: 9521130c8bb7b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/img/icon.jpg
200 OK 83 kB URL GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/img/icon.jpg
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:10:08 13:05:00], progressive, precision 8, 300x250, components 3
Hash c2fddee308fa9307fdba4da688c779dd
2e14871fc39b9329c2fff4be6e7c047ccd0ea368
92a61bf7a1a834f046c9bd1c7b68df345151324f210720d829f1a36196a0a49b
GET /sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/img/icon.jpg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: image/jpeg
content-length: 82590
server: cloudflare
last-modified: Thu, 15 May 2025 09:23:37 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "6825b299-1429e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 65126
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=O1OuCgcSyIM27tYqj5ymMR8%2BegFJklwJyVVS1wZyhqvAVVRyun2RrihZDC6fcs37kqb2KdlbK%2BdxnL4yg%2FZ6bLQAbygYMXYHRQjLW47latijbe%2FW"}]}
cf-ray: 9521130d7ca4b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js
200 OK 1.8 kB URL GET colegialacasero.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (1769), with no line terminators
Hash d0b8782045cfa4462ac7b9d42ac16206
d9c822d53c2eb6a3296d40af31f57e47b4bd2c20
d565603114e33ec4e10b3837bec54e36ec89ce67be60d574e72e1d695f631eed
GET /wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Thu, 02 Jan 2025 23:38:38 GMT
vary: Accept-Encoding
etag: W/"6777237e-6e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_cac35097472938b3818d1dd7a41fe02d.js
200 OK 435 B URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_cac35097472938b3818d1dd7a41fe02d.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (435), with no line terminators
Hash 67ca0a2f163d25cfdb37b13312ac0d9b
70510056e841740637ca5c486d6640c85489d873
0c9216d36578e6f5370d3d6c657fb6bc88fe2cea130f0024c4979fe57fd08653
GET /wp-content/cache/autoptimize/js/autoptimize_single_cac35097472938b3818d1dd7a41fe02d.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:46 GMT
vary: Accept-Encoding
etag: W/"6806f416-1b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET mc.webvisor.org/watch/90175160?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42010112)fip(1)ti(1)
302 Found 631 B URL GET mc.webvisor.org/watch/90175160?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42010112)fip(1)ti(1)
IP
Requested by https://thursday55315.videocdnmetrika80.com/f.php?sid=212515
Certificate IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint4E:A6:D4:57:F5:B7:FB:C1:98:C0:40:D2:B8:FA:B4:10:43:09:41:94
ValiditySun, 09 Mar 2025 21:02:24 GMT - Sun, 31 Aug 2025 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/90175160?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42010112)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thursday55315.videocdnmetrika80.com/
Origin: https://thursday55315.videocdnmetrika80.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 19-Jun-2025 06:47:24 GMT
last-modified: Thu, 19-Jun-2025 06:47:24 GMT
set-cookie: yabs-sid=999300581750315644; Path=/; SameSite=None; Secure
i=QFyztqmN1MPh0+pi6HbP33RzVahJjIu0DVJW3oa2ilMorcOSFeYlrXOICszriFzv3Q9UDsX2QAhHmanC/SpslMIzPXo=; Expires=Sun, 17-Jun-2035 06:47:23 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=387175551750315644; Expires=Sun, 17-Jun-2035 06:47:23 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=387175551750315644; Expires=Fri, 19-Jun-2026 06:47:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1781851644.yrts.1750315644#1781851644.yrtsi.1750315644; Expires=Fri, 19-Jun-2026 06:47:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
bh=YPzkzsIGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.webvisor.org; Expires=Fri, 24 Jul 2026 06:47:24 GMT; SameSite=None; Secure
bh=YPzkzsIGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.webvisor.org; Expires=Fri, 24 Jul 2026 06:47:24 GMT; SameSite=None; Secure
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-xss-protection: 1; mode=block
access-control-allow-origin: https://thursday55315.videocdnmetrika80.com
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
location: /watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842010112%29fip%281%29ti%281%29&redirnss=1
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/svg/icons/reddit.js
200 OK 893 B URL GET static.addtoany.com/menu/svg/icons/reddit.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (893), with no line terminators
Hash 408cc755e613b4f00fbe10d7411ed087
14341990ed687477b3addbdd1a3b50ae8a98589b
68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbef56c9-OSL
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9C%2Bt33S%2Bu5EuxsCwWN%2FnyxHUAjW9UJiu1NjQbW%2Bf3i6gguTX6CjRBJE4uZMuPiCV2%2B2vm8fbrgwY%2FiMvQk3Gq1OCZmm6fEv%2BFnZgj%2BPxfnE6%2FIbe5Idrj1xx38AKIwxewTXrJVX81XWwDn%2B5acM8ho1O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 5871
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET my.artshelf.xyz/api/settings/59845
200 OK 32 B URL GET my.artshelf.xyz/api/settings/59845
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectadspy.hdthot.com
Fingerprint7F:9C:48:66:3D:20:EC:99:DD:D5:63:C9:EE:3F:9B:B7:34:9C:F1:92
ValidityWed, 18 Jun 2025 09:28:37 GMT - Tue, 16 Sep 2025 09:28:36 GMT
Hash 52d9d566f380ef9c68bdcb340bb98fad
fa27ce6ba67405ae79d038364cb138d9bb76c765
abf6cb03db6fc28578f4b01d616a6cf0cb5d6c793006cc8b13968c74ad1900c5
GET /api/settings/59845 HTTP/1.1
Host: my.artshelf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/31pnK5n
200 OK 232 B URL GET bid.bidclickmedia.com/sub/31pnK5n
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 6681a63a289089962ceb2eb4b0207596
eec65b0250e43d8a863f3412cf04ed3435075a9d
5eb21d985ddf668cf24a38310cfb1f431cad9017c5dc367faed925e40fe6551e
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4l0u%2FHffa9GHWh%2BbkxCRF9Gw54ghFAkza%2FBCfGmG7N%2BlA3tppzCZgGVkBfZX9UhS5rX2UU9fb%2F%2Fyhn1r6jFqKNoQZ%2B%2FacNTWyS8mqsrIFmt1Ct8%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112f8e96f7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&cx=c>m=457e56g0za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104791498~104791500
200 OK 375 kB URL GET www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&cx=c>m=457e56g0za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104791498~104791500
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
File type JavaScript source, ASCII text, with very long lines (7993)
Size 375 kB (374986 bytes)
Hash cf8b0b5cce24282578ffa9fd87d19315
a869bf8dd182e0b3cafe5941fc5438b20c766716
e3d67b8dcf742d971face12cfc0d3b072bf8dc97eeee2daa4b460c15a422f6b8
GET /gtag/js?id=G-HEX1BG8H46&cx=c>m=457e56g0za200&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104791498~104791500 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jun 2025 06:47:16 GMT
expires: Thu, 19 Jun 2025 06:47:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 128250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET highrevenuenetwork.com/97/85/38/9785383bf0d8f2fb611d938245088565.js
200 OK 65 kB URL GET highrevenuenetwork.com/97/85/38/9785383bf0d8f2fb611d938245088565.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecthighrevenuenetwork.com
Fingerprint26:B8:DF:CC:24:5D:58:87:D0:48:13:3D:13:AD:9B:02:4C:C5:7B:9E
ValidityFri, 06 Jun 2025 21:22:00 GMT - Thu, 04 Sep 2025 21:21:59 GMT
File type JavaScript source, ASCII text, with very long lines (65056), with no line terminators
Hash e3a4012870fb76f5f87ff08434e90951
e9a92230e37b12df781505264fba7264ef0bc903
7e3260b4556f0b7b7d97b7a459d2af78c176f3b1866217db457b528f7317a27e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: highrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:16 GMT
Content-Type: application/javascript
Content-Length: 23706
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 3
Host: highrevenuenetwork.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 96cd2bf95c130be310cd482e3eab8877
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 96
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DS%2FM59bIDPNmvBURWB03DQNviHZFtZbbCQfl9VdMAY65CHml0zl51MoqnILYcux9g73%2FI9%2BPAVLAJZDL7xLWBbViM7b5OnV3nFtXiBNMRaIJ%2FO1c4sdf%2BR%2Bz8NsNTO5TsyksNavZ6ow%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
cf-cache-status: DYNAMIC
cf-ray: 952113022ff856bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2093&min_rtt=376&rtt_var=1134&sent=146&recv=158&lost=0&retrans=1&sent_bytes=22782&recv_bytes=13746&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1432&inflight_dur=154&x=44"
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 31 kB URL GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/css; charset=utf-8
content-length: 5631
cf-ray: 952112f5bf8d56ca-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 15503
expires: Tue, 09 Jun 2026 06:47:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iU53qePAJi7bW6bNNYcg1BW9eLR9furTAXRLv5zolNvWEUMOwIhOfSRNyGo3fTPXn%2BFopWugmtJUDpDmjlVNAxBfQyWZBHk20YNjCSrjNjWltUZeiWPHAPY86jvi55z9ZSHy9sQ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET xml.xmlking.com/redirect?feed=754940&auth=v5B2&pubid=195183
200 OK 0 B URL GET xml.xmlking.com/redirect?feed=754940&auth=v5B2&pubid=195183
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint5F:CA:E1:A6:CB:14:F1:BB:52:66:BC:7B:3C:0E:33:A4:89:70:E1:5F
ValidityMon, 22 Jul 2024 00:00:00 GMT - Tue, 22 Jul 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754940&auth=v5B2&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET cdn.show-creative1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/index.html
200 OK 1.7 kB URL GET cdn.show-creative1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/index.html
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectshow-creative1.com
Fingerprint71:AE:E3:FA:6F:22:A3:9D:C5:0D:04:F8:E3:9F:A3:3C:E7:02:E6:9F
ValidityWed, 11 Jun 2025 18:52:57 GMT - Tue, 09 Sep 2025 19:50:24 GMT
File type HTML document, ASCII text
Hash b7b777322a94ad2e8e7e63e7a6cba4ee
a9752b8c18c12a7b27c2872edc7101244f985516
af9af43850af3a93ebb28a8a8d2bf10178dd1232d1acfc2523612f1c85516884
GET /sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/index.html HTTP/1.1
Host: cdn.show-creative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/html
server: cloudflare
last-modified: Thu, 05 Jun 2025 16:30:29 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6GPoNnsDnXXlQCJ7zqG5m3wxuT492sAA14%2FUOSjuAFSQWgDYoT4KWJi8vezvoB3ALMKNDOwLDfgVKM4C4GldLhGtC6xKXVXLJ9hSBYJNEE%2FjK3ej"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 952113077fa81c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET zap.buzz/Gllbj6M
302 Found 171 kB IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectzap.buzz
Fingerprint2B:41:A1:A3:AE:A1:17:14:8C:16:D3:BA:6B:96:55:82:B7:A9:C9:AB
ValiditySat, 17 May 2025 16:25:30 GMT - Fri, 15 Aug 2025 17:23:11 GMT
Size 171 kB (171076 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Gllbj6M HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/html; charset=utf-8
location: https://docuconv.com/convert/pdf2docx
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Cookie
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Zll207p49gieQkCTePC0WyGrR3a%2FfKhbPe%2FUWnwYYWsEP2NBxM3%2FhNJgrl0dLi7ETiXkViIwjQir5HwFW7HCJYuYhJfz9Q%3D%3D"}]}
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.aFOydw.4jLM6mq6yIMR-5lZDS6_GLY2Tss; HttpOnly; Path=/; Expires=Thu, 19 Jun 2025 07:17:19 GMT
cf-ray: 95211307ad365693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-includes/js/wp-emoji-release.min.js?ver=f74f721cf7a1442b3dffc1f75487f827
200 OK 19 kB URL GET colegialacasero.com/wp-includes/js/wp-emoji-release.min.js?ver=f74f721cf7a1442b3dffc1f75487f827
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (15752)
Hash b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=f74f721cf7a1442b3dffc1f75487f827 HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Sat, 18 May 2024 12:28:30 GMT
vary: Accept-Encoding
etag: W/"66489eee-4926"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/svg/icons/viber.js
200 OK 1.0 kB URL GET static.addtoany.com/menu/svg/icons/viber.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (1003), with no line terminators
Hash aeffbbeba6dd343b89fdc22cdf23f8c8
7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7
c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbf256c9-OSL
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"ab1da422605fdb35fd02440984d36475"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auqAwkQZebr2tB2%2FD9GrLQ5fKdGWD93fq8BbKvVgvzRWBBSsew7yhxPyZ3%2BVdC1CWRG96s0%2FOctJj1UwQ%2BlK3Ae6uAupwsoR%2BjtxeL3e%2FBXZY35k2obWcRlc2yAO30IkiQ1cRrMl81c7hAPd9EknASoB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 19953
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET bid.bidclickmedia.com/sub/Pj8pz0z
200 OK 232 B URL GET bid.bidclickmedia.com/sub/Pj8pz0z
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash bd324b12560192fae53a88d42456a237
6608a9f87887479751542bd2a567de64a2155454
482d57be9d80b58ccf56a59147f0e45b2331bee54be54aeedcb3b6ef07f425a4
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4AoOanymIgpou8IwEsYmhW19Ex0wWNX1D4Q2sg4klyYTcBVznNZ2piiMh64yTMiIjayeSikqb1JHz46s4%2BD2zs85vijhQVu0R2loGyD8PMVDTMo%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbbc057130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/css/animate.css
200 OK 79 kB URL GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/css/animate.css
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/css
server: cloudflare
last-modified: Thu, 15 May 2025 09:23:34 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6825b296-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 60716
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=j0CJz3kdMMpigOZAjw%2ByBUan1h4Y4kK4GxdLNPmmuWCaatH%2F04aH%2F%2FzsoqkmeFKAkWu1%2FoT6Kd52%2F04PAtjqbDF9URqceSN2K3%2Bj7clEFNHoGfWa"}]}
cf-ray: 9521130c9bc5b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s.magsrv.com/vregister.php?a=vview&errorcode=3&idzone=5075896&dg=7552138-NOR-114948602-3-0-1-0-InLine
200 OK 0 B URL GET s.magsrv.com/vregister.php?a=vview&errorcode=3&idzone=5075896&dg=7552138-NOR-114948602-3-0-1-0-InLine
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE1:20:8C:28:EE:7A:93:40:E0:BE:4B:F4:77:62:14:FC:23:07:AD:18
ValidityTue, 10 Jun 2025 10:16:21 GMT - Mon, 08 Sep 2025 10:16:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vregister.php?a=vview&errorcode=3&idzone=5075896&dg=7552138-NOR-114948602-3-0-1-0-InLine HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2232fc2a27d48227febae3dc6095288029%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v6%7C%7CNOR%7C5075896%7C114948602%7C264082%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1418362944%7Cvidezz.net%7C%7C%7C20%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1750315644%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7Cs.magsrv.com%7C%7C%7C%7C33302bbe752da31b4a62bb2300e553ad%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
GET maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 31 kB URL GET maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=1566c61038a4816d5983d1bea1fb7bdc
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 02/26/2025 14:41:39
cdn-proxyver: 1.19
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: e5ed04276bdd4223321f0ebf13905853
cdn-cache: HIT
cf-cache-status: HIT
age: 1882849
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 952112f34ed50afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/31pnK5n
200 OK 232 B URL GET bid.bidclickmedia.com/sub/31pnK5n
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 6681a63a289089962ceb2eb4b0207596
eec65b0250e43d8a863f3412cf04ed3435075a9d
5eb21d985ddf668cf24a38310cfb1f431cad9017c5dc367faed925e40fe6551e
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RKNUsWvknkyxPaM64f3DogCkqwZ7q2RqxfNjQkz43QtZ0eGUqCW0ro7X%2B9DxaYW66PjLn10owqvOkAVh3nw7oRz11cuKYdrQgARIC8k8I7U5pMk%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112f8f97c7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_19dcfda713415dc90873c0f20a05cf7a.js
200 OK 7.1 kB URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_19dcfda713415dc90873c0f20a05cf7a.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (7024)
Hash 19dcfda713415dc90873c0f20a05cf7a
50ebf3dc7fd383f37e8dba920511c2ba7e8f88d9
7441bfbef500640c4ad0dd5feaad70d05189da87b2f6ca017121797170f050a9
GET /wp-content/cache/autoptimize/js/autoptimize_single_19dcfda713415dc90873c0f20a05cf7a.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:45 GMT
vary: Accept-Encoding
etag: W/"6806f415-1be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
200 OK 0 B URL GET xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint1E:39:C2:D1:11:DE:4C:ED:E1:3E:BA:6E:CE:AF:6B:FA:81:EB:69:49
ValidityMon, 11 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754964&auth=BvOb&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET colegialacasero.com/wp-content/uploads/2020/02/LOGO-COLEGIALASENACCION-PNG.png
200 OK 28 kB URL GET colegialacasero.com/wp-content/uploads/2020/02/LOGO-COLEGIALASENACCION-PNG.png
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced
Hash 3a2e44b2e37ed337bf240e7b20f6cf0b
705092e899bb7f8b4ae8194fc9c694e801ff9221
33a0fc810da2cb37030c6ad27283c1f2ea117dc64412b220cfdea2f6453c42f3
GET /wp-content/uploads/2020/02/LOGO-COLEGIALASENACCION-PNG.png HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/png
content-length: 28414
last-modified: Thu, 11 May 2023 05:55:54 GMT
vary: Accept-Encoding
etag: "645c836a-6efe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET videzz.net/images-newtheme/attention.png
200 OK 6.4 kB URL GET videzz.net/images-newtheme/attention.png
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Hash d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 11 Jun 2025 12:18:22 GMT
etag: "6849740e-18e9"
expires: Sat, 19 Jul 2025 06:39:24 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tG2HhRnbptJGdWMQDQkdYx0Veq%2FPQAUqBqUuW%2BJOAWw2fR%2FlNf6zVVnVg73gUR5RSGoIN4d7ob8yr%2BGLy1Srndj3UrixZw7vxKkXjbmsvFNjAoqwTPkrP7Cw9ApFnVAbXGfAsTB3aqY%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.zeusadx.com/redirect?feed=754913&auth=p6zs&pubid=162319
cf-cache-status: DYNAMIC
cf-ray: 952112fc8fbd56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2874&min_rtt=376&rtt_var=3096&sent=123&recv=141&lost=0&retrans=0&sent_bytes=13177&recv_bytes=9652&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=534&inflight_dur=51&x=44"
GET tsyndicate.com/do2/fbe72c1f757e429daeeb9ec5b85bd018/vast?subid=%subid1%&categories=file+upload%2Cshare+files%2Cfree+upload
200 OK 4.2 kB URL GET tsyndicate.com/do2/fbe72c1f757e429daeeb9ec5b85bd018/vast?subid=%subid1%&categories=file+upload%2Cshare+files%2Cfree+upload
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint1D:36:B3:AC:76:33:5C:64:BB:85:FE:5B:BA:AC:41:0D:8B:F7:20:65
ValidityTue, 25 Mar 2025 00:07:40 GMT - Mon, 23 Jun 2025 00:07:39 GMT
File type XML 1.0 document, ASCII text, with very long lines (4179)
Hash b268b0c18c63f649636a60a8ea6e65e9
d5e675e1a32ad8ed7c8263e15a595de488c1c4b2
28e6072c13d65cc9d7fc149e457090802a6dad71f75b43ce969f49b6149fbb4d
GET /do2/fbe72c1f757e429daeeb9ec5b85bd018/vast?subid=%subid1%&categories=file+upload%2Cshare+files%2Cfree+upload HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, X-Forwarded-For, X-Real-IP, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy, Content-Type,Authorization, Nav-Ua-He-Mobile, Nav-Ua-He-Platform, Nav-Ua-He-Brands, Nav-Ua-He-Platformversion, Nav-Ua-He-Model, Nav-Ua-He-Architecture, Nav-Ua-He-Bitness, Nav-Ua-He-Fullversionlist, Nav-Ua-He-Uafullversion, Nav-Ua-He-Wow64
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-vast: 3.0
set-cookie: cookie_user_id=bfe988b1-8be0-4aca-baed-9be3647aec56; expires=Fri, 19 Dec 2025 06:47:19 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
permissions-policy: ch-ua-model=(self "https://tsyndicate.com"), ch-ua-platform-version=(self)
content-encoding: gzip
X-Firefox-Spdy: h2
GET pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnIA4ZNhTSaXMwxo0aMGbEqGFjRg6JbWRUvJhxY8ccG3EohMNmzMGEIsacealwDJqDbuqwYdNHQUA%3D&s=d7a1b7b9e14013a01bffe0ec810e83e3261935e91f649da0b013e04e2ce6d6b61750315639
200 OK 0 B URL GET pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnIA4ZNhTSaXMwxo0aMGbEqGFjRg6JbWRUvJhxY8ccG3EohMNmzMGEIsacealwDJqDbuqwYdNHQUA%3D&s=d7a1b7b9e14013a01bffe0ec810e83e3261935e91f649da0b013e04e2ce6d6b61750315639
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint1D:36:B3:AC:76:33:5C:64:BB:85:FE:5B:BA:AC:41:0D:8B:F7:20:65
ValidityTue, 25 Mar 2025 00:07:40 GMT - Mon, 23 Jun 2025 00:07:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnIA4ZNhTSaXMwxo0aMGbEqGFjRg6JbWRUvJhxY8ccG3EohMNmzMGEIsacealwDJqDbuqwYdNHQUA%3D&s=d7a1b7b9e14013a01bffe0ec810e83e3261935e91f649da0b013e04e2ce6d6b61750315639 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: cookie_user_id=bfe988b1-8be0-4aca-baed-9be3647aec56
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:25 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
GET wearychallengeraise.com/sbar.json?key=9785383bf0d8f2fb611d938245088565
200 OK 5.7 kB URL GET wearychallengeraise.com/sbar.json?key=9785383bf0d8f2fb611d938245088565
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash ba4d1cf1000858488aadaad761ea3b30
806676ed1931200a25f98018be6559be4f9fcdbd
fb80b8ba4b9d8f573ab1ce95cba73e55de1fb132d17a15a1b2434d8752473f06
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=9785383bf0d8f2fb611d938245088565 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://videzz.net
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
set-cookie: pdhtkv=true; expires=Fri, 20 Jun 2025 06:47:18 GMT; path=/; secure; SameSite=None
uncs=1; expires=Fri, 20 Jun 2025 06:47:18 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Fri, 20 Jun 2025 06:47:18 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Fri, 20 Jun 2025 06:47:18 GMT; path=/; secure; SameSite=None
u_pl19071529=1; expires=Fri, 20 Jun 2025 06:47:18 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 8
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6543424c1827ae03a8c541ffb3186cc5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET docuconv.com/convert/pdf2docx
200 OK 171 kB URL GET docuconv.com/convert/pdf2docx
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectdocuconv.com
Fingerprint79:AF:74:91:68:D2:39:70:0A:6F:7C:97:94:FF:78:95:4C:84:2B:1A
ValiditySun, 01 Jun 2025 10:34:10 GMT - Sat, 30 Aug 2025 11:32:46 GMT
File type HTML document, ASCII text, with very long lines (55131)
Size 171 kB (171076 bytes)
Hash 6487114a5b182634364b10d853bf6abb
48ab2017d577563171c2966c1aa93d376a6028c0
c9cacac990d56093e470cf9fddef7b119610a3d33bdd579f88d688dc08106c26
GET /convert/pdf2docx HTTP/1.1
Host: docuconv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WqEPQwpFtxluGBmVP%2FRB2m6oijZeC6vLjsjOqT6WjQ97DzChzLf9uczg82dPtQczzylEK0sd3LIA%2BeUlUZbav5oqUYONR3Mg4B0%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 95211308fcf256b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET iagrus.com/wnrw?aid=13773530692613982268&a=1
200 OK 0 B URL GET iagrus.com/wnrw?aid=13773530692613982268&a=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectiagrus.com
Fingerprint40:D9:35:55:1F:88:0A:3E:52:75:0F:B8:DF:38:57:66:38:12:D6:9B
ValidityThu, 05 Jun 2025 18:33:42 GMT - Wed, 03 Sep 2025 18:33:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wnrw?aid=13773530692613982268&a=1 HTTP/1.1
Host: iagrus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 19 Jun 2025 06:47:19 GMT
content-length: 0
access-control-allow-origin: https://videzz.net
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/js/script.js
200 OK 445 B URL GET cdn.creative-stat1.com/sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/js/script.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintEA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
ValidityWed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
Hash aaea974c4b82bbc952ae3de1d6302425
8fe1d7928b3b0d234e22d1f7a83c2fa611ceab77
0652d9a42ce8605bbf9e3e88d0f533cefc3e74f90448f9e00d960bd26a52cdce
GET /sb/notifications/utility/default/us/blog/Progamer/flip_icon/oct2024/4/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: application/javascript
content-length: 445
server: cloudflare
last-modified: Thu, 15 May 2025 09:23:39 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "6825b29b-1bd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 60716
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zUfPzZpUmeMLVJvzErgsZV1lNigOIJTF1Ji1Yzy9mNeG%2Fq5s2WJZ2iK6sy1WZ0%2BOEW0T%2B8iK1LtKxk3s6LzSYb5CO0XqWAAdb9GnDKwfcT5m%2BX78"}]}
cf-ray: 9521130c7ba2b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET my.imageflow.store/api/click/14587968290606056115?c=60&data[error]=3&data[errormsg]=
200 OK 0 B URL GET my.imageflow.store/api/click/14587968290606056115?c=60&data[error]=3&data[errormsg]=
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/14587968290606056115?c=60&data[error]=3&data[errormsg]= HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=cMm3zjA5DUFqKEmPYF2h
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:24 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
GET videzz.net/sw.js?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 42 kB URL GET videzz.net/sw.js?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (42324), with no line terminators
Hash 764aafd976dd9cd9f33279bfafa02908
e9ad856ec00bccfdcbe17b79113681685c943b8d
2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
GET /sw.js?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:37 GMT
vary: Accept-Encoding
etag: W/"6849741d-a554"
expires: Sat, 19 Jul 2025 06:41:15 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/sm.25.html#type=core&event=load
200 OK 716 B URL GET static.addtoany.com/menu/sm.25.html#type=core&event=load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type HTML document, ASCII text, with very long lines (624)
Hash 41b7ed0cbe240173eea85148fcba633e
39acd5fe099974486a1c9ba11ba0fe7be6bc97ca
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/html; charset=utf-8
cf-ray: 952112f8695d56c9-OSL
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsU5zqy706aGgNqT6ok%2BK7vwIO1tB%2Bvz%2BhzuvVoM6YnPGyfUphqfIUndzpuaCuWXI%2FtevzuDrcTD084fexBojYiBBMeeo16KcPp%2BHt7lCFQmdAAD915uTyGylQisQrJK5l3cK9FO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 16083
last-modified: Thu, 19 Jun 2025 02:19:13 GMT
priority: u=4,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET static.addtoany.com/menu/svg/icons/facebook.js
200 OK 429 B URL GET static.addtoany.com/menu/svg/icons/facebook.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (429), with no line terminators
Hash 014bcc757e484e12e3aea6c9d768fd4b
4c17157d0012f8002e4e6cf77c5f4a9747792cf4
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbee56c9-OSL
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"68925fa8e347041c6006837e73c518bc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xp%2BhF6pzZASFjk4AZg221lQOjXu6scUjRgx8rfwBRa3LW0hervtkOEqFixv1pqPLpsJYqsVnH%2Brz9i3ADS75dl%2BO0cXyboN9TR5rIKHlIv5H61byA1xg2Ex2hqXlOueqsVQxdxelQ%2FGZ81Ni2g%2FuJBao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 19954
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET experttrafficcounter.com/stats
200 OK 40 B URL GET experttrafficcounter.com/stats
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerAmazon
Subjectexperttrafficcounter.com
FingerprintCE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
ValidityTue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5d7c6ff80c775d3ba4c2d53689390759
80c9a399b9affe9c627c4de1b55aea98f7a1b2ed
6a8cdbc534eb1aadd6fc23f1d4884c5dc029deabf43d1bd2e29379fb937dd7fd
GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=d2dc779b-53ba-4f8d-a259-a8a0daa590ad:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
GET unseenreport.com/pxf.gif?uuid=&eb=261ac21b37834b7a6fd503b50244c53a&te=1f871680377679925981487981fe64fb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=1&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
200 OK 0 B URL GET unseenreport.com/pxf.gif?uuid=&eb=261ac21b37834b7a6fd503b50244c53a&te=1f871680377679925981487981fe64fb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=1&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
ValiditySat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=&eb=261ac21b37834b7a6fd503b50244c53a&te=1f871680377679925981487981fe64fb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=1&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 19 Jun 2025 06:47:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b6b2169e4c63274561173017e4db3181
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnIA4ZNhTSaXMwxo0aMGbEqGFjRg6JbWRUvJhxY8ccG3EohMNmzMGEIsacealwDJqDbuqwYdNHQUA%3D&s=d7a1b7b9e14013a01bffe0ec810e83e3261935e91f649da0b013e04e2ce6d6b61750315639
200 OK 0 B URL GET pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnIA4ZNhTSaXMwxo0aMGbEqGFjRg6JbWRUvJhxY8ccG3EohMNmzMGEIsacealwDJqDbuqwYdNHQUA%3D&s=d7a1b7b9e14013a01bffe0ec810e83e3261935e91f649da0b013e04e2ce6d6b61750315639
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecttsyndicate.com
Fingerprint1D:36:B3:AC:76:33:5C:64:BB:85:FE:5B:BA:AC:41:0D:8B:F7:20:65
ValidityTue, 25 Mar 2025 00:07:40 GMT - Mon, 23 Jun 2025 00:07:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnIA4ZNhTSaXMwxo0aMGbEqGFjRg6JbWRUvJhxY8ccG3EohMNmzMGEIsacealwDJqDbuqwYdNHQUA%3D&s=d7a1b7b9e14013a01bffe0ec810e83e3261935e91f649da0b013e04e2ce6d6b61750315639 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: cookie_user_id=bfe988b1-8be0-4aca-baed-9be3647aec56
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:25 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
GET sutean.com/admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=e2ffa054fa26c255c9651bbfa478cbb6&f=8&tz=0
200 OK 0 B URL GET sutean.com/admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=e2ffa054fa26c255c9651bbfa478cbb6&f=8&tz=0
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectsutean.com
FingerprintFF:01:97:1D:20:7C:F0:F7:6B:5D:06:AE:1C:72:56:2B:05:5E:23:0A
ValidityTue, 15 Apr 2025 02:42:51 GMT - Mon, 14 Jul 2025 02:42:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /admc?a=2&pid=1000284&sid=1183099&wid=419486&fp=e2ffa054fa26c255c9651bbfa478cbb6&f=8&tz=0 HTTP/1.1
Host: sutean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 19 Jun 2025 06:47:18 GMT
content-length: 0
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 14 kB URL GET colegialacasero.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
vary: Accept-Encoding
etag: W/"6482bd64-3509"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
POST bid.bidclickmedia.com/load
302 Found 0 B URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Mf8iNdQABQnWpyaQk8bRmMyx8mvaLhj8svVZ74GyArqvVMqCK0JBuyMX8dadMgSy6qVsHAwhzofT%2FDFwIjbQpPgI97bJPaWPtzWm0hTEr5Pio88%2FmzIgXH5NvyLvlcF1UurDUXFET0%3D"}],"group":"cf-nel","max_age":604800}
location: https://xml.xmlking.com/redirect?feed=754940&auth=v5B2&pubid=195183
cf-cache-status: DYNAMIC
cf-ray: 95211300bfec56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2338&min_rtt=376&rtt_var=2460&sent=138&recv=151&lost=0&retrans=1&sent_bytes=19542&recv_bytes=12164&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=1210&inflight_dur=103&x=44"
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Findex.html&l=1700&fd=595
200 OK 0 B URL GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Findex.html&l=1700&fd=595
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamer%2Fflip_icon%2Foct2024%2F4%2Findex.html&l=1700&fd=595 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:19 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_e3496d6390d48acce9f23d5ea67d6ec5.js
200 OK 525 B URL GET colegialacasero.com/wp-content/cache/autoptimize/js/autoptimize_single_e3496d6390d48acce9f23d5ea67d6ec5.js
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type JavaScript source, ASCII text, with very long lines (525), with no line terminators
Hash 8a9d789c75f85104cbd156bda46b5dfe
15f8399dc47479d817931748bbca5b86fa982f57
4e4bbf304954c1fb062a46729a50888d2fb1dab036c5bf044c27b06e8ef87035
GET /wp-content/cache/autoptimize/js/autoptimize_single_e3496d6390d48acce9f23d5ea67d6ec5.js HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:14 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 01:42:45 GMT
vary: Accept-Encoding
etag: W/"6806f415-20d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/e6yMnW6
200 OK 237 B URL GET bid.bidclickmedia.com/sub/e6yMnW6
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 1cc9ee13daa3d976c6182acb7457299a
5f8592119388a9914082531f94529238c9a2c822
3157e02c084934d07c78ff730dd9c2ed5e885e2e44c38ed852550853364ac7f1
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0LSZ8nR9YFOEC9sZBYnnaGMXwjCXowFBTwB5eQZfjvizdTnGom5ugj%2BvVcgR5zsKK9y99JT%2FaoZPVDI%2BIqf1B0Ac7vnNEEke4mHdCbpOgTAf165N6Tw6YRkTakyW2v9iX643oZMAlw%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbbfb956bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3916&min_rtt=514&rtt_var=3600&sent=117&recv=137&lost=0&retrans=0&sent_bytes=10759&recv_bytes=9054&delivery_rate=433942&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=0701a4c47f253775&ts=428&inflight_dur=34&x=44"
GET u3y8v8u4.aucdn.net/library/934790/2a4fe8f697584e2a4b37cfb43aa1d290fd2b8221.mp4
206 Partial Content 3.5 MB URL GET u3y8v8u4.aucdn.net/library/934790/2a4fe8f697584e2a4b37cfb43aa1d290fd2b8221.mp4
IP
ASN #60068 Datacamp Limited
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
ValiditySat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size 3.5 MB (3534541 bytes)
Hash 7fec402e90373111f55e6da9cab27c3c
2a4fe8f697584e2a4b37cfb43aa1d290fd2b8221
3be458a1eab7541ab8e37b16f276f90e1a7e9d39a46bf9e568a60fb027e1801f
GET /library/934790/2a4fe8f697584e2a4b37cfb43aa1d290fd2b8221.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Thu, 19 Jun 2025 06:47:24 GMT
content-type: video/mp4
content-length: 3534541
last-modified: Wed, 21 May 2025 06:15:39 GMT
etag: "682d6f8b-35eecd"
expires: Thu, 21 May 2026 06:50:02 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap01-sec01-prg1-1
x-77-nzt: EwwBuUwJGwH38hQmAAwBuUwKAQH3AiUAAAwBnJIhHwG37gAAAA
x-77-nzt-ray: fdb54123c8aff66b7cb2536824ff7020
x-77-cache: HIT
x-77-age: 2495730
server: CDN77-Turbo
x-77-pop: stockholmSE
content-range: bytes 0-3534540/3534541
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/Zj8D76R
200 OK 232 B URL GET bid.bidclickmedia.com/sub/Zj8D76R
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 654ee3b618a1b435874489cb76be6981
54f23b09808a27ba3cdcf0aa2e7fb492b30edd42
894004870b702874569d112a39a2149b1fd12e7dfce559ef13ed6e461b5ce79a
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=15o1s270edFlbUt2Qo%2Fmho5J2vUCH%2Fu%2B5%2BYft5NRtNrQYmwXVy8YlaDoFRhLzLTrlDxz8%2BjkrBTV4eShaxgfe6%2FdSAfXBAzdM5ae6BZKbA9tq9k%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112f909987130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-TF7CDNVE74
200 OK 371 kB URL GET www.googletagmanager.com/gtag/js?id=G-TF7CDNVE74
IP
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint93:AC:F6:E3:CB:D8:8F:95:04:0C:A1:34:97:CB:ED:C4:F9:99:EB:12
ValidityMon, 19 May 2025 08:41:43 GMT - Mon, 11 Aug 2025 08:41:42 GMT
File type JavaScript source, ASCII text, with very long lines (5913)
Size 371 kB (371399 bytes)
Hash d8303aa70dcdfcaae1e2c9131b25d69f
a24ed3a181f9251cbc17c3a6f483f55bcb9ade94
8317efe57159d17a757315a8c8e96f38fb68f4821704064f4d19a95612c74db1
GET /gtag/js?id=G-TF7CDNVE74 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://colegialacasero.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jun 2025 06:47:15 GMT
expires: Thu, 19 Jun 2025 06:47:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 127014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
200 OK 0 B URL GET xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint1E:39:C2:D1:11:DE:4C:ED:E1:3E:BA:6E:CE:AF:6B:FA:81:EB:69:49
ValidityMon, 11 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754964&auth=BvOb&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET colegialacasero.com/wp-content/themes/torotube/img/transparent.gif
200 OK 43 B URL GET colegialacasero.com/wp-content/themes/torotube/img/transparent.gif
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /wp-content/themes/torotube/img/transparent.gif HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Cookie: _ga_TF7CDNVE74=GS2.1.s1750315635$o1$g0$t1750315635$j60$l0$h0; _ga=GA1.1.1367394051.1750315635
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/gif
content-length: 43
last-modified: Sat, 30 May 2020 12:49:14 GMT
vary: Accept-Encoding
etag: "5ed2564a-2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
POST bid.bidclickmedia.com/load
302 Found 171 kB URL POST bid.bidclickmedia.com/load
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
Size 171 kB (171076 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 68
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/ED7DjzA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQLOss3JLXd2ux%2B7r0zMP2SbquoowooYvABeVTF9MgObtZMnfI5%2FOAzfw1i2aVFzZvfuV4LZNry%2BnZBxWn7VGsPW6btRwMoS6R4n%2FypdTv%2BZEIx5EkE0MfUpKHT3GPLjIUYrZK1nTIw%3D"}],"group":"cf-nel","max_age":604800}
location: https://36.us.xmlap.com/feed/?link=true&tid=36
cf-cache-status: DYNAMIC
cf-ray: 952112fcffc056bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3163&min_rtt=376&rtt_var=2886&sent=129&recv=145&lost=0&retrans=0&sent_bytes=15345&recv_bytes=10643&delivery_rate=746496&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=13386&unsent_bytes=0&cid=0701a4c47f253775&ts=610&inflight_dur=64&x=44"
GET wearychallengeraise.com/ren.gif?sid=H4sIAAAAAAAC_1RSQWskRRSunl28KKiLeBFhYBFckElPT89kxhzEuEaCMYmblSCeqruqJ2Vqutqq6u7JnIIB2eN4E0-Vb5IN6iKrR0GQiQdhRdjxlMPmoD9B2LPMZGD0Qb33vvdVwffeqy-O80sSIqcX2x-ogZCSLjVrfvX1XZEyVZrq5t1q3a_5K9VdkbbClWp_6nTxZr0R1vxb1fd4vK-WAr_u-3W_Xl0TmieqvzRjIbIHnXqt49fCoFZvhujr_2OTezDUAysuyQ0INnn-7-QTiHiMtPfwNjf7VmVvvNvLJbVKo2BnH6X7qSpT9BZpoj0k6dn8NpSZEPJVBSo9m3cAVZxMO0AkJqTy8hNE6dlcJqLi9EppJMFTROxZlMUYXI4h6BixOoJgjwkQM2xuIe3d31S6pAdXLJ2yE3L96T8Q5YRcf_IS0t73q1L0qztK5lao1KCfOIj-GKI7Rpafww4qEOU5Yvs5BPuDLD3dQNo72TJSQTA3614kY0g-BDUe8ukRHvLEQ5556LGLaui3w7hOG62kw-JlP6RhyHjkd9qB79NOvIw8nkobwmZDxHKIWB8i04fYF0Po_BeYPQfDPBg7Id6HhyiYQ8kJSkNQUoJSEJSWoCzcKZMmMO4-kyaP6vMYzGPDjZTtHtNTZbs8JaB6CM3cicg-M0eI7bXRIDFspKaORtaNaMTccXZJXpxOzrtZuYV9flHtLLebjXYjSnzWToIkatXrrNNoB2HTb7ebrSaMcBCmMhvIQEzIa8lPyMSEPPcbQUTPYeQ5YvECaP4qaOlA9xwG6UPKcmlrhWBqQGspt2DKIbPXYQ-8Y3lJXpnt7-O_KuDxIzI3xNoh0w6fil8JuvLe6I4qyckdVRryw1ZmRU8M6HS3O5Za_sy37_ODUmm2ftsMv3k7nhLT9MFdbuwGTZlIu4Z8tyoY43pN6ZiTn9fNLo-2c7O3mus0zza231lb72WaGyNUOgYVj28GiMWE3Piaz35t8PsKhB5D5w69fKFUqDHi7BAmW9SMItBygaPMQ5m7kQ6iRVEKAskXmEYO5j84WuQjTaevqXDH5h662gO1R0h7DoV2KKQDlUOY_NrIZvrRW382ZoZIeqNIau8kklp-eTVkIy6qzSBqtNrtFk9aLGmwRtBgnabPOyHttMJO2IQ1k72dH4t_AwAA__-FapgvlwQAAA==
200 OK 0 B URL GET wearychallengeraise.com/ren.gif?sid=H4sIAAAAAAAC_1RSQWskRRSunl28KKiLeBFhYBFckElPT89kxhzEuEaCMYmblSCeqruqJ2Vqutqq6u7JnIIB2eN4E0-Vb5IN6iKrR0GQiQdhRdjxlMPmoD9B2LPMZGD0Qb33vvdVwffeqy-O80sSIqcX2x-ogZCSLjVrfvX1XZEyVZrq5t1q3a_5K9VdkbbClWp_6nTxZr0R1vxb1fd4vK-WAr_u-3W_Xl0TmieqvzRjIbIHnXqt49fCoFZvhujr_2OTezDUAysuyQ0INnn-7-QTiHiMtPfwNjf7VmVvvNvLJbVKo2BnH6X7qSpT9BZpoj0k6dn8NpSZEPJVBSo9m3cAVZxMO0AkJqTy8hNE6dlcJqLi9EppJMFTROxZlMUYXI4h6BixOoJgjwkQM2xuIe3d31S6pAdXLJ2yE3L96T8Q5YRcf_IS0t73q1L0qztK5lao1KCfOIj-GKI7Rpafww4qEOU5Yvs5BPuDLD3dQNo72TJSQTA3614kY0g-BDUe8ukRHvLEQ5556LGLaui3w7hOG62kw-JlP6RhyHjkd9qB79NOvIw8nkobwmZDxHKIWB8i04fYF0Po_BeYPQfDPBg7Id6HhyiYQ8kJSkNQUoJSEJSWoCzcKZMmMO4-kyaP6vMYzGPDjZTtHtNTZbs8JaB6CM3cicg-M0eI7bXRIDFspKaORtaNaMTccXZJXpxOzrtZuYV9flHtLLebjXYjSnzWToIkatXrrNNoB2HTb7ebrSaMcBCmMhvIQEzIa8lPyMSEPPcbQUTPYeQ5YvECaP4qaOlA9xwG6UPKcmlrhWBqQGspt2DKIbPXYQ-8Y3lJXpnt7-O_KuDxIzI3xNoh0w6fil8JuvLe6I4qyckdVRryw1ZmRU8M6HS3O5Za_sy37_ODUmm2ftsMv3k7nhLT9MFdbuwGTZlIu4Z8tyoY43pN6ZiTn9fNLo-2c7O3mus0zza231lb72WaGyNUOgYVj28GiMWE3Piaz35t8PsKhB5D5w69fKFUqDHi7BAmW9SMItBygaPMQ5m7kQ6iRVEKAskXmEYO5j84WuQjTaevqXDH5h662gO1R0h7DoV2KKQDlUOY_NrIZvrRW382ZoZIeqNIau8kklp-eTVkIy6qzSBqtNrtFk9aLGmwRtBgnabPOyHttMJO2IQ1k72dH4t_AwAA__-FapgvlwQAAA==
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC_1RSQWskRRSunl28KKiLeBFhYBFckElPT89kxhzEuEaCMYmblSCeqruqJ2Vqutqq6u7JnIIB2eN4E0-Vb5IN6iKrR0GQiQdhRdjxlMPmoD9B2LPMZGD0Qb33vvdVwffeqy-O80sSIqcX2x-ogZCSLjVrfvX1XZEyVZrq5t1q3a_5K9VdkbbClWp_6nTxZr0R1vxb1fd4vK-WAr_u-3W_Xl0TmieqvzRjIbIHnXqt49fCoFZvhujr_2OTezDUAysuyQ0INnn-7-QTiHiMtPfwNjf7VmVvvNvLJbVKo2BnH6X7qSpT9BZpoj0k6dn8NpSZEPJVBSo9m3cAVZxMO0AkJqTy8hNE6dlcJqLi9EppJMFTROxZlMUYXI4h6BixOoJgjwkQM2xuIe3d31S6pAdXLJ2yE3L96T8Q5YRcf_IS0t73q1L0qztK5lao1KCfOIj-GKI7Rpafww4qEOU5Yvs5BPuDLD3dQNo72TJSQTA3614kY0g-BDUe8ukRHvLEQ5556LGLaui3w7hOG62kw-JlP6RhyHjkd9qB79NOvIw8nkobwmZDxHKIWB8i04fYF0Po_BeYPQfDPBg7Id6HhyiYQ8kJSkNQUoJSEJSWoCzcKZMmMO4-kyaP6vMYzGPDjZTtHtNTZbs8JaB6CM3cicg-M0eI7bXRIDFspKaORtaNaMTccXZJXpxOzrtZuYV9flHtLLebjXYjSnzWToIkatXrrNNoB2HTb7ebrSaMcBCmMhvIQEzIa8lPyMSEPPcbQUTPYeQ5YvECaP4qaOlA9xwG6UPKcmlrhWBqQGspt2DKIbPXYQ-8Y3lJXpnt7-O_KuDxIzI3xNoh0w6fil8JuvLe6I4qyckdVRryw1ZmRU8M6HS3O5Za_sy37_ODUmm2ftsMv3k7nhLT9MFdbuwGTZlIu4Z8tyoY43pN6ZiTn9fNLo-2c7O3mus0zza231lb72WaGyNUOgYVj28GiMWE3Piaz35t8PsKhB5D5w69fKFUqDHi7BAmW9SMItBygaPMQ5m7kQ6iRVEKAskXmEYO5j84WuQjTaevqXDH5h662gO1R0h7DoV2KKQDlUOY_NrIZvrRW382ZoZIeqNIau8kklp-eTVkIy6qzSBqtNrtFk9aLGmwRtBgnabPOyHttMJO2IQ1k72dH4t_AwAA__-FapgvlwQAAA== HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl19071529=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a0abe6982083a886a35e109883ac4ed8
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET my.artshelf.xyz/api/users/59845?host=videzz.net&ev=220&wh=556&ww=856&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb&i=1&referrer=colegialacasero.com&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521&fs1=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html
200 OK 682 B URL GET my.artshelf.xyz/api/users/59845?host=videzz.net&ev=220&wh=556&ww=856&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb&i=1&referrer=colegialacasero.com&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521&fs1=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectadspy.hdthot.com
Fingerprint7F:9C:48:66:3D:20:EC:99:DD:D5:63:C9:EE:3F:9B:B7:34:9C:F1:92
ValidityWed, 18 Jun 2025 09:28:37 GMT - Tue, 16 Sep 2025 09:28:36 GMT
File type ASCII text, with very long lines (386)
Hash 44dd17ce61ba546dbbf9cc727029237d
12533ef818900056fbe5b8f71e3a5e77a6f482fd
e1214d2b5e3c2ddff93d4e0b16aa331621963f95c2c456291825682ce6e58841
GET /api/users/59845?host=videzz.net&ev=220&wh=556&ww=856&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb&i=1&referrer=colegialacasero.com&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=123521&fs1=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html HTTP/1.1
Host: my.artshelf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=vQiFmiBJfCz81UFZgYgq; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
GET bid.bidclickmedia.com/sub/0YDX8OE
200 OK 232 B URL GET bid.bidclickmedia.com/sub/0YDX8OE
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 380c5c17a3a59ae9657477c3318b2720
8c62dd77522636a000c7059175df8a7becfcb6aa
50598333847583c73e4d740eba5833a0d75f91f9eb6067a4c7f7e02d2d90aca8
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WVzS7ueOyZ3p4hdbxJZ3b9O8yV4pfVYs%2FcDWlrut05BDGqSxn5nDWe88kyr4ueVlxGvn7yMRTLpJVnAT73JKqtY9h6QC%2FNP0z5D6ejAIZJ5kDqM%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fb7bc77130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET xml.cachegorilla.com/redirect?feed=754963&auth=olGk&pubid=197570
200 OK 0 B URL GET xml.cachegorilla.com/redirect?feed=754963&auth=olGk&pubid=197570
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint1E:39:C2:D1:11:DE:4C:ED:E1:3E:BA:6E:CE:AF:6B:FA:81:EB:69:49
ValidityMon, 11 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754963&auth=olGk&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 17 kB URL GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintFF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
ValidityMon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT
File type ASCII text, with very long lines (1572)
Hash e9d2e14beb088f37fae98294940a9dcd
1dafc3c55550249c8c2d782d5616c7b445c8e005
f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jun 2025 06:47:20 GMT
date: Thu, 19 Jun 2025 06:47:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET static.addtoany.com/menu/svg/icons/telegram.js
200 OK 360 B URL GET static.addtoany.com/menu/svg/icons/telegram.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (360), with no line terminators
Hash 48f25c508c92c3601cf047609318001f
59117e825084c63a0dda48edec82c14a60e16f23
6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbf056c9-OSL
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"fb47b4f6548b6499923a1beed7472419"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fm1CjshnfS3X7YTjX%2FbfgJxkcWo44DP3OvjPpqnlq4d6SvvuREJvQXRB3yn24YTpZFiPg79o6HGWRYH0jm8eupWPQgcxyqExGRoHrRTg1E56oztBG%2BjoKMG7UyVc6ejCGwoycoyC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 15723
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET static.addtoany.com/menu/svg/icons/whatsapp.js
200 OK 1.1 kB URL GET static.addtoany.com/menu/svg/icons/whatsapp.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectstatic.addtoany.com
Fingerprint8B:39:17:06:F0:14:1F:A9:7D:B6:A5:4C:2A:E2:27:1B:B5:60:2D:7E
ValidityWed, 30 Apr 2025 05:02:07 GMT - Tue, 29 Jul 2025 06:01:59 GMT
File type ASCII text, with very long lines (1108), with no line terminators
Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873
fb477a11167000a30e45369e686ec43dd62d026b
c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: application/javascript
cf-ray: 952112facbf456c9-OSL
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"83af4df8173e43227812296bb8542dcf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKAK3UpXBsxo2ur%2BY1Iq19NKOpzEuInWbF769K4WuITAaTUT%2FmRW3gJxwL6O8Htae2BDknHnJAOw%2FRrI0fRg91sGn3Zkz3HagmCUxHKfxoyJHH%2F1%2B7MD%2F8baUv%2FH29d9KsYzNwHI8qfdx7SjSVHOwF8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 23961
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET bid.bidclickmedia.com/sub/31bV2Jy
200 OK 237 B URL GET bid.bidclickmedia.com/sub/31bV2Jy
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbidclickmedia.com
Fingerprint2B:74:CA:6F:9D:47:DC:4E:9A:60:CF:E1:23:60:E7:50:64:35:B7:E6
ValiditySun, 18 May 2025 13:00:32 GMT - Sat, 16 Aug 2025 13:58:47 GMT
File type HTML document, ASCII text
Hash 4c54c2e01c157f168fc4eeb667d9d99b
aa1895ea4f4c3782a606db8b77b5b15d2c0d9c74
052520fc62b23b1e4314551c120511f7e3d609bf0cff89fac2953957dd34271b
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZz9BAAQK7B%2FMBVylwYGjI3a6nIx0K1I5NfmQFF8AmQmJZwSHTHtOi3hc98z00L91N1MSmCMU3tV3EVV10kvfDa0aZS4WLZ4mhSZ%2FaMLTUUMaWm4EKWKnRDJxOuB%2BO%2B%2Fue1kKS4MDQM%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 952112fbcfbb56bf-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3916&min_rtt=514&rtt_var=3600&sent=120&recv=137&lost=0&retrans=0&sent_bytes=11617&recv_bytes=9054&delivery_rate=433942&ss_exit_cwnd=14923&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=0701a4c47f253775&ts=429&inflight_dur=36&x=44"
GET xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
200 OK 0 B URL GET xml.cachegorilla.com/redirect?feed=754964&auth=BvOb&pubid=197570
IP
ASN #27257 WEBAIR-INTERNET
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint1E:39:C2:D1:11:DE:4C:ED:E1:3E:BA:6E:CE:AF:6B:FA:81:EB:69:49
ValidityMon, 11 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=754964&auth=BvOb&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
GET vast.yomeno.xyz/report?katds_ep=aU8WaO4qHxlHagoZYavXjTOEMTJ_EEOI8PzY52LLsLzm7H13JDTzpj8mQ1A6Q5KOJNMTDJyC8WQL3SBUpjrP4iAycZ8qHduTOTmwHLtQi84610OPZSYQpzZTh2AgLOGJUBd7cyuEQ54NxiemQ9BohSPJ7s7BtQTNQt33gy2mKu2yHKmBAtTqSZL6JCEXMIYkxM0gfRbFPjHoCVvWwg4ArZ0RAdAm5cZdNtIOt_rE9wXlJ__rcHuBF6CcWXV9-4X2Cw7o9623UualmQih391yYsvdPZaQ_5U_QyjGfYEz1zqKH1iB_dtgIK-Pt_N1c_G6SOfxEGGD95SWDba_rgoVvpxRiuOH5rWTfSbNiLCx0rWLPSCI0HfWbSrD8HCFACNIr1eBRWTQyD-WDYDQBu9_bItcQt19jby9TGwA19iB76wIVVXKmEMnkAfeD5y89i0ZUaN3VyD9Z3_XiLvjebsaEJVxKO5mjSiCc0oxxN0F9qtsTrE54S8NK7_XUKtkRqzA57Wq4A8&error=400
204 No Content 0 B URL GET vast.yomeno.xyz/report?katds_ep=aU8WaO4qHxlHagoZYavXjTOEMTJ_EEOI8PzY52LLsLzm7H13JDTzpj8mQ1A6Q5KOJNMTDJyC8WQL3SBUpjrP4iAycZ8qHduTOTmwHLtQi84610OPZSYQpzZTh2AgLOGJUBd7cyuEQ54NxiemQ9BohSPJ7s7BtQTNQt33gy2mKu2yHKmBAtTqSZL6JCEXMIYkxM0gfRbFPjHoCVvWwg4ArZ0RAdAm5cZdNtIOt_rE9wXlJ__rcHuBF6CcWXV9-4X2Cw7o9623UualmQih391yYsvdPZaQ_5U_QyjGfYEz1zqKH1iB_dtgIK-Pt_N1c_G6SOfxEGGD95SWDba_rgoVvpxRiuOH5rWTfSbNiLCx0rWLPSCI0HfWbSrD8HCFACNIr1eBRWTQyD-WDYDQBu9_bItcQt19jby9TGwA19iB76wIVVXKmEMnkAfeD5y89i0ZUaN3VyD9Z3_XiLvjebsaEJVxKO5mjSiCc0oxxN0F9qtsTrE54S8NK7_XUKtkRqzA57Wq4A8&error=400
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvast.yomeno.xyz
Fingerprint8B:6A:4D:FB:A4:A1:8B:3B:9F:CA:01:82:F0:42:F1:27:57:DE:C7:33
ValidityWed, 04 Jun 2025 03:21:44 GMT - Tue, 02 Sep 2025 03:21:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /report?katds_ep=aU8WaO4qHxlHagoZYavXjTOEMTJ_EEOI8PzY52LLsLzm7H13JDTzpj8mQ1A6Q5KOJNMTDJyC8WQL3SBUpjrP4iAycZ8qHduTOTmwHLtQi84610OPZSYQpzZTh2AgLOGJUBd7cyuEQ54NxiemQ9BohSPJ7s7BtQTNQt33gy2mKu2yHKmBAtTqSZL6JCEXMIYkxM0gfRbFPjHoCVvWwg4ArZ0RAdAm5cZdNtIOt_rE9wXlJ__rcHuBF6CcWXV9-4X2Cw7o9623UualmQih391yYsvdPZaQ_5U_QyjGfYEz1zqKH1iB_dtgIK-Pt_N1c_G6SOfxEGGD95SWDba_rgoVvpxRiuOH5rWTfSbNiLCx0rWLPSCI0HfWbSrD8HCFACNIr1eBRWTQyD-WDYDQBu9_bItcQt19jby9TGwA19iB76wIVVXKmEMnkAfeD5y89i0ZUaN3VyD9Z3_XiLvjebsaEJVxKO5mjSiCc0oxxN0F9qtsTrE54S8NK7_XUKtkRqzA57Wq4A8&error=400 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 19 Jun 2025 06:47:24 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
GET mc.webvisor.org/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842010112%29fip%281%29ti%281%29&redirnss=1
200 OK 631 B URL GET mc.webvisor.org/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842010112%29fip%281%29ti%281%29&redirnss=1
IP
Requested by https://thursday55315.videocdnmetrika80.com/f.php?sid=212515
Certificate IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint4E:A6:D4:57:F5:B7:FB:C1:98:C0:40:D2:B8:FA:B4:10:43:09:41:94
ValiditySun, 09 Mar 2025 21:02:24 GMT - Sun, 31 Aug 2025 20:59:59 GMT
Hash 55a2cda5c12d2bee406d525860a59158
fef24615f9d79a3128a4861414ab1ee5fff1b951
83c59a805a03ec95cb369d98464dfef69134cbe9dce3575f6a506b780fd926a3
GET /watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fthursday55315.videocdnmetrika80.com%2Ff.php%3Fsid%3D212515&page-ref=https%3A%2F%2Fvidezz.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Ai3icr3vaukx00kohb9n4iafmppwf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2091%3Acn%3A1%3Adp%3A0%3Als%3A1467465486206%3Ahid%3A531692985%3Az%3A0%3Ai%3A20250619064722%3Aet%3A1750315643%3Ac%3A1%3Arn%3A588230137%3Arqn%3A1%3Au%3A1750315640244759110%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C536%2C3%2C1785%2C1785%2C0%2C883%3Aco%3A0%3Acpf%3A1%3Ans%3A1750315638074%3Aadb%3A1%3Afip%3A984436ac90aa563b7c760146dea8c506-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1750315644%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842010112%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thursday55315.videocdnmetrika80.com
Referer: https://thursday55315.videocdnmetrika80.com/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=999300581750315644; i=QFyztqmN1MPh0+pi6HbP33RzVahJjIu0DVJW3oa2ilMorcOSFeYlrXOICszriFzv3Q9UDsX2QAhHmanC/SpslMIzPXo=; yandexuid=387175551750315644; yuidss=387175551750315644; ymex=1781851644.yrts.1750315644#1781851644.yrtsi.1750315644; bh=YPzkzsIGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 631
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 19-Jun-2025 06:47:25 GMT
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
pragma: no-cache
access-control-allow-origin: https://thursday55315.videocdnmetrika80.com
x-xss-protection: 1; mode=block
last-modified: Thu, 19-Jun-2025 06:47:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET colegialacasero.com/wp-content/uploads/2021/06/colegiala-se-deja-lamer-su-panocha-por-su-perro.png
200 OK 34 kB URL GET colegialacasero.com/wp-content/uploads/2021/06/colegiala-se-deja-lamer-su-panocha-por-su-perro.png
IP
ASN #206264 Amarutu Technology Ltd
Requested by https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
Certificate IssuerLet's Encrypt
Subjectcolegialacasero.com
FingerprintFA:62:4E:A0:56:E1:7F:B5:88:DB:47:27:F0:46:0D:4A:4A:E0:10:F9
ValidityMon, 19 May 2025 06:11:59 GMT - Sun, 17 Aug 2025 06:11:58 GMT
File type PNG image data, 300 x 250, 8-bit colormap, non-interlaced
Hash 3fed9d56ff9090631a07cbd01dd02a66
de10d9aee8625566fe7414505c07375612d83bec
ab456b486f54418cabaa37c9adfd737bf926814ef4951b154d080b3b10f6a552
GET /wp-content/uploads/2021/06/colegiala-se-deja-lamer-su-panocha-por-su-perro.png HTTP/1.1
Host: colegialacasero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colegialacasero.com/follando-a-colegiala-traviesa-en-el-salon/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: image/png
content-length: 34345
last-modified: Thu, 11 May 2023 06:27:16 GMT
vary: Accept-Encoding
etag: "645c8ac4-8629"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET my.imageflow.store/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&referrer=colegialacasero.com&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb
200 OK 958 B URL GET my.imageflow.store/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&referrer=colegialacasero.com&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
File type XML 1.0 document, ASCII text
Hash fa625d294caffacebe4964a515c37539
b554afc1c50b4f2ceba6d57b8d75792f6e14029f
51e42a6b02e6386da4f6e3db1bc74c808d4eafc79ba7b540d1145f5ce8f92d6b
GET /api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-wfjktvnns0hl.html&referrer=colegialacasero.com&sid=94b7d833-2397-45fa-af4a-4cf38c3bb1bb HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=cMm3zjA5DUFqKEmPYF2h; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
GET wearychallengeraise.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js
200 OK 105 kB URL GET wearychallengeraise.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (104900 bytes)
Hash 25466c58f3f763b5b4136d22f5f7087a
a6afe61f5e0b899c4cfe607a8b2d70f74523aa80
c820e453aae6e2d5fc150b0c0f43b00040464b10f5a1edbbfc66e99a79e3d80b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:17 GMT
Content-Type: application/javascript
Content-Length: 32655
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 5
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 154213f3cea7504abe32453673272264
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET s.magsrv.com/vregister.php?a=vview&errorcode=400&idzone=5075896&dg=7552138-NOR-114948602-3-0-1-0-InLine
200 OK 0 B URL GET s.magsrv.com/vregister.php?a=vview&errorcode=400&idzone=5075896&dg=7552138-NOR-114948602-3-0-1-0-InLine
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE1:20:8C:28:EE:7A:93:40:E0:BE:4B:F4:77:62:14:FC:23:07:AD:18
ValidityTue, 10 Jun 2025 10:16:21 GMT - Mon, 08 Sep 2025 10:16:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vregister.php?a=vview&errorcode=400&idzone=5075896&dg=7552138-NOR-114948602-3-0-1-0-InLine HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2232fc2a27d48227febae3dc6095288029%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v6%7C%7CNOR%7C5075896%7C114948602%7C264082%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1418362944%7Cvidezz.net%7C%7C%7C20%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1750315644%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7Cs.magsrv.com%7C%7C%7C%7C33302bbe752da31b4a62bb2300e553ad%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
GET maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 19 Jun 2025 06:47:18 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.07
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/15/2024 13:12:06
cdn-edgestorageid: 1233
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 932fe4deada90aee0b4256cb2d8f3bc0
cdn-cache: HIT
cf-cache-status: HIT
age: 11454
accept-ranges: bytes
priority: u=4,i=?0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 952113030e1c56b7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET my.imageflow.store/api/click/14587968290606056115?c=60&data[error]=400&data[errormsg]=
200 OK 0 B URL GET my.imageflow.store/api/click/14587968290606056115?c=60&data[error]=400&data[errormsg]=
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/14587968290606056115?c=60&data[error]=400&data[errormsg]= HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=cMm3zjA5DUFqKEmPYF2h
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:24 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2
GET videzz.net/js/videojs.5.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
200 OK 416 kB URL GET videzz.net/js/videojs.5.min.js?v=1566c61038a4816d5983d1bea1fb7bdc
IP
ASN #213035 Des Capital B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint98:BA:98:44:85:01:47:DD:AC:0E:8E:57:56:68:F7:A5:17:C9:72:E5
ValidityThu, 12 Jun 2025 00:12:36 GMT - Wed, 10 Sep 2025 00:12:35 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 416 kB (416345 bytes)
Hash b9b5a388274193283c81801023d5e4da
c01c585bb4a23fc5021c5ce6c9807be42884a131
1cd5c25073614f32bfe3502d5271effdac6c82b5cf24ca71e8e620a9ff6a25b6
GET /js/videojs.5.min.js?v=1566c61038a4816d5983d1bea1fb7bdc HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-wfjktvnns0hl.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
last-modified: Wed, 11 Jun 2025 12:18:32 GMT
vary: Accept-Encoding
etag: W/"68497418-65a59"
expires: Sat, 19 Jul 2025 06:39:42 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
GET cr.aveuglediking.com/1clkn/14903
200 OK 6 B URL GET cr.aveuglediking.com/1clkn/14903
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectcr.aveuglediking.com
FingerprintE6:A1:3F:9F:0F:DC:F6:42:FF:1E:E4:46:96:F0:E9:11:2E:56:F9:A4
ValidityWed, 07 May 2025 07:50:56 GMT - Tue, 05 Aug 2025 07:50:55 GMT
File type ASCII text, with no line terminators
Hash 9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /1clkn/14903 HTTP/1.1
Host: cr.aveuglediking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Fri, 20-Jun-2025 06:47:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 20-Jun-2025 06:47:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET recordedthereby.com/sfp.js
200 OK 85 kB URL GET recordedthereby.com/sfp.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectrecordedthereby.com
Fingerprint43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
ValidityMon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 108625937affa4b38bb17cea65510d72
2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:17 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6a487e51680ffe85c367288ef415e6e2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET str31.vidoza.net/nvl4dixg5eeuieno3wzqhhnimxe5ejjfpp7xhd5w4e5i6lav64u6hv2gezla/v.mp4
206 Partial Content 770 kB URL GET str31.vidoza.net/nvl4dixg5eeuieno3wzqhhnimxe5ejjfpp7xhd5w4e5i6lav64u6hv2gezla/v.mp4
IP
ASN #49453 Global Layer B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectvidoza.net
Fingerprint30:B9:25:E1:B3:D8:08:56:59:9D:36:3F:93:9E:B9:FA:BD:B5:75:9E
ValidityFri, 28 Mar 2025 00:21:37 GMT - Thu, 26 Jun 2025 00:21:36 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size 770 kB (770030 bytes)
Hash 78e6def3514702374729fed517b2660e
0cedf43a38f2d8f18cda000c284721e2a0925441
86ec7d97ddaab705be7b8312106e0386c9fc0b13ca1fad978dd0737d5fc430df
GET /nvl4dixg5eeuieno3wzqhhnimxe5ejjfpp7xhd5w4e5i6lav64u6hv2gezla/v.mp4 HTTP/1.1
Host: str31.vidoza.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Thu, 19 Jun 2025 06:47:16 GMT
content-type: video/mp4
content-length: 17285377
last-modified: Tue, 27 Dec 2022 08:19:21 GMT
etag: "63aaaa89-107c101"
content-range: bytes 0-17285376/17285377
X-Firefox-Spdy: h2
GET iagrus.com/wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiJ2aWRlenoubmV0IiwibGkiOjF9&tz=0&if=1&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLXdmamt0dm5uczBobC5odG1s&inc=1
200 OK 459 B URL GET iagrus.com/wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiJ2aWRlenoubmV0IiwibGkiOjF9&tz=0&if=1&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLXdmamt0dm5uczBobC5odG1s&inc=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectiagrus.com
Fingerprint40:D9:35:55:1F:88:0A:3E:52:75:0F:B8:DF:38:57:66:38:12:D6:9B
ValidityThu, 05 Jun 2025 18:33:42 GMT - Wed, 03 Sep 2025 18:33:41 GMT
Hash b0d7f5dc33a37dc1a567f96bb726dfbe
cf60cd7198172c0cb8d5b1a42caa5cb8630abec6
6597a8fc6182530cbb74bfe825f4d00ccfd0c19c11f1ac127d8f210b0780012a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wnload?a=1&e=aeyJwaWQiOjEwMDAyODQsInNpZCI6MTE4MzA5OSwid2lkIjo0MTk0ODYsImQiOiJ2aWRlenoubmV0IiwibGkiOjF9&tz=0&if=1&u=aHR0cHM6Ly92aWRlenoubmV0L2VtYmVkLXdmamt0dm5uczBobC5odG1s&inc=1 HTTP/1.1
Host: iagrus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
GET video.fixesnetwork.com/vst.php?sub=826&tag=11692
200 OK 261 B URL GET video.fixesnetwork.com/vst.php?sub=826&tag=11692
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectfixesnetwork.com
FingerprintB1:77:FB:23:64:18:91:AC:7F:F8:C9:26:73:96:E4:A6:68:72:AA:CA
ValiditySat, 17 May 2025 09:57:57 GMT - Fri, 15 Aug 2025 10:55:24 GMT
Hash 04dbb6c18f140a73f408bab68794f30d
9ccf29635191051c602211f813e23aa0c0d98665
c8f258f82dad4923bcf0909b4537ae885940d394897fe40b80f5410ee47b698d
GET /vst.php?sub=826&tag=11692 HTTP/1.1
Host: video.fixesnetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/xml;charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-powered-by: PHP/7.4.33, PleskLin
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options: nosniff
access-control-allow-origin: https://videzz.net
content-encoding: br
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VesmAyCIrucZiJsmpAeh%2FF0tG0UET7rEGWP%2BvDlbanikC%2FSM9nvg5wbBDFkggnaJuyMBrWBSCZXOfMtVP6bBc5%2F%2FBxKTkDkxi27rLLsu%2B%2FtMG37u"}]}
cf-ray: 9521130bcbe0712f-OSL
X-Firefox-Spdy: h2
GET my.imageflow.store/henYKwb.js
200 OK 319 kB URL GET my.imageflow.store/henYKwb.js
IP
ASN #24940 Hetzner Online GmbH
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjecta.edbl.space
Fingerprint64:7A:31:A1:1E:DB:80:24:B2:BD:D4:81:B7:78:2D:17:EA:3A:33:C9
ValidityTue, 20 May 2025 21:28:39 GMT - Mon, 18 Aug 2025 21:28:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size 319 kB (318632 bytes)
Hash da0d8c423dbcf62d995e29a4fc7aa1d3
388b97710b17c984740c4a7b76e768a51df3447c
7b0e9b2d40030ef123764ff920f1fac77d572e6ee06fcca47927307c77cedcf9
GET /henYKwb.js HTTP/1.1
Host: my.imageflow.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jun 2025 06:47:15 GMT
content-type: application/javascript
content-length: 89851
last-modified: Tue, 20 May 2025 09:46:13 GMT
vary: Accept-Encoding
etag: "682c4f65-15efb"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1424990
cf-ray: 94b2d4abba9adf68-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
GET wearychallengeraise.com/pixel/purst?dl=0&th=0&sc=0&rs=2857&rd=2857&fd=694&bv=25.5.2579&tmpl=136
200 OK 0 B URL GET wearychallengeraise.com/pixel/purst?dl=0&th=0&sc=0&rs=2857&rd=2857&fd=694&bv=25.5.2579&tmpl=136
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectwearychallengeraise.com
FingerprintC2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
ValidityThu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2857&rd=2857&fd=694&bv=25.5.2579&tmpl=136 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 19 Jun 2025 06:47:18 GMT
Content-Length: 0
Connection: keep-alive
Host: wearychallengeraise.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET videocdnshop.com/vidozza.js
200 OK 341 B URL GET videocdnshop.com/vidozza.js
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectvideocdnshop.com
FingerprintA4:A0:5F:AC:89:B6:59:A8:45:5A:A3:63:95:D8:F6:61:0C:9E:B4:21
ValidityTue, 06 May 2025 03:31:07 GMT - Mon, 04 Aug 2025 04:29:40 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 7d86a21c346b680b52bc246c9631e441
344eb519a6cb269ca856fa3d8d3e2058b48909e2
63193372b355651fe097ad7dca25a2cd060a03f44ed927691e365a321852da86
GET /vidozza.js HTTP/1.1
Host: videocdnshop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:17 GMT
content-type: application/javascript
server: cloudflare
last-modified: Sat, 15 Mar 2025 12:33:18 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=USepzmZq0Pz6bBt52V2MMv1beBcaGrHbhPcA9mDjkRZWECJxV9Y%2FFUuIT8uBhF4brBvPmdFdbVriiaZtyzwQ9BseIkcfqdUYmZFOqS%2F%2F"}]}
age: 737
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"67d5738e-155"
content-encoding: br
cf-ray: 952112fe3bfa0b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET udzpel.com/template/dark.html
200 OK 5.0 kB URL GET udzpel.com/template/dark.html
IP
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerGoogle Trust Services
Subjectudzpel.com
Fingerprint9F:EB:5E:5E:F6:0A:7A:A1:9B:B6:CD:51:72:4F:B8:35:DA:89:71:BD
ValidityTue, 10 Jun 2025 14:07:59 GMT - Mon, 08 Sep 2025 15:06:34 GMT
File type HTML document, ASCII text, with very long lines (4959), with no line terminators
Hash 6a2826b9f4dcb6ce900d380cb99ff9f1
f53e7ddc0f280034a6801f471b0b90cb820ff432
8069f7d1e6b8a2d641dc76a20035a55e132d5dde949089a74ab119d0095ee4a8
GET /template/dark.html HTTP/1.1
Host: udzpel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 19 Jun 2025 06:47:19 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: https://videzz.net
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Qp2QwB1u5tWxNSpHAVweJ5BJElpAcnQ4OC2WO%2FX09NRYEy%2F2b5%2BSslBSo90%2F6Epb733wimQOZprL7Ulv7dbY0SwrWEmUGmr0"}]}
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Thu, 19 Jun 2025 06:47:18 GMT
content-encoding: br
cf-ray: 952113077886b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s.magsrv.com/splash.php?idzone=5075896&sub=1418362944&ad_tags=
200 OK 15 kB URL GET s.magsrv.com/splash.php?idzone=5075896&sub=1418362944&ad_tags=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://videzz.net/embed-wfjktvnns0hl.html
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintE1:20:8C:28:EE:7A:93:40:E0:BE:4B:F4:77:62:14:FC:23:07:AD:18
ValidityTue, 10 Jun 2025 10:16:21 GMT - Mon, 08 Sep 2025 10:16:20 GMT
File type XML 1.0 document, ASCII text, with very long lines (2084)
Hash 167aeb9d9468562432109f8e5bddcd15
5478360dbe2c882ad0f1dde9ace7886c1432475b
805b5b199f4cbcbcb07a8d73b2983fcec273bd7999c82d18ed899dbf920daaf0
GET /splash.php?idzone=5075896&sub=1418362944&ad_tags= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jun 2025 06:47:24 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2232fc2a27d48227febae3dc6095288029%22%3B%7D; expires=Sat, 19 Jun 2027 06:47:24 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v6%7C%7CNOR%7C5075896%7C114948602%7C264082%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C1418362944%7Cvidezz.net%7C%7C%7C20%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1750315644%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7Cs.magsrv.com%7C%7C%7C%7C33302bbe752da31b4a62bb2300e553ad%7Cok%22%7D; expires=Thu, 26 Jun 2025 06:47:24 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
45.139.122.226
173.239.53.20
172.67.133.15
91.216.220.24
35.158.254.216
37.27.230.125
87.250.251.119
185.76.9.27
94.242.247.27
192.243.59.12
0.0.0.0